public function post()
{
$comment = pc_base::load_app_class('comment');
$id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : '';
$SITE = siteinfo($this->siteid);
$username = param::get_cookie('_username', $SITE['name'] . L('phpcms_friends'));
$userid = param::get_cookie('_userid');
$comment_setting_db = pc_base::load_model('comment_setting_model');
$setting = $comment_setting_db->get_one(array('siteid' => $this->siteid));
if (!empty($setting)) {
//是否允许游客
if (!$setting['guest']) {
if (!$username || !$userid) {
//$this->_show_msg(L('landing_users_to_comment'), HTTP_REFERER);
die(json_encode(array('msg' => '必须登录才可以评论!', 'status' => 400)));
}
}
if ($setting['code']) {
$session_storage = 'session_' . pc_base::load_config('system', 'session_storage');
pc_base::load_sys_class($session_storage);
session_start();
//$code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : $this->_show_msg(L('please_enter_code'), HTTP_REFERER);
$code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : '';
if (!$code) {
die(json_encode(array('msg' => '请输入验证码!', 'status' => 400)));
}
if ($code != $_SESSION['code']) {
//$this->_show_msg(L('code_error'), HTTP_REFERER);
die(json_encode(array('msg' => '验证码错误!', 'status' => 400)));
}
}
}
//通过API接口调用数据的标题、URL地址
if (!($data = get_comment_api($this->commentid))) {
$this->_show_msg(L('illegal_parameters'));
} else {
$title = $data['title'];
$url = $data['url'];
unset($data);
}
if (strpos($url, APP_PATH) === 0) {
$domain = APP_PATH;
} else {
$urls = parse_url($url);
$domain = $urls['scheme'] . '://' . $urls['host'] . (isset($urls['port']) && !empty($urls['port']) ? ":" . $urls['port'] : '') . '/';
}
//$content = isset($_POST['content']) && trim($_POST['content']) ? trim($_POST['content']) : $this->_show_msg(L('please_enter_content'), HTTP_REFERER);
$content = isset($_POST['content']) && trim($_POST['content']) ? trim($_POST['content']) : '';
if (!$content) {
die(json_encode(array('msg' => '请填写类容!', 'status' => 400)));
} elseif (strlen($content) <= 10) {
die(json_encode(array('msg' => '内容过少!', 'status' => 400)));
}
$direction = isset($_POST['direction']) && intval($_POST['direction']) ? intval($_POST['direction']) : '';
$data = array('userid' => $userid, 'username' => $username, 'content' => $content, 'direction' => $direction);
$comment->add($this->commentid, $this->siteid, $data, $id, $title, $url);
echo json_encode(array('msg' => '评论成功!', 'status' => 200, 'posTdata' => array('username' => $username, 'content' => $content, 'postTime' => date('Y-m-d H:i:s', time()))));
//$this->_show_msg($comment->get_error()."<iframe width='0' id='top_src' height='0' src='$domain/js.html?200'></iframe>", (in_array($comment->msg_code, array(0,7)) ? HTTP_REFERER : ''), (in_array($comment->msg_code, array(0,7)) ? 1 : 0));
}
public function genreYML()
{
header('content-type: text/xml');
$ci = ShopCore::$ci;
$pictureBaseUrl = base_url() . "uploads/shop/products/main/";
/* @var $p SProducts */
foreach ($this->getProducts() as $p) {
/* @var $v SProductVariants */
foreach ($p->getProductVariants() as $v) {
if (!$v->getPrice()) {
continue;
}
$unique_id = $p->getId() . $v->getId();
$param = ShopCore::app()->SPropertiesRenderer->renderPropertiesArray($p);
$this->offers[$unique_id]['url'] = ShopCore::$ci->config->item('base_url') . '/shop/product/' . $p->url;
$this->offers[$unique_id]['price'] = $v->getPrice();
$this->offers[$unique_id]['currencyId'] = $this->currencyCode;
$this->offers[$unique_id]['categoryId'] = $p->getCategoryId();
$this->offers[$unique_id]['picture'] = $pictureBaseUrl . $v->getMainImage();
