public function index()
{
//删除在线状态
$updata['zx'] = 0;
if (isset($_SESSION['cscms__id'])) {
$this->CsdjDB->get_update('user', $_SESSION['cscms__id'], $updata);
$this->CsdjDB->get_del('session', $_SESSION['cscms__id'], 'uid');
}
unset($_SESSION['cscms__id'], $_SESSION['cscms__name'], $_SESSION['cscms__login']);
//清除记住登录
$this->cookie->set_cookie("user_id");
$this->cookie->set_cookie("user_login");
//--------------------------- Ucenter ---------------------------
$log = User_Uc_Mode == 1 ? uc_user_synlogout : '';
//--------------------------- Ucenter ---------------------------
msg_url(L('logout_01') . $log, userurl(site_url('user/login')), 'ok');
//退出登录成功
}
public function reg_save()
{
//注册开关
if (User_Reg == 0) {
msg_url(L('reg_35'), Web_Path);
}
if (!isset($_SESSION['denglu__id'])) {
msg_url(L('open_09'), spacelink('login'));
}
$token = $this->input->post('token', TRUE);
if ($token != $_SESSION['token']) {
msg_url(L('open_16'), 'javascript:history.back();');
}
$userpass2 = $this->input->post('repassword', TRUE, TRUE);
$userinfo['code'] = random_string('alnum', 6);
$userinfo['name'] = $this->input->post('username', TRUE, TRUE);
$userinfo['pass'] = $this->input->post('userpass', TRUE, TRUE);
$userinfo['nichen'] = $this->input->post('usernichen', TRUE);
$userinfo['email'] = $this->input->post('useremail', TRUE, TRUE);
$userinfo['tel'] = $this->input->post('usertel', TRUE, TRUE);
$userinfo['regip'] = getip();
$userinfo['cion'] = User_Cion_Reg;
$userinfo['jinyan'] = User_Jinyan_Reg;
$userinfo['addtime'] = time();
$userinfo['yid'] = 0;
if ($userinfo['nichen'] == "0") {
$userinfo['nichen'] = '';
}
if (!is_username($userinfo['name'])) {
msg_url(L('reg_04'), 'javascript:history.back();');
}
if (!is_userpass($userinfo['pass'])) {
msg_url(L('reg_05'), 'javascript:history.back();');
}
if ($userinfo['pass'] != $userpass2) {
msg_url(L('reg_34'), 'javascript:history.back();');
}
if (!empty($userinfo['nichen']) && !is_username($userinfo['nichen'], 1)) {
msg_url(L('reg_06'), 'javascript:history.back();');
}
if (!is_email($userinfo['email'])) {
msg_url(L('reg_07'), 'javascript:history.back();');
}
//判断保留用户名
$ymext = explode('|', Home_Ymext);
if (in_array($userinfo['name'], $ymext)) {
msg_url(L('reg_08'), 'javascript:history.back();');
}
//判断同一IP注册时间限制
if (User_RegIP > 0) {
$row = $this->db->query("SELECT addtime FROM " . CS_SqlPrefix . "user where regip='" . $userinfo['regip'] . "' order by id desc")->row();
if ($row && $row->addtime + 3600 * User_RegIP > time()) {
msg_url(L('reg_09'), 'javascript:history.back();');
}
}
//判断用户名是否注册
$username = $this->CsdjDB->get_row('user', 'id', $userinfo['name'], 'name');
if ($username) {
msg_url(L('reg_10'), 'javascript:history.back();');
}
//判断邮箱是否注册
$useremail = $this->CsdjDB->get_row('user', 'id', $userinfo['email'], 'email');
if ($useremail) {
msg_url(L('reg_11'), 'javascript:history.back();');
}
//下面选填字段
$userinfo['qq'] = $this->input->post('userqq', TRUE);
$userinfo['sex'] = intval($this->input->post('usersex', TRUE));
$userinfo['city'] = $this->input->post('usercity', TRUE);
$userinfo['skins'] = Home_Skins;
$userinfo['qianm'] = '';
if (!empty($userinfo['tel'])) {
if (!is_tel($userinfo['tel'])) {
msg_url(L('reg_12'), 'javascript:history.back();');
}
//判断手机号码是否注册
$usertel = $this->CsdjDB->get_row('user', 'id', $userinfo['tel'], 'tel');
if ($usertel) {
msg_url(L('reg_13'), 'javascript:history.back();');
}
}
//判断手机强制验证
if (User_Tel == 1) {
if (empty($userinfo['tel'])) {
msg_url(L('reg_12'), 'javascript:history.back();');
}
$telcode = intval($this->input->post('telcode', TRUE));
if ($telcode == 0 || $telcode != $_SESSION['tel_code']) {
msg_url(L('reg_14'), 'javascript:history.back();');
}
}
//是否需要人工验证
if (User_RegFun == 1) {
$userinfo['yid'] = 1;
$title = L('reg_15');
}
//是否需要邮件验证
if (User_RegEmailFun == 1) {
$userinfo['yid'] = 2;
$title = L('reg_16', array($userinfo['email']));
}
//--------------------------- Ucenter ---------------------------
if (User_Uc_Mode == 1) {
include CSCMS . 'lib/Cs_Ucenter.php';
include CSCMSPATH . 'uc_client/client.php';
$uid = uc_user_register($userinfo['name'], $userinfo['pass'], $userinfo['email']);
if ($uid > 0) {
$userinfo['uid'] = $uid;
}
}
//--------------------------- Ucenter End ---------------------------
//密码加密
$userinfo['pass'] = md5(md5($userinfo['pass']) . $userinfo['code']);
$regid = $this->CsdjDB->get_insert('user', $userinfo);
if (intval($regid) == 0) {
msg_url(L('reg_17'), 'javascript:history.back();');
}
//修改第三方登录UID
$this->db->query("update " . CS_SqlPrefix . "useroauth set uid=" . $regid . " where id=" . $_SESSION['denglu__id'] . "");
//摧毁token
unset($_SESSION['token']);
unset($_SESSION['denglu__id']);
$this->load->model('CsdjEmail');
