public function post() { $comment = pc_base::load_app_class('comment'); $id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : ''; $SITE = siteinfo($this->siteid); $username = param::get_cookie('_username', $SITE['name'] . L('phpcms_friends')); $userid = param::get_cookie('_userid'); $comment_setting_db = pc_base::load_model('comment_setting_model'); $setting = $comment_setting_db->get_one(array('siteid' => $this->siteid)); if (!empty($setting)) { //是否允许游客 if (!$setting['guest']) { if (!$username || !$userid) { //$this->_show_msg(L('landing_users_to_comment'), HTTP_REFERER); die(json_encode(array('msg' => '必须登录才可以评论!', 'status' => 400))); } } if ($setting['code']) { $session_storage = 'session_' . pc_base::load_config('system', 'session_storage'); pc_base::load_sys_class($session_storage); session_start(); //$code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : $this->_show_msg(L('please_enter_code'), HTTP_REFERER); $code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : ''; if (!$code) { die(json_encode(array('msg' => '请输入验证码!', 'status' => 400))); } if ($code != $_SESSION['code']) { //$this->_show_msg(L('code_error'), HTTP_REFERER); die(json_encode(array('msg' => '验证码错误!', 'status' => 400))); } } } //通过API接口调用数据的标题、URL地址 if (!($data = get_comment_api($this->commentid))) { $this->_show_msg(L('illegal_parameters')); } else { $title = $data['title']; $url = $data['url']; unset($data); } if (strpos($url, APP_PATH) === 0) { $domain = APP_PATH; } else { $urls = parse_url($url); $domain = $urls['scheme'] . '://' . $urls['host'] . (isset($urls['port']) && !empty($urls['port']) ? ":" . $urls['port'] : '') . '/'; } //$content = isset($_POST['content']) && trim($_POST['content']) ? trim($_POST['content']) : $this->_show_msg(L('please_enter_content'), HTTP_REFERER); $content = isset($_POST['content']) && trim($_POST['content']) ? trim($_POST['content']) : ''; if (!$content) { die(json_encode(array('msg' => '请填写类容!', 'status' => 400))); } elseif (strlen($content) <= 10) { die(json_encode(array('msg' => '内容过少!', 'status' => 400))); } $direction = isset($_POST['direction']) && intval($_POST['direction']) ? intval($_POST['direction']) : ''; $data = array('userid' => $userid, 'username' => $username, 'content' => $content, 'direction' => $direction); $comment->add($this->commentid, $this->siteid, $data, $id, $title, $url); echo json_encode(array('msg' => '评论成功!', 'status' => 200, 'posTdata' => array('username' => $username, 'content' => $content, 'postTime' => date('Y-m-d H:i:s', time())))); //$this->_show_msg($comment->get_error()."<iframe width='0' id='top_src' height='0' src='$domain/js.html?200'></iframe>", (in_array($comment->msg_code, array(0,7)) ? HTTP_REFERER : ''), (in_array($comment->msg_code, array(0,7)) ? 1 : 0)); }
public function genreYML() { header('content-type: text/xml'); $ci = ShopCore::$ci; $pictureBaseUrl = base_url() . "uploads/shop/products/main/"; /* @var $p SProducts */ foreach ($this->getProducts() as $p) { /* @var $v SProductVariants */ foreach ($p->getProductVariants() as $v) { if (!