$images = null;
$images = $p->getSProductImagess();
if (count($images) > 0) {
foreach ($images as $key => $image) {
$this->offers[$unique_id]['picture' . $key] = productImageUrl('products/additional/' . $image->getImageName());
}
}
$this->offers[$unique_id]['name'] = $this->forName($p->getName(), $v->getName());
$this->offers[$unique_id]['vendor'] = $p->getBrand() ? htmlspecialchars($p->getBrand()->getName()) : ' ';
$this->offers[$unique_id]['vendorCode'] = $v->getNumber() ? htmlspecialchars($v->getNumber()) : ' ';
$this->offers[$unique_id]['description'] = htmlspecialchars($p->getFullDescription());
$this->db->select('value');
$this->db->where('id', 1);
$query = $this->db->get('mod_yandex_market_adalt');
$adalt = $query->row_array();
if ($adalt['value'] == 1) {
$this->offers[$unique_id]['adult'] = 'true';
}
$this->offers[$unique_id]['param'] = $param;
}
}
echo '<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE yml_catalog SYSTEM "shops.dtd">
<yml_catalog date="' . date('Y-m-d H:i') . '">
<shop>
<name>' . $this->settings['site_short_title'] . '</name>
<company>' . $this->settings['site_title'] . '</company>
<url>' . $ci->config->item('base_url') . '</url>
<platform>ImageCMS</platform>
<version>' . IMAGECMS_NUMBER . '</version>
<email>' . siteinfo('siteinfo_adminemail') . '</email>';
echo "\n\n";
echo '<currencies>
<currency id="' . $this->currencyCode . '" rate="1"/>
</currencies>' . "\n\n";
echo $this->renderCategories();
echo $this->renderOffers();
echo "</shop>\n";
echo "</yml_catalog>";
}
public function post()
{
$reviews = pc_base::load_app_class('reviews');
$id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : '';
$SITE = siteinfo($this->siteid);
$username = param::get_cookie('_username', $SITE['name'] . L('phpcms_friends'));
$userid = param::get_cookie('_userid');
$reviews_setting_db = pc_base::load_model('reviews_setting_model');
$setting = $reviews_setting_db->get_one(array('siteid' => $this->siteid));
if (!empty($setting)) {
//是否允许游客
if (!$setting['guest']) {
if (!$username || !$userid) {
$this->_show_msg(L('landing_users_to_comment'), HTTP_REFERER);
}
}
if ($setting['code']) {
$session_storage = 'session_' . pc_base::load_config('system', 'session_storage');
pc_base::load_sys_class($session_storage);
session_start();
$code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : $this->_show_msg(L('please_enter_code'), HTTP_REFERER);
if ($code != $_SESSION['code']) {
$this->_show_msg(L('code_error'), HTTP_REFERER);
}
}
}
//通过API接口调用数据的标题、URL地址
if (!($data = get_comment_api($this->reviewsid))) {
$this->_show_msg(L('illegal_parameters'));
} else {
$title = $data['title'];
$url = $data['url'];
unset($data);
}
if (strpos($url, APP_PATH) === 0) {
$domain = APP_PATH;
} else {
$urls = parse_url($url);
$domain = $urls['scheme'] . '://' . $urls['host'] . (isset($urls['port']) && !empty($urls['port']) ? ":" . $urls['port'] : '') . '/';
}
// $content = isset($_POST['content']) && trim($_POST['content']) ? trim($_POST['content']) : $this->_show_msg(L('please_enter_content'), HTTP_REFERER);
$content = isset($_POST['content']) && trim($_POST['content']) ? trim($_POST['content']) : '';
$star1 = isset($_POST['star1']) && intval($_POST['star1']) ? intval($_POST['star1']) : '';
$star2 = isset($_POST['star2']) && intval($_POST['star2']) ? intval($_POST['star2']) : '';
$star3 = isset($_POST['star3']) && intval($_POST['star3']) ? intval($_POST['star3']) : '';
$star4 = isset($_POST['star4']) && intval($_POST['star4']) ? intval($_POST['star4']) : '';