if (User_RegEmailFun == 1) {
//发送激活邮件
$key = md5($regid . $userinfo['name'] . $userinfo['pass'] . $userinfo['yid']);
$Msgs['username'] = $userinfo['name'];
$Msgs['url'] = userurl(site_url('user/reg/verify')) . "?key=" . $key . "&username="******"user_id", $regid, time() + 86400);
$this->cookie->set_cookie("user_login", $user_login, time() + 86400);
msg_url(L('reg_21'), userurl(site_url('user/space')), 'ok');
} else {
msg_url(L('reg_21') . $title . '~!', userurl(site_url('user/login')), 'ok');
}
}
<?php
defined('IN_DESTOON') or exit('Access Denied');
$comment = 0;
if (isset($MODULE[16])) {
$table = $DT_PRE . 'mall_comment';
$comment = 1;
$STARS = $L['star_type'];
$view = isset($view) ? 1 : 0;
$url = "file={$file}";
if ($view) {
$url .= "&view={$view}";
$condition = "buyer='{$username}' AND buyer_star>0";
} else {
$condition = "seller='{$username}' AND seller_star>0";
}
$demo_url = userurl($username, $url . '&page={destoon_page}', $domain);
$r = $db->get_one("SELECT COUNT(*) AS num FROM {$table} WHERE {$condition}", 'CACHE');
$items = $r['num'];
$pages = home_pages($items, $pagesize, $demo_url, $page);
$lists = array();
if ($items) {
$result = $db->query("SELECT * FROM {$table} WHERE {$condition} ORDER BY itemid DESC LIMIT {$offset},{$pagesize}");
while ($r = $db->fetch_array($result)) {
$lists[] = $r;
}
$db->free_result($result);
}
}
include template('credit', $template);
message($L['sendmail_pass_mailto']);
}
$title = trim(stripslashes($title));
if (strlen($title) < 5) {
message($L['pass_title']);
}
$content = trim(stripslashes($content));
if (strlen($content) < 10) {
message($L['pass_content']);
}
clear_upload($content);
$content = dsafe(save_local($content));
$content = ob_template('send', 'mail');
$DT['mail_name'] = $_company;
if (send_mail($email, $title, $content, '', false)) {
//$_email
message(lang($L['sendmail_success'], array($email)), 'sendmail.php');
} else {
message($L['sendmail_fail']);
}
} else {
$head_title = $L['sendmail_title'];
$email = isset($email) ? trim(stripslashes($email)) : '';
$title = isset($title) ? trim(stripslashes($title)) : '';
$content = isset($content) ? trim(stripslashes($content)) : '';
if ($action == 'page' && isset($title) && isset($linkurl)) {
$content = lang($L['sendmail_content'], array(userurl($_username), $_username, $title, $linkurl));
$title = lang($L['sendmail_title_new'], array($title));
}
include template('sendmail', $module);
}
function update($itemid)
{
$r = $this->db->get_one("SELECT username FROM {$this->table} WHERE itemid={$itemid}");
$linkurl = userurl($r['username'], 'file=introduce&itemid=' . $itemid);
return $this->db->query("UPDATE {$this->table} SET linkurl='{$linkurl}' WHERE itemid={$itemid}");
}
echo $t['vip'];
?>
.gif" alt="<?php
echo VIP;
?>
" title="<?php
echo VIP;
?>
:<?php
echo $t['vip'];
?>
级" align="absmiddle"/> <?php
}
?>
<a href="<?php
echo userurl($t['username']);
?>
" target="_blank"><?php
echo $t['company'];
?>
</a></td>
<td width="100" align="center">
<?php
if ($t['minsalary'] && $t['maxsalary']) {
echo $t['minsalary'];
?>
-<?php
echo $t['maxsalary'];
echo $DT['money_unit'];
?>
/月
function spacelink($url = '', $dir = '')
{
$uarr = explode(',', $url);
$url = str_replace(",", "/", $url);
$plub = $dir;
if ($dir == '' && defined('PLUBPATH')) {
$plub = PLUBPATH;
}
if ($dir == '') {
if ($plub != '' && file_exists(FCPATH . 'plugins/' . $plub . '/controllers/user/' . $uarr[0] . '.php')) {
$url = 'http://' . Web_Url . Web_Path . 'index.php/' . $plub . '/user/' . $url;
} else {
$url = 'http://' . Web_Url . Web_Path . 'index.php/user/' . $url;
}
} else {
$url = 'http://' . Web_Url . Web_Path . 'index.php/' . $plub . '/user/' . $url;
}
//伪静态
if (Web_Mode == 3) {
$url = str_replace("/index.php/", "/", $url);
}
$url = str_replace("/user/user/", "/user/", $url);
$url = userurl($url, $plub);
return $url;
}
<?php
defined('IN_DESTOON') or exit('Access Denied');
require DT_ROOT . '/module/' . $module . '/common.inc.php';
if ($action == 'master') {
$name = isset($name) ? urldecode($name) : '';
if ($name && $catid) {
$T = $db->get_one("SELECT manager FROM {$table}_group WHERE itemid={$catid}");
if ($T && $T['manager'] && strpos($T['manager'], $name) !== false) {
$username = get_user($name, 'passport', 'username');
if ($username) {
dheader(userurl($username));
}
}
}
dheader($MOD['linkurl']);
} else {
$itemid or dheader($MOD['linkurl']);
$R = $db->get_one("SELECT * FROM {$table}_reply WHERE itemid={$itemid}");
$R or dheader($MOD['linkurl']);
$tid = $R['tid'];
$T = $db->get_one("SELECT * FROM {$table} WHERE itemid={$tid}");
$T or dheader($MOD['linkurl']);
if ($MOD['reply_pagesize']) {
$pagesize = $MOD['reply_pagesize'];
}
if ($R['fid']) {
$page = ceil($R['fid'] / $pagesize);
