function EditSafeInfo($add)
{
global $empire, $dbtbpre, $public_r;
$user_r = islogin();
//是否登陆
$userid = $user_r[userid];
$username = $user_r[username];
$rnd = $user_r[rnd];
//邮箱
$email = trim($add['email']);
if (!$email || !chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
$email = RepPostStr($email);
//验证原密码
$oldpassword = RepPostVar($add[oldpassword]);
if (!$oldpassword) {
printerror('FailOldPassword', '', 1);
}
$add[password] = RepPostVar($add[password]);
$num = 0;
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,password,salt') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}'");
if (empty($ur['userid'])) {
printerror('FailOldPassword', '', 1);
}
if (!eDoCkMemberPw($oldpassword, $ur['password'], $ur['salt'])) {
printerror('FailOldPassword', '', 1);
}
//邮箱
$pr = $empire->fetch1("select regemailonly from {$dbtbpre}enewspublic limit 1");
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' and " . egetmf('userid') . "<>'{$userid}' limit 1");
if ($num) {
printerror("ReEmailFail", "history.go(-1)", 1);
}
}
//密码
$a = '';
$salt = '';
$truepassword = '';
if ($add[password]) {
if ($add[password] !== $add[repassword]) {
printerror('NotRepassword', 'history.go(-1)', 1);
}
$salt = eReturnMemberSalt();
$password = eDoMemberPw($add[password], $salt);
$a = "," . egetmf('password') . "='{$password}'," . egetmf('salt') . "='{$salt}'";
$truepassword = $add[password];
}
$sql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('email') . "='{$email}'" . $a . " where " . egetmf('userid') . "='{$userid}'");
if ($sql) {
//易通行系统
DoEpassport('editpassword', $userid, $username, $truepassword, $salt, $email, $user_r['groupid'], '');
printerror("EditInfoSuccess", "../member/EditInfo/EditSafeInfo.php", 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function qlogin($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
if ($ecms_config['member']['loginurl']) {
Header("Location:" . $ecms_config['member']['loginurl']);
exit;
}
$dopr = 1;
if ($_POST['prtype']) {
$dopr = 9;
}
$username = trim($add['username']);
$password = trim($add['password']);
if (!$username || !$password) {
printerror("EmptyLogin", "history.go(-1)", $dopr);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkloginkey';
if ($public_r['loginkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], $dopr);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$num = 0;
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$r['userid']) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if (!eDoCkMemberPw($password, $r['password'], $r['salt'])) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if ($r['checked'] == 0) {
if ($public_r['regacttype'] == 1) {
printerror('NotCheckedUser', '../member/register/regsend.php', 1);
} else {
printerror('NotCheckedUser', '', 1);
}
}
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($r['userid']);
}
$rnd = make_password(20);
//取得随机密码
//默认会员组
if (empty($r['groupid'])) {
$r['groupid'] = eReturnMemberDefGroupid();
}
$r['groupid'] = (int) $r['groupid'];
$lasttime = time();
//IP
$lastip = egetip();
$lastipport = egetipport();
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('rnd') . "='{$rnd}'," . egetmf('groupid') . "='{$r['groupid']}' where " . egetmf('userid') . "='{$r['userid']}'");
$empire->query("update {$dbtbpre}enewsmemberadd set lasttime='{$lasttime}',lastip='{$lastip}',loginnum=loginnum+1,lastipport='{$lastipport}' where userid='{$r['userid']}'");
//设置cookie
$lifetime = (int) $add['lifetime'];
$logincookie = 0;
if ($lifetime) {
$logincookie = time() + $lifetime;
}
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $r['userid'], $logincookie);
$set3 = esetcookie("mlgroupid", $r['groupid'], $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($r['userid'], $username, $rnd, $r['groupid'], $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl) {