$star5 = isset($_POST['star5']) && intval($_POST['star5']) ? intval($_POST['star5']) : '';
$star6 = isset($_POST['star6']) && intval($_POST['star6']) ? intval($_POST['star6']) : '';
$startype = isset($_POST['startype']) && intval($_POST['startype']) ? intval($_POST['startype']) : '';
$starnum = isset($_POST['starnum']) && intval($_POST['starnum']) ? intval($_POST['starnum']) : '';
$data = array('userid' => $userid, 'username' => $username, 'content' => $content, 'star1' => $star1, 'star2' => $star2, 'star3' => $star3, 'star4' => $star4, 'star5' => $star5, 'star6' => $star6, 'startype' => $startype, 'starnum' => $starnum);
$reviews->add($this->reviewsid, $this->siteid, $data, $id, $title, $url);
$this->_show_msg($reviews->get_error() . "<iframe width='0' id='top_src' height='0' src='{$domain}/js.html?200'></iframe>", in_array($reviews->msg_code, array(0, 7)) ? HTTP_REFERER : '', in_array($reviews->msg_code, array(0, 7)) ? 1 : 0);
}
/**
* Generates an array of data to create a body xml
*/
public function index()
{
$ci = ShopCore::$ci;
$this->settings = $this->ymarket_model->init();
$this->currencyCode = ShopCore::app()->SCurrencyHelper->current->code;
$categories = \Category\CategoryApi::getInstance()->getCategory($this->settings['unserCats']);
/* @var $p SProducts */
foreach ($this->ymarket_model->getProducts($this->settings['unserCats']) as $p) {
$param = ShopCore::app()->SPropertiesRenderer->renderPropertiesArray($p);
$additionalImages = $this->getAdditionalImages($p);
/* @var $v SProductVariants */
foreach ($p->getProductVariants() as $v) {
if (!$v->getPrice()) {
continue;
}
$unique_id += $p->getId() . '.' . $v->getId();
$this->offers[$unique_id]['url'] = $ci->config->item('base_url') . '/shop/product/' . $p->url;
$this->offers[$unique_id]['price'] = $v->getPrice();
$this->offers[$unique_id]['currencyId'] = $this->currencyCode;
$this->offers[$unique_id]['categoryId'] = $p->getCategoryId();
$this->offers[$unique_id]['picture'] = array_merge(array(productImageUrl('products/main/' . $v->getMainImage())), $additionalImages);
$this->offers[$unique_id]['name'] = $this->forName($p->getName(), $v->getName());
$this->offers[$unique_id]['vendor'] = $p->getBrand() ? htmlspecialchars($p->getBrand()->getName()) : '';
$this->offers[$unique_id]['vendorCode'] = $v->getNumber() ? $v->getNumber() : '';
$this->offers[$unique_id]['description'] = htmlspecialchars($p->getFullDescription());
if ($this->settings['adult']) {
$this->offers[$unique_id]['adult'] = 'true';
}
$this->offers[$unique_id]['param'] = $param;
}
}
$infoXml['categories'] = $categories;
$infoXml['offers'] = $this->offers;
$infoXml['site_short_title'] = $this->settings['site_short_title'];
$infoXml['site_title'] = $this->settings['site_title'];
$infoXml['base_url'] = $ci->config->item('base_url');
$infoXml['imagecms_number'] = IMAGECMS_NUMBER;
$infoXml['siteinfo_adminemail'] = siteinfo('siteinfo_adminemail');
$infoXml['currencyCode'] = $this->currencyCode;
\CMSFactory\assetManager::create()->setData('infoXml', $infoXml)->render('main', true);
exit;
}
/**
* 栏目标签
* @param $data
*/
public function category($data)
{
$data['catid'] = intval($data['catid']);
$array = array();
$siteid = $data['siteid'] && intval($data['siteid']) ? intval($data['siteid']) : get_siteid();
$categorys = getcache('category_content_' . $siteid, 'commons');
$site = siteinfo($siteid);
$i = 1;
foreach ($categorys as $catid => $cat) {
if ($i > $data['limit']) {
break;
}
if (!$cat['ismenu'] || $siteid && $cat['siteid'] != $siteid) {
continue;
}