} else {
$page = ceil(($T['reply'] + 1) / $pagesize);
}
<?php
defined('IN_DESTOON') or exit('Access Denied');
require DT_ROOT . '/module/' . $module . '/common.inc.php';
$url = isset($url) ? fix_link($url) : DT_PATH;
if (isset($username)) {
if (check_name($username)) {
$r = $db->get_one("SELECT linkurl FROM {$DT_PRE}company WHERE username='******'");
$url = $r ? $r['linkurl'] : userurl($username);
}
} else {
if (isset($aid)) {
$aid = intval($aid);
if ($aid) {
$r = $db->get_one("SELECT url,key_moduleid,key_id,typeid FROM {$DT_PRE}ad WHERE aid={$aid} AND fromtime<{$DT_TIME} AND totime>{$DT_TIME}");
if ($r) {
$url = $r['key_moduleid'] && $r['typeid'] > 5 ? 'redirect.php?mid=' . $r['key_moduleid'] . '&itemid=' . $r['key_id'] : $r['url'];
$db->query("UPDATE {$DT_PRE}ad SET hits=hits+1 WHERE aid={$aid}");
}
}
} else {
if ($mid) {
if (isset($MODULE[$mid]) && $itemid) {
if ($mid == 2) {
$mid = 4;
}
$condition = $mid == 4 ? "userid={$itemid}" : "itemid={$itemid}";
$r = $db->get_one("SELECT linkurl FROM " . get_table($mid) . " WHERE {$condition}");
if ($r) {
$url = strpos($r['linkurl'], '://') === false ? $MODULE[$mid]['linkurl'] . $r['linkurl'] : $r['linkurl'];
}
}
break;
case 'rename':
$cusername or message('当前会员名不能为空');
$nusername or message('会员名不能为空');
$user = $do->get_one($cusername);
$user or message('当前会员名不存在');
$userid = $user['userid'];
if (!$_founder && $cusername != $_username) {
if ($user['groupid'] == 1) {
msg('您无权修改其他管理员用户名');
}
}
if ($do->rename($cusername, $nusername)) {
if (!$user['domain']) {
$linkurl = userurl($nusername);
$db->query("UPDATE {$DT_PRE}company SET linkurl='{$linkurl}' WHERE userid={$userid}");
}
dmsg('修改成功', $forward);
} else {
msg($do->errmsg);
}
break;
case 'passport':
$cpassport or message('当前会员昵称不能为空');
$npassport or message('会员昵称不能为空');
$user = $db->get_one("SELECT * FROM {$DT_PRE}member WHERE passport='{$cpassport}'");
$user or message('当前会员昵称不存在');
$userid = $user['userid'];
if (!$_founder && $user['username'] != $_username) {
if ($user['groupid'] == 1) {
$itemid or dheader($MOD['linkurl']);
check_name($username) or dheader($MOD['linkurl']);
$user = userinfo($username);
$domain = $user['domain'];
if ($domain) {
$DT['rewrite'] = intval($CFG['com_rewrite']);
}
$r = $db->get_one("SELECT itemid FROM {$DT_PRE}sell_5 WHERE username='******' AND itemid>{$itemid} AND status=3 ORDER BY itemid ASC");
if ($r) {
dheader(userurl($username, 'file=sell&itemid=' . $r['itemid'], $domain));
}
dheader(userurl($username, 'file=sell', $domain));
break;
case 'prev':
$itemid or dheader($MOD['linkurl']);
check_name($username) or dheader($MOD['linkurl']);
$user = userinfo($username);
$domain = $user['domain'];
if ($domain) {
$DT['rewrite'] = intval($CFG['com_rewrite']);
}
$r = $db->get_one("SELECT itemid FROM {$DT_PRE}sell_5 WHERE username='******' AND itemid<{$itemid} AND status=3 ORDER BY itemid DESC");
if ($r) {
dheader(userurl($username, 'file=sell&itemid=' . $r['itemid'], $domain));
}
dheader(userurl($username, 'file=sell', $domain));
break;
default:
dheader($MOD['linkurl']);
break;
}
}
$post['userid'] = $_userid;
$post['addtime'] = $DT_TIME;
$do->add($post);
dmsg($L['op_add_success'], 'friend.php');
} else {
message($do->errmsg);
}
} else {
$username = isset($username) ? trim($username) : '';
$truename = $homepage = $company = $career = $telephone = $msn = $qq = $ali = $skype = '';
if ($username) {
$r = userinfo($username);
if ($r) {
$truename = $r['truename'];
$homepage = userurl($username);
$company = $r['company'];
$telephone = $r['telephone'];
$career = $r['career'];
$msn = $r['msn'];
$qq = $r['qq'];
$ali = $r['ali'];
$skype = $r['skype'];
}
}
$type_select = type_select('friend-' . $_userid, 0, 'post[typeid]', $L['default_type']);
$head_title = $L['friend_title_add'];
}
break;
case 'edit':
$itemid or message();
<td class="px11"><?php
echo $v['userid'];
?>
</td>
<td align="left"> <a href="javascript:_user('<?php
echo $v['username'];
?>
');" title="<?php
echo $v['truename'];
?>
"><?php
echo $v['username'];
?>
</a></td>
<td align="left"> <a href="<?php
echo userurl($v['username']);
?>
" target="_blank"><?php
echo $v['company'];
?>
</a></td>
<td class="px11"><a href="javascript:Dwidget('?moduleid=<?php
echo $moduleid;
?>
&file=record&username=<?php
echo $v['username'];
?>
', '[<?php
echo $v['username'];
?>
] <?php
function edit($member)
{
if (!$this->is_member($member)) {
return false;
}
$member = $this->set_member($member);
$r = $this->get_one();
$member['linkurl'] = userurl($r['username'], '', $member['domain']);
$member_fields = array('company', 'passport', 'sound', 'email', 'msn', 'qq', 'ali', 'skype', 'gender', 'truename', 'mobile', 'department', 'career', 'groupid', 'areaid', 'edittime', 'black', 'bank', 'account', 'vemail', 'vmobile', 'vbank', 'vtruename', 'vcompany', 'vtrade', 'trade', 'support', 'inviter');