$v->getPrice()) { continue; } $unique_id = $p->getId() . $v->getId(); $param = ShopCore::app()->SPropertiesRenderer->renderPropertiesArray($p); $this->offers[$unique_id]['url'] = ShopCore::$ci->config->item('base_url') . '/shop/product/' . $p->url; $this->offers[$unique_id]['price'] = $v->getPrice(); $this->offers[$unique_id]['currencyId'] = $this->currencyCode; $this->offers[$unique_id]['categoryId'] = $p->getCategoryId(); $this->offers[$unique_id]['picture'] = $pictureBaseUrl . $v->getMainImage(); $images = null; $images = $p->getSProductImagess(); if (count($images) > 0) { foreach ($images as $key => $image) { $this->offers[$unique_id]['picture' . $key] = productImageUrl('products/additional/' . $image->getImageName()); } } $this->offers[$unique_id]['name'] = $this->forName($p->getName(), $v->getName()); $this->offers[$unique_id]['vendor'] = $p->getBrand() ? htmlspecialchars($p->getBrand()->getName()) : ' '; $this->offers[$unique_id]['vendorCode'] = $v->getNumber() ? htmlspecialchars($v->getNumber()) : ' '; $this->offers[$unique_id]['description'] = htmlspecialchars($p->getFullDescription()); $this->db->select('value'); $this->db->where('id', 1); $query = $this->db->get('mod_yandex_market_adalt'); $adalt = $query->row_array(); if ($adalt['value'] == 1) { $this->offers[$unique_id]['adult'] = 'true'; } $this->offers[$unique_id]['param'] = $param; } } echo '<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE yml_catalog SYSTEM "shops.dtd"> <yml_catalog date="' . date('Y-m-d H:i') . '"> <shop> <name>' . $this->settings['site_short_title'] . '</name> <company>' . $this->settings['site_title'] . '</company> <url>' . $ci->config->item('base_url') . '</url> <platform>ImageCMS</platform> <version>' . IMAGECMS_NUMBER . '</version> <email>' . siteinfo('siteinfo_adminemail') . '</email>'; echo "\n\n"; echo '<currencies> <currency id="' . $this->currencyCode . '" rate="1"/> </currencies>' . "\n\n"; echo $this->renderCategories(); echo $this->renderOffers(); echo "</shop>\n"; echo "</yml_catalog>"; }
public function post() { $reviews = pc_base::load_app_class('reviews'); $id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : ''; $SITE = siteinfo($this->siteid); $username = param::get_cookie('_username', $SITE['name'] . L('phpcms_friends')); $userid = param::get_cookie('_userid'); $reviews_setting_db = pc_base::load_model('reviews_setting_model'); $setting = $reviews_setting_db->get_one(array('siteid' => $this->siteid)); if (!empty($setting)) { //是否允许游客 if (!$setting['guest']) { if (!$username || !$userid) { $this->_show_msg(L('landing_users_to_comment'), HTTP_REFERER); } } if ($setting['code']) { $session_storage = 'session_' . pc_base::load_config('system', 'session_storage'); pc_base::load_sys_class($session_storage); session_start(); $code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : $this->_show_msg(L('please_enter_code'), HTTP_REFERER); if ($code != $_SESSION['code']) { $this->_show_msg(L('code_error'), HTTP_REFERER); } } } //通过API接口调用数据的标题、URL地址 if (!($data = get_comment_api($this->reviewsid))) { $this->_show_msg(L('illegal_parameters')); } else { $title = $data['title']; $url = $data['url']; unset($data); } if (strpos($url, APP_PATH) === 0) { $domain = APP_PATH; } else { $urls = parse_url($url); $domain = $urls['scheme'] . '://' . $urls['host'] . (isset($urls['port']) && !empty($urls['port']) ? ":" . $urls['port'] : '') . '/'; } // $content = isset($_POST['content']) && trim($_POST['content']) ? trim($_POST['content']) : $this->_show_msg(L('please_enter_content'), HTTP_REFERER); $content = isset($_POST['content']) && trim($_POST['content']) ? trim($_POST['content']) : ''; $star1 = isset($_POST['star1']) && intval($_POST['star1']) ? intval($_POST['star1']) : ''; $star2 = isset($_POST['star2']) && intval($_POST['star2']) ? intval($_POST['star2']) : ''; $star3 = isset($_POST['star3']) && intval($_POST['star3']) ? intval($_POST['star3']) : ''; $star4 = isset($_POST['star4']) && intval($_POST['star4']) ? intval($_POST['star4']) : ''; $star5 = isset($_POST['star5']) && intval($_POST['star5']) ? intval($_POST['star5']) : ''; $star6 = isset($_POST['star6']) && intval($_POST['star6']) ? intval($_POST['star6']) : ''; $startype = isset($_POST['startype']) && intval($_POST['startype']) ? intval($_POST['startype']) : ''; $starnum = isset($_POST['starnum']) && intval($_POST['starnum']) ? intval($_POST['starnum']) : ''; $data = array('userid' => $userid, 'username' => $username, 'content' => $content, 'star1' => $star1, 'star2' => $star2, 'star3' => $star3, 'star4' => $star4, 'star5' => $star5, 'star6' => $star6, 'startype' => $startype, 'starnum' => $starnum); $reviews->add($this->reviewsid, $this->siteid, $data, $id, $title, $url); $this->_show_msg($reviews->get_error() . "<iframe width='0' id='top_src' height='0' src='{$domain}/js.html?200'></iframe>", in_array($reviews->msg_code, array(0, 7)) ? HTTP_REFERER : '', in_array($reviews->msg_code, array(0, 7)) ? 1 : 0); }
/** * Generates an array of data to create a body xml */ public function index() { $ci = ShopCore::$ci; $this->settings = $this->ymarket_model->init(); $this->currencyCode = ShopCore::app()->SCurrencyHelper->current->code; $categories = \Category\CategoryApi::getInstance()->getCategory($this->settings['unserCats']); /* @var $p SProducts */ foreach ($this->ymarket_model->getProducts($this->settings['unserCats']) as $p) { $param = ShopCore::app()->SPropertiesRenderer->renderPropertiesArray($p); $additionalImages = $this->getAdditionalImages($p); /* @var $v SProductVariants */ foreach ($p->getProductVariants() as $v) { if (!$v->getPrice()) { continue; } $unique_id += $p->getId() . '.' . $v->getId(); $this->offers[$unique_id]['url'] = $ci->config->item('base_url') . '/shop/product/' . $p->url; $this->offers[$unique_id]['price'] = $v->getPrice(); $this->offers[$unique_id]['currencyId'] = $this->currencyCode; $this->offers[$unique_id]['categoryId'] = $p->getCategoryId(); $this->offers[$unique_id]['picture'] = array_merge(array(productImageUrl('products/main/' . $v->getMainImage())), $additionalImages); $this->offers[$unique_id]['name'] = $this->forName($p->getName(), $v->getName()); $this->offers[$unique_id]['vendor'] = $p->getBrand() ? htmlspecialchars($p->getBrand()->getName()) : ''; $this->offers[$unique_id]['vendorCode'] = $v->getNumber() ? $v->getNumber() : ''; $this->offers[$unique_id]['description'] = htmlspecialchars($p->getFullDescription()); if ($this->settings['adult']) { $this->offers[$unique_id]['adult'] = 'true'; } $this->offers[$unique_id]['param'] = $param; } } $infoXml['categories'] = $categories; $infoXml['offers'] = $this->offers; $infoXml['site_short_title'] = $this->settings['site_short_title']; $infoXml['site_title'] = $this->settings['site_title']; $infoXml['base_url'] = $ci->config->item('base_url'); $infoXml['imagecms_number'] = IMAGECMS_NUMBER; $infoXml['siteinfo_adminemail'] = siteinfo('siteinfo_adminemail'); $infoXml['currencyCode'] = $this->currencyCode; \CMSFactory\assetManager::create()->setData('infoXml', $infoXml)->render('main', true); exit; }
/** * 栏目标签 * @param $data */ public function category($data) { $data['catid'] = intval($data['catid']); $array = array(); $siteid = $data['siteid'] && intval($data['siteid']) ? intval($data['siteid']) : get_siteid(); $categorys = getcache('category_content_' . $siteid, 'commons'); $site = siteinfo($siteid); $i = 1; foreach ($categorys as $catid => $cat) { if ($i > $data['limit']) { break; } if (!$cat['ismenu'] || $siteid && $cat['siteid'] != $siteid) { continue; } if (strpos($cat['url'], '://') === false) { $cat['url'] = substr($site['domain'], 0, -1) . $cat['url']; } if ($cat['parentid'] == $data['catid']) { $array[$catid] = $cat; $i++; } } return $array; }