if (strpos($cat['url'], '://') === false) {
$cat['url'] = substr($site['domain'], 0, -1) . $cat['url'];
}
if ($cat['parentid'] == $data['catid']) {
$array[$catid] = $cat;
$i++;
}
}
return $array;
}
/**
* 获取内容地址
* @param $catid 栏目ID
* @param $id 文章ID
* @param $allurl 是否以绝对路径返回
*/
function go($catid, $id, $allurl = 0)
{
static $category;
if (empty($category)) {
$siteids = getcache('category_content', 'commons');
$siteid = $siteids[$catid];
$category = getcache('category_content_' . $siteid, 'commons');
}
$id = intval($id);
if (!$id || !isset($category[$catid])) {
return '';
}
$modelid = $category[$catid]['modelid'];
if (!$modelid) {
return '';
}
$db = pc_base::load_model('content_model');
$db->set_model($modelid);
$r = $db->get_one(array('id' => $id), '`url`');
if (!empty($allurl)) {
if (strpos($r['url'], '://') === false) {
if (strpos($category[$catid]['url'], '://') === FALSE) {
$site = siteinfo($category[$catid]['siteid']);
$r['url'] = substr($site['domain'], 0, -1) . $r['url'];
} else {
$r['url'] = $category[$catid]['url'] . $r['url'];
}
}
}
return $r['url'];
}
/**
* 发送邮件
* @param $toemail 收件人email
* @param $subject 邮件主题
* @param $message 正文
* @param $from 发件人
* @param $cfg 邮件配置信息
* @param $sitename 邮件站点名称
*/
function sendmail($toemail, $subject, $message, $from = '', $cfg = array(), $sitename = '')
{
if ($sitename == '') {
$siteid = get_siteid();
$siteinfo = siteinfo($siteid);
$sitename = $siteinfo['site_title'];
}
$adminemail = '*****@*****.**';
if ($cfg && is_array($cfg)) {
$adminemail = $cfg['from'];
$mail = $cfg;
$mail_type = $cfg['mail_type'];
//邮件发送模式
} else {
$cfg = getcache('common', 'commons');
$adminemail = $cfg['mail_from'];
$mail_type = $cfg['mail_type'];
//邮件发送模式
$mail = array('mailsend' => 2, 'maildelimiter' => 1, 'mailusername' => 1, 'server' => $cfg['mail_server'], 'port' => $cfg['mail_port'], 'auth' => $cfg['mail_auth'], 'from' => $cfg['mail_from'], 'auth_username' => $cfg['mail_user'], 'auth_password' => $cfg['mail_password']);
}
//mail 发送模式
if ($mail_type == 0) {
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=' . CHARSET . '' . "\r\n";
$headers .= 'From: ' . $sitename . ' <' . $from . '>' . "\r\n";
mail($toemail, $subject, $message, $headers);
return true;
}
//邮件头的分隔符
$maildelimiter = $mail['maildelimiter'] == 1 ? "\r\n" : ($mail['maildelimiter'] == 2 ? "\r" : "\n");
//收件人地址中包含用户名
$mailusername = isset($mail['mailusername']) ? $mail['mailusername'] : 1;
//端口
$mail['port'] = $mail['port'] ? $mail['port'] : 25;
$mail['mailsend'] = $mail['mailsend'] ? $mail['mailsend'] : 1;
//发信者
$email_from = $from == '' ? '=?' . CHARSET . '?B?' . base64_encode($sitename) . "?= <" . $adminemail . ">" : (preg_match('/^(.+?) \\<(.+?)\\>$/', $from, $mats) ? '=?' . CHARSET . '?B?' . base64_encode($mats[1]) . "?= <{$mats['2']}>" : $from);
$email_to = preg_match('/^(.+?) \\<(.+?)\\>$/', $toemail, $mats) ? $mailusername ? '=?' . CHARSET . '?B?' . base64_encode($mats[1]) . "?= <{$mats['2']}>" : $mats[2] : $toemail;
$email_subject = '=?' . CHARSET . '?B?' . base64_encode(preg_replace("/[\r|\n]/", '', '[PHPCMS] ' . $subject)) . '?=';
$email_message = chunk_split(base64_encode(str_replace("\n", "\r\n", str_replace("\r", "\n", str_replace("\r\n", "\n", str_replace("\n\r", "\r", $message))))));
$headers = "From: {$email_from}{$maildelimiter}X-Priority: 3{$maildelimiter}X-Mailer: PHPCMS-V9 {$maildelimiter}MIME-Version: 1.0{$maildelimiter}Content-type: text/html; charset=" . CHARSET . "{$maildelimiter}Content-Transfer-Encoding: base64{$maildelimiter}";