$company_fields = array('company', 'type', 'areaid', 'catid', 'catids', 'business', 'mode', 'regyear', 'regunit', 'capital', 'size', 'address', 'postcode', 'telephone', 'fax', 'mail', 'homepage', 'sell', 'buy', 'introduce', 'thumb', 'keyword', 'linkurl', 'groupid', 'domain', 'icp', 'validated', 'validator', 'validtime', 'skin', 'template');
$member_sql = $company_sql = '';
foreach ($member as $k => $v) {
if (in_array($k, $member_fields)) {
$member_sql .= ",{$k}='{$v}'";
}
if (in_array($k, $company_fields)) {
$company_sql .= ",{$k}='{$v}'";
}
}
if ($member['password']) {
$password = md5(md5($member['password']));
$member_sql .= ",password='******'";
}
if ($member['payword']) {
$payword = md5(md5($member['payword']));
$member_sql .= ",payword='{$payword}'";
}
$member_sql = substr($member_sql, 1);
$company_sql = substr($company_sql, 1);
$this->db->query("UPDATE {$this->table_member} SET {$member_sql} WHERE userid={$this->userid}");
$this->db->query("UPDATE {$this->table_company} SET {$company_sql} WHERE userid={$this->userid}");
$content_table = content_table(4, $this->userid, is_file(DT_CACHE . '/4.part'), $this->table_company_data);
$this->db->query("UPDATE {$content_table} SET content='{$member['content']}' WHERE userid={$this->userid}");
$member['userid'] = $this->userid;
$member['vip'] = $r['vip'];
userclean($member['username']);
return true;
}
public function edit()
{
$token = $this->input->post('token', TRUE);
if ($token != $_SESSION['token']) {
msg_url(L('pass_04'), 'javascript:history.back();');
}
$key = $this->input->get_post('key', TRUE, TRUE);
//KEY
$username = $this->input->get_post('username', TRUE, TRUE);
//name
$userpass = $this->input->get_post('userpass', TRUE, TRUE);
$userpass2 = $this->input->get_post('userpass2', TRUE, TRUE);
if (empty($username) || empty($key)) {
msg_url(L('pass_11'), 'javascript:window.close();');
}
$row = $this->CsdjDB->get_row('user', 'id,name,code,pass,email', $username, 'name');
if (!$row) {
msg_url(L('pass_12'), 'javascript:window.close();');
}
if ($key != md5($row->id . $row->name . $row->pass . $row->email . substr(time(), 0, -6))) {
msg_url(L('pass_14'), 'javascript:window.close();');
}
if (empty($userpass)) {
msg_url(L('pass_15'), 'javascript:history.back();');
}
if ($userpass != $userpass2) {
msg_url(L('pass_16'), 'javascript:history.back();');
}
$edit['pass'] = md5(md5($userpass) . $row->code);
$this->CsdjDB->get_update('user', $row->id, $edit);
msg_url(L('pass_17'), userurl(site_url('user/login')));
}
public function cscms_common($str, $skins = '')
{
//解析头部、底部、左右分栏
$str = $this->topandend($str, $skins);
$str = str_replace("{cscms:webname}", Web_Name, $str);
$str = str_replace("{cscms:weburl}", Web_Url, $str);
$str = str_replace("{cscms:webpath}", Web_Path, $str);
$str = str_replace("{cscms:path}", "http://" . Web_Url . Web_Path, $str);
$str = str_replace("{cscms:indextempurl}", Skins_Dir('index', $skins), $str);
$dir = !defined('PLUBPATH') ? '' : PLUBPATH;
$str = str_replace("{cscms:tempurl}", Skins_Dir($dir, $skins), $str);
$str = str_replace("{cscms:stat}", str_decode(Web_Count), $str);
$str = str_replace("{cscms:notice}", str_decode(Web_Notice), $str);
$str = str_replace("{cscms:regxy}", str_decode(User_Regxy), $str);
//SEO代码
$seo = defined('PLUBPATH') ? config('Seo') : '';
$title = !empty($seo['title']) ? $seo['title'] : str_decode(Web_Title);
$str = str_replace("{cscms:title}", $title, $str);
$keywords = !empty($seo['keywords']) ? $seo['keywords'] : str_decode(Web_Keywords);
$str = str_replace("{cscms:keywords}", $keywords, $str);
$description = !empty($seo['description']) ? $seo['description'] : str_decode(Web_Description);
$str = str_replace("{cscms:description}", $description, $str);
$str = str_replace("{cscms:mail}", Admin_Mail, $str);
$str = str_replace("{cscms:qq}", Admin_QQ, $str);
$str = str_replace("{cscms:tel}", Admin_Tel, $str);
$str = str_replace("{cscms:icp}", Web_Icp, $str);
//判断登录状态
if (isset($_SESSION['cscms__id']) && isset($_SESSION['cscms__login'])) {
$str = str_replace("{cscms:login}", "ok", $str);
$str = str_replace("{cscms:uid}", $_SESSION['cscms__id'], $str);
} else {
$str = str_replace("{cscms:login}", "no", $str);
$str = str_replace("{cscms:uid}", 0, $str);
}
//网站部分链接
if (Web_Mode == 2) {
$str = str_replace('{cscms:gbooklink}', 'http://' . Web_Url . Web_Path . 'gbook.html', $str);
} else {
$str = str_replace('{cscms:gbooklink}', site_url('gbook'), $str);
}
//搜索链接
$solink = '';
if ($dir != '') {
$Ym_Mode = config('Ym_Mode', $dir);
//二级域名状态
$Ym_Url = config('Ym_Url', $dir);
//二级域名地址
if ($Ym_Mode == 1) {