$location = $returnurl;
}
if (strstr($_SERVER['HTTP_REFERER'], "e/member/iframe")) {
$location = "../member/iframe/";
}
if (strstr($location, "enews=exit") || strstr($location, "e/member/register") || strstr($_SERVER['HTTP_REFERER'], "e/member/register")) {
$location = "../member/cp/";
$_POST['ecmsfrom'] = '';
}
ecmsEmptyShowKey($keyvname);
//清空验证码
$set6 = esetcookie("returnurl", "");
if ($set1 && $set2) {
//易通行系统
DoEpassport('login', $r['userid'], $username, $password, $r['salt'], $r['email'], $r['groupid'], $r['registertime']);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("LoginSuccess", $location, $dopr);
} else {
printerror("NotCookie", "history.go(-1)", $dopr);
}
}
function DoRegSend($add)
{
global $empire, $dbtbpre, $public_r;
if ($public_r['regacttype'] != 1) {
printerror('CloseRegAct', '', 1);
}
$username = trim($add[username]);
$password = trim($add[password]);
$email = trim($add[email]);
$newemail = trim($add[newemail]);
if (!$username || !$password || !$email) {
printerror("EmptyRegAct", "history.go(-1)", 1);
}
//验证码
$key = $add['key'];
$keyvname = 'checkregsendkey';
ecmsCheckShowKey($keyvname, $key, 1);
$username = RepPostVar($username);
$password = RepPostVar($password);
$username = RepPostStr($username);
$email = RepPostStr($email);
$newemail = RepPostStr($newemail);
if (!chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
if ($newemail) {
if (!chemail($newemail)) {
printerror("EmailFail", "history.go(-1)", 1);
}
$sendemail = $newemail;
} else {
$sendemail = $email;
}
//密码
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$ur['userid']) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
$useremail = $r['email'];
if (!$r['userid'] || $useremail != $email) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
if ($r['checked']) {
printerror("HaveRegActUser", '', 1);
}
$addr = $empire->fetch1("select userid,authstr from {$dbtbpre}enewsmemberpub where userid='" . $r['userid'] . "' limit 1");
$ar = explode('||', $addr['authstr']);
if (!$addr['userid'] || !$addr['authstr'] || $ar[1] != 2) {
printerror("HaveRegActUser", '', 1);
}
ecmsEmptyShowKey($keyvname);
//清空验证码
SendActUserEmail($r['userid'], $username, $sendemail);
}
function AddPl($username, $password, $nomember, $key, $saytext, $id, $classid, $repid, $add)
{
global $empire, $dbtbpre, $public_r, $class_r, $level_r;
//验证本时间允许操作
eCheckTimeCloseDo('pl');
//验证IP
eCheckAccessDoIp('pl');
$id = (int) $id;
$repid = (int) $repid;
$classid = (int) $classid;
//验证码
$keyvname = 'checkplkey';
if ($public_r['plkey_ok']) {
ecmsCheckShowKey($keyvname, $key, 1);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mgroupid = (int) getcvar('mlgroupid');
if ($muserid) {
$cklgr = qCheckLoginAuthstr();
if ($cklgr['islogin']) {
$username = $musername;
} else {
$muserid = 0;
}
} else {
if (empty($nomember)) {
if (!$username || !$password) {
printerror("FailPassword", "history.go(-1)", 1);
}
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password,checked,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (empty($ur['userid'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if ($ur['checked'] == 0) {
printerror("NotCheckedUser", '', 1);
}
$muserid = $ur['userid'];
$mgroupid = $ur['groupid'];
} else {
$muserid = 0;
}
}
if ($public_r['plgroupid']) {
if (!$muserid) {
printerror("GuestNotToPl", "history.go(-1)", 1);
}
if ($level_r[$mgroupid][level] < $level_r[$public_r['plgroupid']][level]) {
printerror("NotLevelToPl", "history.go(-1)", 1);
}
}
//专题
$doaction = $add['doaction'];
if ($doaction == 'dozt') {
if (!trim($saytext) || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select ztid,closepl,checkpl,restb from {$dbtbpre}enewszt where ztid='{$classid}'");
