Exemplo n.º 1
0
 if (strlen($memberfields['username'] = preg_replace("/(c:\\con\\con\$|[%,\\*\"\\s\t\\<\\>\\&])/i", "", $memberfields['username'])) > 15) {
     $memberfields['username'] = substr($memberfields['username'], 0, 15);
 }
 if (empty($remoteinfo['time']) || empty($memberfields['username']) || empty($memberfields['password']) || empty($memberfields['email'])) {
     exit('Lack of required parameters');
 } elseif ($timestamp - $remoteinfo['time'] > $_DCACHE['settings']['passport_expire']) {
     exit('Request expired');
 }
 $db = new dbstuff();
 $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
 unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
 if ($_DCACHE['settings']['passport_extcredits']) {
     $memberfields['extcredits' . $_DCACHE['settings']['passport_extcredits']] = $memberfields['credits'];
     $table_member_columns[] = 'extcredits' . $_DCACHE['settings']['passport_extcredits'];
 }
 $memberfields['regip'] = empty($memberfields['regip']) ? onlineip() : $memberfields['regip'];
 $memberfields['regdate'] = empty($memberfields['regdate']) ? $timestamp : $memberfields['regdate'];
 $query = $db->query("SELECT uid, secques FROM {$tablepre}members WHERE username='******'username']}'");
 if ($member = $db->fetch_array($query)) {
     $sql = $comma = '';
     foreach ($table_member_columns as $field) {
         if (isset($memberfields[$field])) {
             $sql .= "{$comma}{$field}='{$memberfields[$field]}'";
             $comma = ', ';
         }
     }
     $db->query("UPDATE {$tablepre}members SET {$sql} WHERE uid='{$member['uid']}'");
     $sql = $comma = '';
     foreach ($table_memberfields_columns as $field) {
         if (isset($memberfields[$field])) {
             $sql .= "{$comma}{$field}='{$memberfields[$field]}'";
Exemplo n.º 2
0
        empty($_GET['forward']) || header("Location: {$_GET['forward']}");
        exit('member data missing!');
    } elseif ($timestamp - $ckinfos['time'] > $pptin_expire) {
        empty($_GET['forward']) || header("Location: {$_GET['forward']}");
        exit('member data expired!');
    }
    $db = new cls_mysql();
    $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset);
    if ($cmember = $db->fetch_one("SELECT mid,checked FROM {$tblprefix}members WHERE mname='{$userinfos['mname']}'")) {
        $cmember['password'] != $userinfos['password'] && $db->query("UPDATE {$tblprefix}members SET password='******'password']}' WHERE mid={$cmember['mid']}");
        msetcookie('msid', '', -86400 * 365);
        msetcookie('userauth', authcode("{$userinfos['password']}\t{$cmember['mid']}", 'ENCODE'));
    } else {
        //只是写入会员资料记录,当第一次登录时需要激活,将checked设为2。
        $sqlstr = '';
        $userinfos['regip'] = empty($userinfos['regip']) ? onlineip() : $userinfos['regip'];
        $userinfos['regdate'] = empty($userinfos['regdate']) ? $timestamp : $userinfos['regdate'];
        foreach (array('mname', 'password', 'email', 'regip', 'regdate') as $var) {
            $sqlstr .= (empty($sqlstr) ? '' : ',') . "{$var}='{$userinfos[$var]}'";
        }
        $sqlstr .= ",checked='2'";
        $db->query("INSERT INTO {$tblprefix}members SET {$sqlstr}");
        //没有写入模型记录//没有初始化积分
        $userinfos['mid'] = $db->insert_id();
        $db->query("INSERT INTO {$tblprefix}members_sub SET mid='{$userinfos['mid']}'");
    }
    empty($_GET['forward']) || header("Location: {$_GET['forward']}");
    exit;
} elseif ($_GET['action'] == 'logout') {
    msetcookie('msid', '', -86400 * 365);
    msetcookie('userauth', '', -86400 * 365);