if (!($fp = fsockopen($mail['server'], $mail['port'], $errno, $errstr, 30))) {
runlog('SMTP', "({$mail['server']}:{$mail['port']}) CONNECT - Unable to connect to the SMTP server", 0);
return false;
}
stream_set_blocking($fp, true);
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != '220') {
runlog('SMTP', "{$mail['server']}:{$mail['port']} CONNECT - {$lastmessage}", 0);
return false;
}
fputs($fp, ($mail['auth'] ? 'EHLO' : 'HELO') . " uchome\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 220 && substr($lastmessage, 0, 3) != 250) {
runlog('SMTP', "({$mail['server']}:{$mail['port']}) HELO/EHLO - {$lastmessage}", 0);
return false;
}
while (1) {
if (substr($lastmessage, 3, 1) != '-' || empty($lastmessage)) {
break;
}
$lastmessage = fgets($fp, 512);
}
if ($mail['auth']) {
fputs($fp, "AUTH LOGIN\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 334) {
runlog('SMTP', "({$mail['server']}:{$mail['port']}) AUTH LOGIN - {$lastmessage}", 0);
return false;
}
fputs($fp, base64_encode($mail['auth_username']) . "\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 334) {
runlog('SMTP', "({$mail['server']}:{$mail['port']}) USERNAME - {$lastmessage}", 0);
return false;
}
fputs($fp, base64_encode($mail['auth_password']) . "\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 235) {
runlog('SMTP', "({$mail['server']}:{$mail['port']}) PASSWORD - {$lastmessage}", 0);
return false;
}
$email_from = $mail['from'];
}
fputs($fp, "MAIL FROM: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $email_from) . ">\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 250) {
fputs($fp, "MAIL FROM: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $email_from) . ">\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 250) {
runlog('SMTP', "({$mail['server']}:{$mail['port']}) MAIL FROM - {$lastmessage}", 0);
return false;
}
}
fputs($fp, "RCPT TO: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $toemail) . ">\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 250) {
fputs($fp, "RCPT TO: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $toemail) . ">\r\n");
$lastmessage = fgets($fp, 512);
runlog('SMTP', "({$mail['server']}:{$mail['port']}) RCPT TO - {$lastmessage}", 0);
return false;
}
fputs($fp, "DATA\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 354) {
runlog('SMTP', "({$mail['server']}:{$mail['port']}) DATA - {$lastmessage}", 0);
return false;
}
$headers .= 'Message-ID: <' . gmdate('YmdHs') . '.' . substr(md5($email_message . microtime()), 0, 6) . rand(100000, 999999) . '@' . $_SERVER['HTTP_HOST'] . ">{$maildelimiter}";
fputs($fp, "Date: " . gmdate('r') . "\r\n");
fputs($fp, "To: " . $email_to . "\r\n");
fputs($fp, "Subject: " . $email_subject . "\r\n");
fputs($fp, $headers . "\r\n");
fputs($fp, "\r\n\r\n");
fputs($fp, "{$email_message}\r\n.\r\n");
$lastmessage = fgets($fp, 512);
if (substr($lastmessage, 0, 3) != 250) {
runlog('SMTP', "({$mail['server']}:{$mail['port']}) END - {$lastmessage}", 0);
}
fputs($fp, "QUIT\r\n");
return true;
}
function get_by_id($siteid)
{
return siteinfo($siteid);
}
/**
* 手机短信方式找回密码
*/
public function public_forget_password_mobile()
{
$step = intval($_POST['step']);
$step = max($step, 1);
$this->_session_start();
if (isset($_POST['dosubmit']) && $step == 2) {
//处理提交申请,以手机号为准
if ($_SESSION['code'] != strtolower($_POST['code'])) {
showmessage(L('code_error'), HTTP_REFERER);
}
$username = safe_replace($_POST['username']);
$r = $this->db->get_one(array('username' => $username), 'userid,mobile');
if ($r['mobile'] == '') {
$_SESSION['mobile'] = '';
$_SESSION['userid'] = '';