/** * 获取内容地址 * @param $catid 栏目ID * @param $id 文章ID * @param $allurl 是否以绝对路径返回 */ function go($catid, $id, $allurl = 0) { static $category; if (empty($category)) { $siteids = getcache('category_content', 'commons'); $siteid = $siteids[$catid]; $category = getcache('category_content_' . $siteid, 'commons'); } $id = intval($id); if (!$id || !isset($category[$catid])) { return ''; } $modelid = $category[$catid]['modelid']; if (!$modelid) { return ''; } $db = pc_base::load_model('content_model'); $db->set_model($modelid); $r = $db->get_one(array('id' => $id), '`url`'); if (!empty($allurl)) { if (strpos($r['url'], '://') === false) { if (strpos($category[$catid]['url'], '://') === FALSE) { $site = siteinfo($category[$catid]['siteid']); $r['url'] = substr($site['domain'], 0, -1) . $r['url']; } else { $r['url'] = $category[$catid]['url'] . $r['url']; } } } return $r['url']; }
/** * 发送邮件 * @param $toemail 收件人email * @param $subject 邮件主题 * @param $message 正文 * @param $from 发件人 * @param $cfg 邮件配置信息 * @param $sitename 邮件站点名称 */ function sendmail($toemail, $subject, $message, $from = '', $cfg = array(), $sitename = '') { if ($sitename == '') { $siteid = get_siteid(); $siteinfo = siteinfo($siteid); $sitename = $siteinfo['site_title']; } $adminemail = '*****@*****.**'; if ($cfg && is_array($cfg)) { $adminemail = $cfg['from']; $mail = $cfg; $mail_type = $cfg['mail_type']; //邮件发送模式 } else { $cfg = getcache('common', 'commons'); $adminemail = $cfg['mail_from']; $mail_type = $cfg['mail_type']; //邮件发送模式 $mail = array('mailsend' => 2, 'maildelimiter' => 1, 'mailusername' => 1, 'server' => $cfg['mail_server'], 'port' => $cfg['mail_port'], 'auth' => $cfg['mail_auth'], 'from' => $cfg['mail_from'], 'auth_username' => $cfg['mail_user'], 'auth_password' => $cfg['mail_password']); } //mail 发送模式 if ($mail_type == 0) { $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=' . CHARSET . '' . "\r\n"; $headers .= 'From: ' . $sitename . ' <' . $from . '>' . "\r\n"; mail($toemail, $subject, $message, $headers); return true; } //邮件头的分隔符 $maildelimiter = $mail['maildelimiter'] == 1 ? "\r\n" : ($mail['maildelimiter'] == 2 ? "\r" : "\n"); //收件人地址中包含用户名 $mailusername = isset($mail['mailusername']) ? $mail['mailusername'] : 1; //端口 $mail['port'] = $mail['port'] ? $mail['port'] : 25; $mail['mailsend'] = $mail['mailsend'] ? $mail['mailsend'] : 1; //发信者 $email_from = $from == '' ? '=?' . CHARSET . '?B?' . base64_encode($sitename) . "?= <" . $adminemail . ">" : (preg_match('/^(.+?) \\<(.+?)\\>$/', $from, $mats) ? '=?' . CHARSET . '?B?' . base64_encode($mats[1]) . "?= <{$mats['2']}>" : $from); $email_to = preg_match('/^(.+?) \\<(.+?)\\>$/', $toemail, $mats) ? $mailusername ? '=?' . CHARSET . '?B?' . base64_encode($mats[1]) . "?= <{$mats['2']}>" : $mats[2] : $toemail; $email_subject = '=?' . CHARSET . '?B?' . base64_encode(preg_replace("/[\r|\n]/", '', '[PHPCMS] ' . $subject)) . '?='; $email_message = chunk_split(base64_encode(str_replace("\n", "\r\n", str_replace("\r", "\n", str_replace("\r\n", "\n", str_replace("\n\r", "\r", $message)))))); $headers = "From: {$email_from}{$maildelimiter}X-Priority: 3{$maildelimiter}X-Mailer: PHPCMS-V9 {$maildelimiter}MIME-Version: 1.0{$maildelimiter}Content-type: text/html; charset=" . CHARSET . "{$maildelimiter}Content-Transfer-Encoding: base64{$maildelimiter}"; if (!