if (strlen($memberfields['username'] = preg_replace("/(c:\\con\\con\$|[%,\\*\"\\s\t\\<\\>\\&])/i", "", $memberfields['username'])) > 15) { $memberfields['username'] = substr($memberfields['username'], 0, 15); } if (empty($remoteinfo['time']) || empty($memberfields['username']) || empty($memberfields['password']) || empty($memberfields['email'])) { exit('Lack of required parameters'); } elseif ($timestamp - $remoteinfo['time'] > $_DCACHE['settings']['passport_expire']) { exit('Request expired'); } $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); if ($_DCACHE['settings']['passport_extcredits']) { $memberfields['extcredits' . $_DCACHE['settings']['passport_extcredits']] = $memberfields['credits']; $table_member_columns[] = 'extcredits' . $_DCACHE['settings']['passport_extcredits']; } $memberfields['regip'] = empty($memberfields['regip']) ? onlineip() : $memberfields['regip']; $memberfields['regdate'] = empty($memberfields['regdate']) ? $timestamp : $memberfields['regdate']; $query = $db->query("SELECT uid, secques FROM {$tablepre}members WHERE username='******'username']}'"); if ($member = $db->fetch_array($query)) { $sql = $comma = ''; foreach ($table_member_columns as $field) { if (isset($memberfields[$field])) { $sql .= "{$comma}{$field}='{$memberfields[$field]}'"; $comma = ', '; } } $db->query("UPDATE {$tablepre}members SET {$sql} WHERE uid='{$member['uid']}'"); $sql = $comma = ''; foreach ($table_memberfields_columns as $field) { if (isset($memberfields[$field])) { $sql .= "{$comma}{$field}='{$memberfields[$field]}'";
empty($_GET['forward']) || header("Location: {$_GET['forward']}"); exit('member data missing!'); } elseif ($timestamp - $ckinfos['time'] > $pptin_expire) { empty($_GET['forward']) || header("Location: {$_GET['forward']}"); exit('member data expired!'); } $db = new cls_mysql(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); if ($cmember = $db->fetch_one("SELECT mid,checked FROM {$tblprefix}members WHERE mname='{$userinfos['mname']}'")) { $cmember['password'] != $userinfos['password'] && $db->query("UPDATE {$tblprefix}members SET password='******'password']}' WHERE mid={$cmember['mid']}"); msetcookie('msid', '', -86400 * 365); msetcookie('userauth', authcode("{$userinfos['password']}\t{$cmember['mid']}", 'ENCODE')); } else { //只是写入会员资料记录,当第一次登录时需要激活,将checked设为2。 $sqlstr = ''; $userinfos['regip'] = empty($userinfos['regip']) ? onlineip() : $userinfos['regip']; $userinfos['regdate'] = empty($userinfos['regdate']) ? $timestamp : $userinfos['regdate']; foreach (array('mname', 'password', 'email', 'regip', 'regdate') as $var) { $sqlstr .= (empty($sqlstr) ? '' : ',') . "{$var}='{$userinfos[$var]}'"; } $sqlstr .= ",checked='2'"; $db->query("INSERT INTO {$tblprefix}members SET {$sqlstr}"); //没有写入模型记录//没有初始化积分 $userinfos['mid'] = $db->insert_id(); $db->query("INSERT INTO {$tblprefix}members_sub SET mid='{$userinfos['mid']}'"); } empty($_GET['forward']) || header("Location: {$_GET['forward']}"); exit; } elseif ($_GET['action'] == 'logout') { msetcookie('msid', '', -86400 * 365); msetcookie('userauth', '', -86400 * 365);