$_SESSION['code'] = '';
showmessage("该账号没有绑定手机号码,请选择其他方式找回!");
}
$_SESSION['mobile'] = $r['mobile'];
$_SESSION['userid'] = $r['userid'];
include template('member', 'forget_password_mobile');
} elseif (isset($_POST['dosubmit']) && $step == 3) {
$sms_report_db = pc_base::load_model('sms_report_model');
$mobile_verify = $_POST['mobile_verify'];
$mobile = $_SESSION['mobile'];
if ($mobile) {
if (!preg_match('/^1([0-9]{10})$/', $mobile)) {
exit('check phone error');
}
pc_base::load_app_func('global', 'sms');
$posttime = SYS_TIME - 600;
$where = "`mobile`='{$mobile}' AND `posttime`>'{$posttime}'";
$r = $sms_report_db->get_one($where, 'id,id_code', 'id DESC');
if ($r && $r['id_code'] == $mobile_verify) {
$sms_report_db->update(array('id_code' => ''), $where);
$userid = $_SESSION['userid'];
$updateinfo = array();
$password = random(8, "23456789abcdefghkmnrstwxy");
$encrypt = random(6, "23456789abcdefghkmnrstwxyABCDEFGHKMNRSTWXY");
$updateinfo['encrypt'] = $encrypt;
$updateinfo['password'] = password($password, $encrypt);
$this->db->update($updateinfo, array('userid' => $userid));
$rs = $this->db->get_one(array('userid' => $userid), 'phpssouid');
if (pc_base::load_config('system', 'phpsso')) {
//初始化phpsso
$this->_init_phpsso();
$this->client->ps_member_edit('', '', '', $password, $rs['phpssouid'], $encrypt);
}
$status = sendsms($mobile, $password, 5);
if ($status !== 0) {
showmessage($status);
}
$_SESSION['mobile'] = '';
$_SESSION['userid'] = '';
$_SESSION['code'] = '';
showmessage("密码已重置成功!请查收手机", '?m=member&c=index&a=login');
} else {
showmessage("短信验证码错误!请重新获取!");
}
} else {
showmessage("短信验证码已过期!请重新获取!");
}
} else {
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
$siteinfo = siteinfo($siteid);
include template('member', 'forget_password_mobile');
}
}
/**
* 找回密码
*/
public function public_forget_password()
{
$email_config = getcache('common', 'commons');
//SMTP MAIL 二种发送模式
if ($email_config['mail_type'] == '1') {
if (empty($email_config['mail_user']) || empty($email_config['mail_password'])) {
showmessage(L('email_config_empty'), HTTP_REFERER);
}
}
$this->_session_start();
$member_setting = getcache('member_setting');
if (isset($_POST['dosubmit'])) {
if ($_SESSION['code'] != strtolower($_POST['code'])) {
showmessage(L('code_error'), HTTP_REFERER);
}
$memberinfo = $this->db->get_one(array('email' => $_POST['email']));
if (!empty($memberinfo['email'])) {
$email = $memberinfo['email'];
} else {
showmessage(L('email_error'), HTTP_REFERER);
}
pc_base::load_sys_func('mail');
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
$code = sys_auth($memberinfo['userid'] . "\t" . SYS_TIME, 'ENCODE', $phpcms_auth_key);
$url = APP_PATH . "index.php?m=member&c=index&a=public_forget_password&code={$code}";
$message = $member_setting['forgetpassword'];
$message = str_replace(array('{click}', '{url}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url), $message);
//获取站点名称
$sitelist = getcache('sitelist', 'commons');
if (isset($sitelist[$memberinfo['siteid']]['name'])) {
$sitename = $sitelist[$memberinfo['siteid']]['name'];
} else {
$sitename = 'PHPCMS_V9_MAIL';
}
sendmail($email, L('forgetpassword'), $message, '', '', $sitename);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login');
} elseif ($_GET['code']) {
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
$hour = date('y-m-d h', SYS_TIME);
$code = sys_auth($_GET['code'], 'DECODE', $phpcms_auth_key);
$code = explode("\t", $code);
if (is_array($code) && is_numeric($code[0]) && date('y-m-d h', SYS_TIME) == date('y-m-d h', $code[1])) {