$solink = 'http://' . $Ym_Url . Web_Path . 'index.php/search';
} else {
$solink = Web_Path . 'index.php/' . $dir . '/search';
}
}
$str = str_replace('{cscms:solink}', $solink, $str);
$str = str_replace('{cscms:codes}', site_url('api/codes'), $str);
$str = str_replace('{cscms:userlink}', site_url('user'), $str);
$str = str_replace('{cscms:loginlink}', site_url('user/login'), $str);
$str = str_replace('{cscms:reglink}', site_url('user/reg'), $str);
$str = str_replace('{cscms:passlink}', site_url('user/pass'), $str);
$str = str_replace('{cscms:qqlink}', site_url('user/open/login/qq'), $str);
$str = str_replace('{cscms:weibolink}', site_url('user/open/login/weibo'), $str);
$str = str_replace('{cscms:kaixinlink}', site_url('user/open/login/kaixin'), $str);
$str = str_replace('{cscms:baidulink}', site_url('user/open/login/baidu'), $str);
$str = str_replace('{cscms:doubanlink}', site_url('user/open/login/douban'), $str);
$str = str_replace('{cscms:sohulink}', site_url('user/open/login/sohu'), $str);
$str = str_replace('{cscms:wangyilink}', site_url('user/open/login/netease'), $str);
$str = str_replace('{cscms:renrenlink}', site_url('user/open/login/renren'), $str);
$str = userurl($str);
return $str;
}
public function verify()
{
$key = $this->input->get_post('key', TRUE);
//KEY
$username = $this->input->get_post('username', TRUE, TRUE);
//name
if (empty($username) || empty($key)) {
msg_url(L('reg_22'), 'javascript:window.close();');
}
$row = $this->CsdjDB->get_row('user', 'id,name,pass,yid', $username, 'name');
if (!$row) {
msg_url(L('reg_23'), 'javascript:window.close();');
}
if ($key != md5($row->id . $row->name . $row->pass . $row->yid)) {
msg_url(L('reg_24'), 'javascript:window.close();');
}
$edit['yid'] = User_RegFun == 1 ? 1 : 0;
$this->CsdjDB->get_update('user', $row->id, $edit);
if (User_RegFun == 1) {
msg_url(L('reg_25'), 'javascript:window.close();', 'ok');
} else {
msg_url(L('reg_26'), userurl(site_url('user/login')), 'ok');
}
}
foreach ($lists as $k => $v) {
?>
<tr onmouseover="this.className='on';" onmouseout="this.className='';" align="center">
<td><input type="checkbox" name="itemid[]" value="<?php
echo $v['itemid'];
?>
"/></td>
<td><a href="<?php
echo $v['image'];
?>
" target="_blank"><img src="<?php
echo $v['thumb'];
?>
" width="50" style="padding:5px;"/></a></td>
<td><a href="<?php
echo userurl($v['username'], 'file=honor&itemid=' . $v['itemid']);
?>
" target="_blank"><?php
echo $v['title'];
?>
</a></td>
<td><?php
echo $v['authority'];
?>
</td>
<td><?php
echo $v['fromdate'];
?>
</td>
<td><?php
echo $v['todate'];
function get_list($condition = 'status=3', $order = 'edittime DESC', $cache = '')
{
global $MOD, $pages, $page, $pagesize, $offset, $items, $sum;
if ($page > 1 && $sum) {
$items = $sum;
} else {
$r = $this->db->get_one("SELECT COUNT(*) AS num FROM {$this->table} WHERE {$condition}", $cache);
$items = $r['num'];
}
$pages = defined('CATID') ? listpages(1, CATID, $items, $page, $pagesize, 10, $MOD['linkurl']) : pages($items, $page, $pagesize);
if ($items < 1) {
return array();
}
$lists = $catids = $CATS = array();
$result = $this->db->query("SELECT * FROM {$this->table} WHERE {$condition} ORDER BY {$order} LIMIT {$offset},{$pagesize}", $cache);
while ($r = $this->db->fetch_array($result)) {
$r['alt'] = $r['title'];
$r['title'] = set_style($r['title'], $r['style']);
$r['userurl'] = userurl($r['username']);
$r['linkurl'] = $MOD['linkurl'] . $r['linkurl'];
$catids[$r['catid']] = $r['catid'];
$lists[] = $r;
}
if ($catids) {
$result = $this->db->query("SELECT catid,catname,linkurl FROM {$this->db->pre}category WHERE catid IN (" . implode(',', $catids) . ")");
while ($r = $this->db->fetch_array($result)) {
$CATS[$r['catid']] = $r;
}
if ($CATS) {
foreach ($lists as $k => $v) {
$lists[$k]['catname'] = $v['catid'] ? $CATS[$v['catid']]['catname'] : '';
$lists[$k]['caturl'] = $v['catid'] ? $MOD['linkurl'] . $CATS[$v['catid']]['linkurl'] : '';
}
}
}
return $lists;
}
<?php
defined('IN_DESTOON') or exit('Access Denied');
login();
isset($MODULE[17]) or dheader($MODULE[2]['linkurl']);
require DT_ROOT . '/module/' . $module . '/common.inc.php';
require DT_ROOT . '/include/post.func.php';
include load('order.lang');
$_status = $L['group_status'];
$dstatus = $L['group_dstatus'];
$_send_status = $L['send_status'];
$dsend_status = $L['send_dstatus'];
$step = isset($step) ? trim($step) : '';
$timenow = timetodate($DT_TIME, 3);
$memberurl = $MOD['linkurl'];
$myurl = userurl($_username);
$table = $DT_PRE . 'group_order';
if ($action == 'update') {
$itemid or message();
$td = $db->get_one("SELECT * FROM {$table} WHERE itemid={$itemid}");
$td or message($L['group_msg_null']);
if ($td['buyer'] != $_username && $td['seller'] != $_username) {