if (!$r['ztid']) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($r['closepl']) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//审核
if ($r['checkpl']) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pubid = '-' . $classid;
$id = 0;
$pagefunr = eReturnRewritePlUrl($classid, $id, 'dozt', 0, 0, 1);
$returl = $pagefunr['pageurl'];
} else {
if (!trim($saytext) || !$id || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//表存在
if (empty($class_r[$classid][tbname])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select classid,stb,restb from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1");
if (!$r['classid'] || $r['classid'] != $classid) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($class_r[$r[classid]][openpl]) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//单信息关闭评论
$pubid = ReturnInfoPubid($classid, $id);
$finfor = $empire->fetch1("select closepl from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_data_" . $r['stb'] . " where id='{$id}' limit 1");
if ($finfor['closepl']) {
printerror("CloseInfoPl", "history.go(-1)", 1);
}
//审核
if ($class_r[$classid][checkpl]) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pagefunr = eReturnRewritePlUrl($classid, $id, 'doinfo', 0, 0, 1);
$returl = $pagefunr['pageurl'];
}
//设置参数
$plsetr = $empire->fetch1("select pltime,plsize,plincludesize,plclosewords,plmustf,plf,plmaxfloor,plquotetemp from {$dbtbpre}enewspl_set limit 1");
if (strlen($saytext) > $plsetr['plsize']) {
$GLOBALS['setplsize'] = $plsetr['plsize'];
printerror("PlSizeTobig", "history.go(-1)", 1);
}
$time = time();
$saytime = $time;
$pltime = getcvar('lastpltime');
if ($pltime) {
if ($time - $pltime < $plsetr['pltime']) {
$GLOBALS['setpltime'] = $plsetr['pltime'];
printerror("PlOutTime", "history.go(-1)", 1);
}
}
$sayip = egetip();
$eipport = egetipport();
$username = str_replace("\r\n", "", $username);
$username = RepPostStr($username);
$saytext = nl2br(RepFieldtextNbsp(RepPostStr($saytext)));
if ($repid) {
$saytext = RepPlTextQuote($repid, $saytext, $plsetr, $restb);
CkPlQuoteFloor($plsetr['plmaxfloor'], $saytext);
//验证楼层
}
//过滤字符
$saytext = ReplacePlWord($plsetr['plclosewords'], $saytext);
if ($level_r[$mgroupid]['plchecked']) {
$checked = 0;
}
$ret_r = ReturnPlAddF($add, $plsetr, 0);
//主表
$sql = $empire->query("insert into {$dbtbpre}enewspl_" . $restb . "(pubid,username,sayip,saytime,id,classid,checked,zcnum,fdnum,userid,isgood,saytext,eipport" . $ret_r['fields'] . ") values('{$pubid}','" . $username . "','{$sayip}','{$saytime}','{$id}','{$classid}','{$checked}',0,0,'{$muserid}',0,'" . addslashes($saytext) . "','{$eipport}'" . $ret_r['values'] . ");");
$plid = $empire->lastid();
if ($doaction != 'dozt') {
//信息表加1
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set plnum=plnum+1 where id='{$id}' limit 1");
}
//更新新评论数
DoUpdateAddDataNum('pl', $restb, 1);
//设置最后发表时间
$set1 = esetcookie("lastpltime", time(), time() + 3600 * 24);
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl($returl, $_POST['ecmsfrom']);
printerror("AddPlSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function DoEcmsMemberCheckUserPass($add)
{
global $empire, $dbtbpre, $ecms_config;
$dopr = 1;
if ($_POST['prtype']) {
$dopr = 9;
}
$username = trim($add['username']);
$password = trim($add['password']);
if (!$username || !$password) {
printerror("EmptyLogin", "history.go(-1)", $dopr);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$num = 0;
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$r['userid']) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if (!eDoCkMemberPw($password, $r['password'], $r['salt'])) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if ($r['checked'] == 0) {
printerror('NotCheckedUser', '', $dopr);
}
return $r;
}