$memberinfo = $this->db->get_one(array('userid' => $code[0]));
if (empty($memberinfo['phpssouid'])) {
showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');
}
$password = random(8);
$updateinfo['password'] = password($password, $memberinfo['encrypt']);
$this->db->update($updateinfo, array('userid' => $code[0]));
if (pc_base::load_config('system', 'phpsso')) {
//初始化phpsso
$this->_init_phpsso();
$this->client->ps_member_edit('', $email, '', $password, $memberinfo['phpssouid'], $memberinfo['encrypt']);
}
showmessage(L('operation_success') . L('newpassword') . ':' . $password);
} else {
showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');
}
} else {
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
$siteinfo = siteinfo($siteid);
include template('member', 'forget_password');
}
}
public function post_answer()
{
$M = getcache('ask', 'commons');
$M = $M[1];
$id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : '';
$SITE = siteinfo(SITEID);
$_username = param::get_cookie('_username');
$_userid = param::get_cookie('_userid');
if (!$_userid) {
$forward = isset($_GET['forward']) ? urlencode($_GET['forward']) : urlencode(get_url());
showmessage(L('please_login', '', 'member'), '?m=member&c=index&a=login&forward=' . $forward);
}
if ($_POST['dosubmit']) {
if (!$id) {
showmessage(L('illegal_parameters'), HTTP_REFERER);
}
if (!$_userid) {
showmessage(L('please_login'), APP_PATH . 'index.php?m=member&c=index&a=login');
}
if ($M['answer_code']) {
$session_storage = 'session_' . pc_base::load_config('system', 'session_storage');
pc_base::load_sys_class($session_storage);
session_start();
$code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : showmessage(L('please_enter_code'), HTTP_REFERER);
if ($code != $_SESSION['code']) {
showmessage(L('code_error'), HTTP_REFERER);
}
}
$posts['message'] = isset($_POST['message']) && trim($_POST['message']) ? trim($_POST['message']) : showmessage(L('please_enter_content'), HTTP_REFERER);
if (strlen($posts['message']) > 1000) {
showmessage(L('answer_limit_1000'), HTTP_REFERER);
}
$posts['userid'] = $_userid;
$posts['username'] = $_username;
if ($M['answer_check']) {
$posts['status'] = 1;
} else {
$posts['status'] = 3;
}
$posts['addtime'] = SYS_TIME;
$posts['message'] = $M['use_editor'] ? strip_tags($posts['message']) : strip_tags($posts['message']);
if ($this->db2->add($id, $posts)) {
$forward = ask_url($catid, $id);
if ($M['answer_check']) {
showmessage(L('waitting_admin_check'), $forward);
} else {
showmessage(L('your_answer_submit_success'), $forward);
}
} else {
showmessage(L('answer_has_answered_and_ischecking'), $forward);
}
}
}
/**
* 手机短信方式找回密码
*/
public function public_forget_password_mobile()
{
$email_config = getcache('common', 'commons');
$this->_session_start();
$member_setting = getcache('member_setting');
if (isset($_POST['dosubmit'])) {
//处理提交申请,以手机号为准
if ($_SESSION['code'] != strtolower($_POST['code'])) {
showmessage(L('code_error'), HTTP_REFERER);
}
$mobile = $_POST['mobile'];
$mobile_verify = intval($_POST['mobile_verify']);
$password = $_POST['password'];
$pwdconfirm = $_POST['pwdconfirm'];
if ($password != $pwdconfirm) {
showmessage(L('passwords_not_match'), HTTP_REFERER);
}
//验证手机号和传递的验证码是否匹配
$sms_report_db = pc_base::load_model('sms_report_model');
$sms_report_array = $sms_report_db->get_one(array("mobile" > $mobile, 'in_code' => $mobile_verify));
if (empty($sms_report_array)) {
showmessage("手机和验证码不对应,请通过正常渠道修改密码!", HTTP_REFERER);
}
//更新密码
$updateinfo = array();
$updateinfo['password'] = $password;