($fp = fsockopen($mail['server'], $mail['port'], $errno, $errstr, 30))) { runlog('SMTP', "({$mail['server']}:{$mail['port']}) CONNECT - Unable to connect to the SMTP server", 0); return false; } stream_set_blocking($fp, true); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != '220') { runlog('SMTP', "{$mail['server']}:{$mail['port']} CONNECT - {$lastmessage}", 0); return false; } fputs($fp, ($mail['auth'] ? 'EHLO' : 'HELO') . " uchome\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 220 && substr($lastmessage, 0, 3) != 250) { runlog('SMTP', "({$mail['server']}:{$mail['port']}) HELO/EHLO - {$lastmessage}", 0); return false; } while (1) { if (substr($lastmessage, 3, 1) != '-' || empty($lastmessage)) { break; } $lastmessage = fgets($fp, 512); } if ($mail['auth']) { fputs($fp, "AUTH LOGIN\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 334) { runlog('SMTP', "({$mail['server']}:{$mail['port']}) AUTH LOGIN - {$lastmessage}", 0); return false; } fputs($fp, base64_encode($mail['auth_username']) . "\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 334) { runlog('SMTP', "({$mail['server']}:{$mail['port']}) USERNAME - {$lastmessage}", 0); return false; } fputs($fp, base64_encode($mail['auth_password']) . "\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 235) { runlog('SMTP', "({$mail['server']}:{$mail['port']}) PASSWORD - {$lastmessage}", 0); return false; } $email_from = $mail['from']; } fputs($fp, "MAIL FROM: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $email_from) . ">\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 250) { fputs($fp, "MAIL FROM: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $email_from) . ">\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 250) { runlog('SMTP', "({$mail['server']}:{$mail['port']}) MAIL FROM - {$lastmessage}", 0); return false; } } fputs($fp, "RCPT TO: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $toemail) . ">\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 250) { fputs($fp, "RCPT TO: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $toemail) . ">\r\n"); $lastmessage = fgets($fp, 512); runlog('SMTP', "({$mail['server']}:{$mail['port']}) RCPT TO - {$lastmessage}", 0); return false; } fputs($fp, "DATA\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 354) { runlog('SMTP', "({$mail['server']}:{$mail['port']}) DATA - {$lastmessage}", 0); return false; } $headers .= 'Message-ID: <' . gmdate('YmdHs') . '.' . substr(md5($email_message . microtime()), 0, 6) . rand(100000, 999999) . '@' . $_SERVER['HTTP_HOST'] . ">{$maildelimiter}"; fputs($fp, "Date: " . gmdate('r') . "\r\n"); fputs($fp, "To: " . $email_to . "\r\n"); fputs($fp, "Subject: " . $email_subject . "\r\n"); fputs($fp, $headers . "\r\n"); fputs($fp, "\r\n\r\n"); fputs($fp, "{$email_message}\r\n.\r\n"); $lastmessage = fgets($fp, 512); if (substr($lastmessage, 0, 3) != 250) { runlog('SMTP', "({$mail['server']}:{$mail['port']}) END - {$lastmessage}", 0); } fputs($fp, "QUIT\r\n"); return true; }
function get_by_id($siteid) { return siteinfo($siteid); }
/** * 手机短信方式找回密码 */ public function public_forget_password_mobile() { $step = intval($_POST['step']); $step = max($step, 1); $this->_session_start(); if (isset($_POST['dosubmit']) && $step == 2) { //处理提交申请,以手机号为准 if ($_SESSION['code'] != strtolower($_POST['code'])) { showmessage(L('code_error'), HTTP_REFERER); } $username = safe_replace($_POST['username']); $r = $this->db->get_one(array('username' => $username), 'userid,mobile'); if ($r['mobile'] == '') { $_SESSION['mobile'] = ''; $_SESSION['userid'] = ''; $_SESSION['code'] = ''; showmessage("该账号没有绑定手机号码,请选择其他方式找回!"); } $_SESSION['mobile'] = $r['mobile']; $_SESSION['userid'] = $r['userid']; include