message($L['group_msg_deny']);
}
$td['adddate'] = timetodate($td['addtime'], 5);
$td['updatedate'] = timetodate($td['updatetime'], 5);
$td['linkurl'] = DT_PATH . 'api/redirect.php?mid=17&itemid=' . $td['gid'];
$gid = $td['gid'];
$nav = $_username == $td['buyer'] ? 'action_order' : 'action';
switch ($step) {
case 'detail':
<?php
defined('IN_DESTOON') or exit('Access Denied');
if ($DT_BOT) {
dhttp(403);
}
require DT_ROOT . '/module/' . $module . '/common.inc.php';
check_group($_groupid, $MOD['group_compare']) or dalert(lang('message->without_permission'), 'goback');
$DT_URL = $DT_REF;
$itemid && is_array($itemid) or dalert($L['compare_choose'], 'goback');
$itemid = array_unique($itemid);
$item_nums = count($itemid);
$item_nums < 9 or dalert($L['compare_max'], 'goback');
$item_nums > 1 or dalert($L['compare_min'], 'goback');
$itemid = implode(',', $itemid);
$tags = array();
$result = $db->query("SELECT * FROM {$table} WHERE itemid IN ({$itemid}) ORDER BY addtime DESC");
while ($r = $db->fetch_array($result)) {
if ($r['status'] != 3) {
continue;
}
$r['editdate'] = timetodate($r['edittime'], 3);
$r['adddate'] = timetodate($r['addtime'], 3);
$r['stitle'] = dsubstr($r['title'], 30);
$r['stitle'] = set_style($r['stitle'], $r['style']);
$r['userurl'] = userurl($r['username']);
$r['linkurl'] = $MOD['linkurl'] . $r['linkurl'];
$tags[] = $r;
}
$head_title = $L['compare_title'] . $DT['seo_delimiter'] . $MOD['name'];
include template($MOD['template_compare'] ? $MOD['template_compare'] : 'compare', $module);
function User_Login($cid = 0, $key = '')
{
if (!empty($key)) {
$key = unserialize(stripslashes(sys_auth($key, 'D')));
$id = isset($key['id']) ? intval($key['id']) : 0;
$logstr = isset($key['login']) ? $key['login'] : '';
} else {
$id = isset($_SESSION['cscms__id']) ? intval($_SESSION['cscms__id']) : 0;
$logstr = isset($_SESSION['cscms__login']) ? $_SESSION['cscms__login'] : '';
}
$user_id = intval($this->cookie->get_cookie('user_id'));
$user_login = $this->cookie->get_cookie('user_login');
$login = FALSE;
if ($id == 0 || empty($logstr)) {
if ($user_id > 0 && !empty($user_login)) {
//判断非法COOKIE
if (!preg_match('/^[0-9a-zA-Z]*$/', $user_login)) {
$userlogin = '';
}
$row = $this->db->query("SELECT id,name,code,pass,lognum,level,jinyan,cion,vip,logtime,viptime FROM " . CS_SqlPrefix . "user where id=" . $user_id . "")->row();
if ($row) {
//判断账号密码是否正确
if (md5($row->name . $row->pass . $row->code) == $user_login) {
//每天登陆加积分
if (User_Cion_Log > 0 && date("Y-m-d", $row->logtime) != date('Y-m-d')) {
$updata['cion'] = $row->cion + User_Cion_Log;
}
//判断VIP
if ($row->vip > 0 && $viptime < time()) {
$updata['vip'] = 0;
$updata['viptime'] = 0;
}
//判断等级
$level = getlevel($row->jinyan);
if ($level > $row->level) {
$updata['level'] = $level;
//发送等级通知
$add['uida'] = $row->id;
$add['uidb'] = 0;
$add['name'] = '用户等级升级通知';
$add['neir'] = '恭喜您,您的用户等级升级到Lv' . $level;
$add['addtime'] = time();
$this->CsdjDB->get_insert('msg', $add);
}
//修改登录时间
$updata['zx'] = 1;
$updata['lognum'] = $row->lognum + 1;
$updata['logtime'] = time();
$updata['logip'] = getip();
$updata['logms'] = time();
$this->CsdjDB->get_update('user', $user_id, $updata);
//登录日志
if (date("Y-m-d", $row->logtime) != date('Y-m-d')) {
$this->load->library('user_agent');
$agent = ($this->agent->is_mobile() ? $this->agent->mobile() : $this->agent->platform()) . ' / ' . $this->agent->browser() . ' v' . $this->agent->version();
$add['uid'] = $row->id;
$add['loginip'] = getip();
$add['logintime'] = time();
$add['useragent'] = $agent;
$this->CsdjDB->get_insert('user_log', $add);
}
$_SESSION['cscms__id'] = $row->id;
$_SESSION['cscms__name'] = $row->name;
$_SESSION['cscms__login'] = md5($row->name . $row->pass);
$login = TRUE;
}
}
}
} else {
$row = $this->db->query("SELECT id,name,pass,level,jinyan FROM " . CS_SqlPrefix . "user where id='{$id}'")->row();
if ($row) {
if (md5($row->name . $row->pass) == $logstr) {
$login = TRUE;
//判断等级
$level = getlevel($row->jinyan);
if ($level > $row->level) {
$updata['level'] = $level;
//发送等级通知
$add['uida'] = $row->id;
$add['uidb'] = 0;
$add['name'] = '用户等级升级通知';
$add['neir'] = '恭喜您,您的用户等级升级到Lv' . $level;
$add['addtime'] = time();
$this->CsdjDB->get_insert('msg', $add);
}
//改变在线秒数
$updata['zx'] = 1;
$updata['logms'] = time();
$this->CsdjDB->get_update('user', $id, $updata);
}
}
}
if (!$login) {
//清除非法登录
unset($_SESSION['cscms__id'], $_SESSION['cscms__name'], $_SESSION['cscms__login']);
//清除记住登录
$this->cookie->set_cookie("user_id");
$this->cookie->set_cookie("user_login");
if ($cid == 0) {
msg_url('您还没有登录或者登录已超时~!', userurl(site_url('user/login')));
}
} else {
//判断每天会员要删除的数据
$day = @file_get_contents(FCPATH . "cache/cscms_time/day.txt");
if (date('d') != $day) {