$this->db->update($updateinfo, array('userid' => $this->memberinfo['userid']));
if (pc_base::load_config('system', 'phpsso')) {
//初始化phpsso
$this->_init_phpsso();
$res = $this->client->ps_member_edit('', $email, $_POST['info']['password'], $_POST['info']['newpassword'], $this->memberinfo['phpssouid'], $this->memberinfo['encrypt']);
}
$memberinfo = $this->db->get_one(array('email' => $_POST['email']));
if (!empty($memberinfo['email'])) {
$email = $memberinfo['email'];
} else {
showmessage(L('email_error'), HTTP_REFERER);
}
pc_base::load_sys_func('mail');
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent);
$code = sys_auth($memberinfo['userid'] . "\t" . SYS_TIME, 'ENCODE', $phpcms_auth_key);
$url = APP_PATH . "index.php?m=member&c=index&a=public_forget_password&code={$code}";
$message = $member_setting['forgetpassword'];
$message = str_replace(array('{click}', '{url}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url), $message);
//获取站点名称
$sitelist = getcache('sitelist', 'commons');
if (isset($sitelist[$memberinfo['siteid']]['name'])) {
$sitename = $sitelist[$memberinfo['siteid']]['name'];
} else {
$sitename = 'PHPCMS_V9_MAIL';
}
sendmail($email, L('forgetpassword'), $message, '', '', $sitename);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login');
} else {
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
$siteinfo = siteinfo($siteid);
include template('member', 'forget_password_mobile');
}
}
}
</script>
<?php
$t = $_GET['t'];
if (!isset($t)) {
$t = 4;
}
$pt = isset($_GET['pt']) ? $_GET['pt'] : $t;
?>
<?php
$siteinfo = siteinfo($this->memberinfo['siteid']);
?>
<?php
$this->menu_db = pc_base::load_model('member_menu_model');
?>
<?php
if ($_groupid > 12) {
$menu_num = 9;
} else {
$menu_num = 9;
}
?>
<?php
" class="logo">
<img src="<?php
echo siteinfo('siteinfo_logo_url');
?>
" alt="logo.png"/>
</a>
<?php
}
?>
<!-- Start. contacts block-->
<div class="phones-header">
<span class="f-s_0 d_b">
<span class="icon_phone_header"></span>
<span class="phone">
<span class="phone-number"><?php
echo siteinfo('siteinfo_mainphone');
?>
</span>
</span>
</span>
<div class="btn-order-call">
<button data-tab="true" data-drop="#ordercall" data-source="<?php
echo site_url('shop/callback');
?>
">
<span class="icon_order_call"></span>
<span class="text-el d_l"><?php
echo lang('Заказать звонок', 'lightVertical');
?>
</span>
</button>
?>
"> <span class="icon_mail"></span> <span class="text-el"><?php
echo siteinfo('siteinfo_adminemail');
?>
</span> </a></li>
<?php
}
?>
<?php
if (siteinfo('Skype')) {
?>
<li><a class="f-s_0" href="skype:<?php
echo siteinfo('Skype');
?>
"> <span class="icon_skype"></span> <span class="text-el"><?php
echo siteinfo('Skype');
?>
</span> </a></li>
<?php
}
?>
</ul>
</div>
</div>
<div class="box-3">
<div class="inside-padd">
<div class="main-title"><?php
echo lang('Сайт', 'lightVertical');
?>
</div>
?>
css/ie_7.css" />
<script src="<?php
if (isset($THEME)) {
echo $THEME;
}
?>
js/localStorageJSON.js"></script>
<![endif]-->
<link rel="icon" href="<?php
echo siteinfo('siteinfo_favicon_url');
?>
" type="image/x-icon" />
<link rel="shortcut icon" href="<?php
echo siteinfo('siteinfo_favicon_url');
?>
" type="image/x-icon" />
</head>
<body class="is<?php
echo $agent[0];
?>
not-js">
<?php
$this->include_tpl('language/jsLangsDefine.tpl', '/home/igor/sites/skidka-shop.com.ua/www/templates/lightVertical');
?>
<?php
$this->include_tpl('language/jsLangs.tpl', '/home/igor/sites/skidka-shop.com.ua/www/templates/lightVertical');
?>
<div class="main-body">
<div class="fon-header">