template('member', 'forget_password_mobile'); } elseif (isset($_POST['dosubmit']) && $step == 3) { $sms_report_db = pc_base::load_model('sms_report_model'); $mobile_verify = $_POST['mobile_verify']; $mobile = $_SESSION['mobile']; if ($mobile) { if (!preg_match('/^1([0-9]{10})$/', $mobile)) { exit('check phone error'); } pc_base::load_app_func('global', 'sms'); $posttime = SYS_TIME - 600; $where = "`mobile`='{$mobile}' AND `posttime`>'{$posttime}'"; $r = $sms_report_db->get_one($where, 'id,id_code', 'id DESC'); if ($r && $r['id_code'] == $mobile_verify) { $sms_report_db->update(array('id_code' => ''), $where); $userid = $_SESSION['userid']; $updateinfo = array(); $password = random(8, "23456789abcdefghkmnrstwxy"); $encrypt = random(6, "23456789abcdefghkmnrstwxyABCDEFGHKMNRSTWXY"); $updateinfo['encrypt'] = $encrypt; $updateinfo['password'] = password($password, $encrypt); $this->db->update($updateinfo, array('userid' => $userid)); $rs = $this->db->get_one(array('userid' => $userid), 'phpssouid'); if (pc_base::load_config('system', 'phpsso')) { //初始化phpsso $this->_init_phpsso(); $this->client->ps_member_edit('', '', '', $password, $rs['phpssouid'], $encrypt); } $status = sendsms($mobile, $password, 5); if ($status !== 0) { showmessage($status); } $_SESSION['mobile'] = ''; $_SESSION['userid'] = ''; $_SESSION['code'] = ''; showmessage("密码已重置成功!请查收手机", '?m=member&c=index&a=login'); } else { showmessage("短信验证码错误!请重新获取!"); } } else { showmessage("短信验证码已过期!请重新获取!"); } } else { $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1; $siteinfo = siteinfo($siteid); include template('member', 'forget_password_mobile'); } }
/** * 找回密码 */ public function public_forget_password() { $email_config = getcache('common', 'commons'); //SMTP MAIL 二种发送模式 if ($email_config['mail_type'] == '1') { if (empty($email_config['mail_user']) || empty($email_config['mail_password'])) { showmessage(L('email_config_empty'), HTTP_REFERER); } } $this->_session_start(); $member_setting = getcache('member_setting'); if (isset($_POST['dosubmit'])) { if ($_SESSION['code'] != strtolower($_POST['code'])) { showmessage(L('code_error'), HTTP_REFERER); } $memberinfo = $this->db->get_one(array('email' => $_POST['email'])); if (!empty($memberinfo['email'])) { $email = $memberinfo['email']; } else { showmessage(L('email_error'), HTTP_REFERER); } pc_base::load_sys_func('mail'); $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent); $code = sys_auth($memberinfo['userid'] . "\t" . SYS_TIME, 'ENCODE', $phpcms_auth_key); $url = APP_PATH . "index.php?m=member&c=index&a=public_forget_password&code={$code}"; $message = $member_setting['forgetpassword']; $message = str_replace(array('{click}', '{url}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url), $message); //获取站点名称 $sitelist = getcache('sitelist', 'commons'); if (isset($sitelist[$memberinfo['siteid']]['name'])) { $sitename = $sitelist[$memberinfo['siteid']]['name']; } else { $sitename = 'PHPCMS_V9_MAIL'; } sendmail($email, L('forgetpassword'), $message, '', '', $sitename); showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login'); } elseif ($_GET['code']) { $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent); $hour = date('y-m-d h', SYS_TIME); $code = sys_auth($_GET['code'], 'DECODE', $phpcms_auth_key); $code = explode("\t", $code); if (is_array($code) && is_numeric($code[0]) && date('y-m-d h', SYS_TIME) == date('y-m-d h', $code[1])) { $memberinfo = $this->db->get_one(array('userid' => $code[0])); if (empty($memberinfo['phpssouid'])) { showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login'); } $password = random(8); $updateinfo['password'] = password($password, $memberinfo['encrypt']); $this->db->update($updateinfo, array('userid' => $code[0])); if (pc_base::load_config('system', 'phpsso')) { //初始化phpsso $this->_init_phpsso(); $this->client->ps_member_edit('', $email, '', $password, $memberinfo['phpssouid'], $memberinfo['encrypt']); } showmessage(L('operation_success') . L('newpassword') . ':' . $password); } else { showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login'); } } else { $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1; $siteinfo = siteinfo($siteid); include template('member', 'forget_password'); } }
public function post_answer() { $M = getcache('ask', 'commons'); $M = $M[1]; $id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : ''; $SITE = siteinfo(SITEID); $_username = param::get_cookie('_username'); $_userid = param::get_cookie('_userid'); if (!$_userid) { $forward = isset($_GET['forward']) ? urlencode($_GET['forward']) : urlencode(get_url()); showmessage(L('please_login', '', 'member'), '?m=member&c=index&a=login&forward=' . $forward); } if ($_POST['dosubmit']) { if (!$id) { showmessage(L('illegal_parameters'), HTTP_REFERER); } if (!$_userid) { showmessage(L('please_login'), APP_PATH . 'index.php?m=member&c=index&a=login'); } if ($M['answer_code']) { $session_storage = 'session_' . pc_base::load_config('system', 'session_storage'); pc_base::load_sys_class($session_storage); session_start(); $code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : showmessage(L('please_enter_code'), HTTP_REFERER); if ($code != $_SESSION['code']) { showmessage(L('code_error'), HTTP_REFERER); } } $posts['message'] = isset($_POST['message']) && trim($_POST['message']) ? trim($_POST['message']) : showmessage(L('please_enter_content'), HTTP_REFERER); if (strlen($posts['message']) > 1000) { showmessage(L('answer_limit_1000'), HTTP_REFERER); } $posts['userid'] = $_userid; $posts['username'] = $_username; if ($M['answer_check']) { $posts['status'] = 1; } else { $posts['status'] = 3; } $posts['addtime'] = SYS_TIME; $posts['message'] = $M['use_editor'] ? strip_tags($posts['message']) : strip_tags($posts['message']); if ($this->db2->add($id, $posts)) { $forward = ask_url($catid, $id); if ($M['answer_check']) { showmessage(L('waitting_admin_check'), $forward); } else { showmessage(L('your_answer_submit_success'), $forward); } } else { showmessage(L('answer_has_answered_and_ischecking'), $forward); } } }
/** * 手机短信方式找回密码 */ public function public_forget_password_mobile() { $email_config = getcache('common', 'commons'); $this->_session_start(); $member_setting = getcache('member_setting'); if (isset($_POST['dosubmit'])) { //处理提交申请,以手机号为准 if ($_SESSION['code'] != strtolower($_POST['code'])) { showmessage(L('code_error'), HTTP_REFERER); } $mobile = $_POST['mobile']; $mobile_verify = intval($_POST['mobile_verify']); $password = $_POST['password']; $pwdconfirm = $_POST['pwdconfirm']; if ($password != $pwdconfirm) { showmessage(L('passwords_not_match'), HTTP_REFERER); } //验证手机号和传递的验证码是否匹配 $sms_report_db = pc_base::load_model('sms_report_model'); $sms_report_array = $sms_report_db->get_one(array("mobile" > $mobile, 'in_code' => $mobile_verify)); if (empty($sms_report_array)) { showmessage("手机和验证码不对应,请通过正常渠道修改密码!", HTTP_REFERER); } //更新密码 $updateinfo = array(); $updateinfo['password'] = $password; $this->db->update($updateinfo, array('userid' => $this->memberinfo['userid'])); if (pc_base::load_config('system', 'phpsso')) { //初始化phpsso $this->_init_phpsso(); $res = $this->client->ps_member_edit('', $email, $_POST['info']['password'], $_POST['info']['newpassword'], $this->memberinfo['phpssouid'], $this->memberinfo['encrypt']); } $memberinfo = $this->db->get_one(array('email' => $_POST['email'])); if (!empty($memberinfo['email'])) { $email = $memberinfo['email']; } else { showmessage(L('email_error'), HTTP_REFERER); } pc_base::load_sys_func('mail'); $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent); $code = sys_auth($memberinfo['userid'] . "\t" . SYS_TIME, 'ENCODE', $phpcms_auth_key); $url = APP_PATH . "index.php?m=member&c=index&a=public_forget_password&code={$code}"; $message = $member_setting['forgetpassword']; $message = str_replace(array('{click}', '{url}'), array('<a href="' . $url . '">' . L('please_click') . '</a>', $url), $message); //获取站点名称 $sitelist = getcache('sitelist', 'commons'); if (isset($sitelist[$memberinfo['siteid']]['name'])) { $sitename = $sitelist[$memberinfo['siteid']]['name']; } else { $sitename = 'PHPCMS_V9_MAIL'; } sendmail($email, L('forgetpassword'), $message, '', '', $sitename); showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login'); } else { $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1; $siteinfo = siteinfo($siteid); include template('member', 'forget_password_mobile'); } }
} </script> <?php $t = $_GET['t']; if (!isset($t)) { $t = 4; } $pt = isset($_GET['pt']) ? $_GET['pt'] : $t; ?> <?php $siteinfo = siteinfo($this->memberinfo['siteid']); ?> <?php $this->menu_db = pc_base::load_model('member_menu_model'); ?> <?php if ($_groupid > 12) { $menu_num = 9; } else { $menu_num = 9; } ?> <?php
" class="logo"> <img src="<?php echo siteinfo('siteinfo_logo_url'); ?> " alt="logo.png"/> </a> <?php } ?> <!-- Start. contacts block--> <div class="phones-header"> <span class="f-s_0 d_b"> <span class="icon_phone_header"></span> <span class="phone"> <span class="phone-number"><?php echo siteinfo('siteinfo_mainphone'); ?> </span> </span> </span> <div class="btn-order-call"> <button data-tab="true" data-drop="#ordercall" data-source="<?php echo site_url('shop/callback'); ?> "> <span class="icon_order_call"></span> <span class="text-el d_l"><?php echo lang('Заказать звонок', 'lightVertical'); ?> </span> </button>
?> "> <span class="icon_mail"></span> <span class="text-el"><?php echo siteinfo('siteinfo_adminemail'); ?> </span> </a></li> <?php } ?> <?php if (siteinfo('Skype')) { ?> <li><a class="f-s_0" href="skype:<?php echo siteinfo('Skype'); ?> "> <span class="icon_skype"></span> <span class="text-el"><?php echo siteinfo('Skype'); ?> </span> </a></li> <?php } ?> </ul> </div> </div> <div class="box-3"> <div class="inside-padd"> <div class="main-title"><?php echo lang('Сайт', 'lightVertical'); ?> </div>
?> css/ie_7.css" /> <script src="<?php if (isset($THEME)) { echo $THEME; } ?> js/localStorageJSON.js"></script> <![endif]--> <link rel="icon" href="<?php echo siteinfo('siteinfo_favicon_url'); ?> " type="image/x-icon" /> <link rel="shortcut icon" href="<?php echo siteinfo('siteinfo_favicon_url'); ?> " type="image/x-icon" /> </head> <body class="is<?php echo $agent[0]; ?> not-js"> <?php $this->include_tpl('language/jsLangsDefine.tpl', '/home/igor/sites/skidka-shop.com.ua/www/templates/lightVertical'); ?> <?php $this->include_tpl('language/jsLangs.tpl', '/home/igor/sites/skidka-shop.com.ua/www/templates/lightVertical'); ?> <div class="main-body"> <div class="fon-header">