//清空每天分享,发布
$uedit['addhits'] = 0;
$this->CsdjDB->get_update('user', $_SESSION['cscms__id'], $uedit);
write_file(FCPATH . "cache/cscms_time/day.txt", date('d'));
}
}
return $login;
}
$url = $memberurl . 'trade.php?action=order&itemid=' . $itemid;
$content = lang($L['trade_message_c3'], array($myurl, $_username, $timenow, $url));
$content = ob_template('messager', 'mail');
send_message($touser, $title, $content);
message('发货成功,请等待买家确认收货', $MODULE[2]['linkurl'] . 'trade.php?itemid=' . $itemid);
}
} else {
if ($_GET['trade_status'] == 'TRADE_FINISHED') {
//判断该笔订单是否在商户网站中已经做过处理(可参考“集成教程”中“3.4返回数据处理”)
//如果没有做过处理,根据订单号(out_trade_no)在商户网站的订单系统中查到该笔订单的详细,并执行商户的业务程序
//如果有做过处理,不执行商户的业务程序
if ($td['status'] == 3) {
$db->query("UPDATE {$DT_PRE}mall_order SET status=4,updatetime={$DT_TIME} WHERE itemid={$itemid}");
//更新商品数据
$db->query("UPDATE {$DT_PRE}mall SET orders=orders+1,sales=sales+{$td['number']},amount=amount-{$td['number']} WHERE itemid={$mallid}");
$myurl = userurl($td['buyer']);
$_username = $td['seller'];
//send message
$touser = $td['seller'];
$title = lang($L['trade_message_t4'], array($itemid));
$url = $memberurl . 'trade.php?itemid=' . $itemid;
$content = lang($L['trade_message_c4'], array($myurl, $_username, $timenow, $url));
$content = ob_template('messager', 'mail');
send_message($touser, $title, $content);
message('交易成功', $MODULE[2]['linkurl'] . 'trade.php?action=order&itemid=' . $itemid);
}
} else {
if ($_GET['trade_status'] == 'WAIT_BUYER_PAY') {
message('订单创建成功,请尽快通过支付宝付款', $MODULE[2]['linkurl'] . 'trade.php?action=order&itemid=' . $itemid);
} else {
//echo "trade_status=".$_GET['trade_status'];
$do = new member();
if ($submit) {
if (word_count($note) > 1000) {
message($L['index_msg_note_limit']);
}
$note = '<?php exit;?>' . htmlspecialchars(stripslashes($note));
file_put(DT_ROOT . '/file/user/' . dalloc($_userid) . '/' . $_userid . '/note.php', $note);
dmsg($L['op_update_success'], $MODULE[2]['linkurl']);
} else {
$head_title = '';
$do->userid = $_userid;
$user = $do->get_one();
extract($user);
$logintime = timetodate($logintime, 5);
$regtime = timetodate($regtime, 5);
$userurl = userurl($_username, '', $domain);
$sys = array();
$i = 0;
$result = $db->query("SELECT itemid,title,addtime,groupids FROM {$DT_PRE}message WHERE groupids<>'' ORDER BY itemid DESC", 'CACHE');
while ($r = $db->fetch_array($result)) {
$groupids = explode(',', $r['groupids']);
if (!in_array($_groupid, $groupids)) {
continue;
}
if ($i > 2) {
continue;
}
$i++;
$sys[] = $r;
}
$note = DT_ROOT . '/file/user/' . dalloc($_userid) . '/' . $_userid . '/note.php';
$pagesize = intval($menu_num[$menuid]);
if (!$pagesize || $pagesize > 100) {
$pagesize = 16;
}
if ($view) {
$pagesize = ceil($pagesize / 2);
}
$offset = ($page - 1) * $pagesize;
$r = $db->get_one("SELECT COUNT(*) AS num FROM {$table} WHERE {$condition}", 'CACHE');
$items = $r['num'];
$pages = home_pages($items, $pagesize, $demo_url, $page);
$lists = array();
if ($items) {
$result = $db->query("SELECT " . $MOD['fields'] . " FROM {$table} WHERE {$condition} ORDER BY edittime DESC LIMIT {$offset},{$pagesize}");
while ($r = $db->fetch_array($result)) {
$r['alt'] = $r['title'];
$r['title'] = set_style($r['title'], $r['style']);
$r['linkurl'] = $homeurl ? $MOD['linkurl'] . $r['linkurl'] : userurl($username, "file={$file}&itemid={$r['itemid']}", $domain);
if ($kw) {
$r['title'] = str_replace($kw, '<span class="highlight">' . $kw . '</span>', $r['title']);
$r['introduce'] = str_replace($kw, '<span class="highlight">' . $kw . '</span>', $r['introduce']);
}
$lists[] = $r;
}
$db->free_result($result);
}
if ($EXT['mobile_enable']) {
$head_mobile = $EXT['mobile_url'] . 'index.php?moduleid=4&username='******'&action=' . $file . ($typeid ? '&typeid=' . $typeid : '') . ($page > 1 ? '&page=' . $page : '');
}
}
include template('mall', $template);
</td> </tr> <tr> <td class="tl">发件人</td> <td><a href="<?php echo userurl($fromuser); ?> " target="_blank"><?php echo $fromuser; ?> </a></td> </tr> <tr> <td class="tl">收件人</td> <td><a href="<?php echo userurl($touser); ?> " target="_blank"><?php echo $touser; ?> </a></td> </tr> <tr> <td class="tl">发信时间</td> <td><?php echo timetodate($addtime, 6); ?> </td> </tr> <tr> <td class="tl">发信IP</td>
function get_list($condition, $order = 'itemid DESC')
{
global $MODULE, $pages, $page, $pagesize, $offset, $pagesize, $L, $sum;
if ($page > 1 && $sum) {
$items = $sum;
} else {
$r = $this->db->get_one("SELECT COUNT(*) AS num FROM {$this->pre}message WHERE {$condition}");
$items = $r['num'];
}
$pages = pages($items, $page, $pagesize);
$messages = array();
$result = $this->db->query("SELECT * FROM {$this->pre}message WHERE {$condition} ORDER BY {$order} LIMIT {$offset},{$pagesize}");
while ($r = $this->db->fetch_array($result)) {
$r['adddate'] = timetodate($r['addtime'], $L['message_list_date']);
$r['dtitle'] = dsubstr($r['title'], 55, '...');
$r['user'] = $r['status'] > 2 ? $r['fromuser'] ? $r['fromuser'] : $L['message_from_system'] : $r['touser'];
if ($r['fromuser']) {
$r['user'] = $r['status'] > 2 ? $r['fromuser'] : $r['touser'];
$r['userurl'] = userurl($r['user']);
} else {
$r['user'] = $r['typeid'] == 4 ? $L['message_from_system'] : $L['guest'];
$r['userurl'] = '';
}
$messages[] = $r;
}
return $messages;
}
$note = dhtmlspecialchars($v['note']);
$title = addslashes($t['title']);
$linkurl = $MOD['linkurl'] . $t['linkurl'];
$status = $MOD['checkorder'] ? 0 : 1;
$fee_name = '';
$fee = $cod = 0;
$db->query("INSERT INTO {$DT_PRE}mall_order (mid,mallid,buyer,seller,title,thumb,price,number,amount,addtime,updatetime,note, buyer_postcode,buyer_address,buyer_name,buyer_phone,buyer_mobile,status,fee_name,fee,cod) VALUES ('{$moduleid}','{$itemid}','{$_username}','{$t['username']}','{$title}','{$t['thumb']}','{$price}','{$number}','{$amount}','{$DT_TIME}','{$DT_TIME}','{$note}','{$buyer_postcode}','{$buyer_address}','{$buyer_name}','{$buyer_phone}','{$buyer_mobile}','{$status}','{$fee_name}','{$fee}','{$cod}')");
$oid = $db->insert_id();
$ids .= ',' . $oid;
//send message
$touser = $t['username'];
$_title = $title;
$title = lang($L['trade_message_t6'], array($oid));
$url = $MODULE[2]['linkurl'] . 'trade.php?itemid=' . $oid;
$goods = '<a href="' . $linkurl . '" target="_blank" class="t"><strong>' . $_title . '</strong></a>';
$content = lang($L['trade_message_c6'], array(userurl($_username), $_username, timetodate($DT_TIME, 3), $goods, $oid, $amount, $url));
$content = ob_template('messager', 'mail');
send_message($touser, $title, $content);
}
}
}
$forward = 'action=order';
if (!$MOD['checkorder']) {
if ($ids) {
$ids = substr($ids, 1);
if (is_numeric($ids)) {
$forward = 'action=update&step=pay&itemid=' . $ids;
} else {
$forward = 'action=muti&itemids=' . $ids;
}
}
$table = $DT_PRE . 'page';
$table_data = $DT_PRE . 'page_data';
if ($itemid) {
$item = $db->get_one("SELECT * FROM {$table} WHERE itemid={$itemid}");
if (!$item || $item['status'] < 3 || $item['username'] != $username) {
dheader($MENU[$menuid]['linkurl']);
}
extract($item);
$t = $db->get_one("SELECT content FROM {$table_data} WHERE itemid={$itemid}");
$content = $t['content'];
if (!$DT_BOT) {
$db->query("UPDATE LOW_PRIORITY {$table} SET hits=hits+1 WHERE itemid={$itemid}", 'UNBUFFERED');
}
$head_title = $title . $DT['seo_delimiter'] . $head_title;
$head_keywords = $title . ',' . $COM['company'];
$head_description = get_intro($content, 200);
} else {
$content_table = content_table(4, $userid, is_file(DT_CACHE . '/4.part'), $DT_PRE . 'company_data');
$t = $db->get_one("SELECT content FROM {$content_table} WHERE userid={$userid}");
$content = $t['content'];
$COM['thumb'] = $COM['thumb'] ? $COM['thumb'] : DT_SKIN . 'image/company.jpg';
}
$TYPE = array();
$result = $db->query("SELECT itemid,title,style FROM {$table} WHERE status=3 AND username='******' ORDER BY listorder DESC,addtime DESC");
while ($r = $db->fetch_array($result)) {
$r['alt'] = $r['title'];
$r['title'] = set_style($r['title'], $r['style']);
$r['linkurl'] = userurl($username, "file={$file}&itemid={$r['itemid']}", $domain);
$TYPE[] = $r;
}
include template('introduce', $template);
$menu_order = explode(',', isset($HOME['menu_order']) ? $HOME['menu_order'] : $_menu_order);
$menu_num = explode(',', isset($HOME['menu_num']) ? $HOME['menu_num'] : $_menu_num);
$menu_file = explode(',', isset($HOME['menu_file']) ? $HOME['menu_file'] : $_menu_file);
$menu_name = explode(',', isset($HOME['menu_name']) ? $HOME['menu_name'] : $_menu_name);
$_HMENU = array();
asort($menu_order);
foreach ($menu_order as $k => $v) {
$_HMENU[$k] = $HMENU[$k];
}
$HMENU = $_HMENU;
$MENU = array();
$menuid = 0;
foreach ($HMENU as $k => $v) {
if ($menu_show[$k] && in_array($menu_file[$k], $MFILE)) {
$MENU[$k]['name'] = $menu_name[$k];
$MENU[$k]['linkurl'] = userurl($username, 'file=' . $menu_file[$k], $domain);
}
if ($file == $menu_file[$k]) {
$menuid = $k;
}
if ($menu_num[$k] < 1 || $menu_num[$k] > 50) {
$menu_num[$k] = 10;
}
}
$side_show = explode(',', isset($HOME['side_show']) ? $HOME['side_show'] : $_side_show);
$side_order = explode(',', isset($HOME['side_order']) ? $HOME['side_order'] : $_side_order);
$side_num = explode(',', isset($HOME['side_num']) ? $HOME['side_num'] : $_side_num);
$side_file = explode(',', isset($HOME['side_file']) ? $HOME['side_file'] : $_side_file);
$side_name = explode(',', isset($HOME['side_name']) ? $HOME['side_name'] : $_side_name);
$_HSIDE = array();
asort($side_order);
