protected function doSynlogin($request, $get, $post)
{
if (!API_SYNLOGIN) {
return API_RETURN_FORBIDDEN;
}
$partnerUser = uc_get_user($get['uid'], 1);
$bind = $this->getUserService()->getUserBindByTypeAndFromId('discuz', $get['uid']);
if (UC_CHARSET == 'gbk') {
$get['username'] = iconv('gb2312', 'UTF-8', $get['username']);
}
if (empty($bind)) {
$registration = array('nickname' => $get['username'], 'email' => $partnerUser[2], 'password' => substr(base_convert(sha1(uniqid(mt_rand(), true)), 16, 36), 0, 8), 'createdTime' => $get['time'], 'createdIp' => $request->getClientIp(), 'token' => array('userId' => $get['uid']));
if (!$this->getAuthService()->isRegisterEnabled()) {
return API_RETURN_FORBIDDEN;
}
$user = $this->getUserService()->register($registration, 'discuz');
} else {
$user = $this->getUserService()->getUser($bind['toId']);
if (empty($user)) {
return API_RETURN_SUCCEED;
}
}
$this->authenticateUser($user);
return API_RETURN_SUCCEED;
}
function register()
{
$activeuser = uc_get_user($this->base->post['username']);
if ($activeuser) {
$this->base->message('该用户无需注册,请直接登录!<br><a href="index.php?user/login">继续</a>');
}
$uid = uc_user_register($this->base->post['username'], $this->base->post['password'], $this->base->post['email']);
if ($uid <= 0) {
if ($uid == -1) {
$this->base->message('用户名不合法');
} elseif ($uid == -2) {
$this->base->message('包含要允许注册的词语');
} elseif ($uid == -3) {
$this->base->message('用户名已经存在');
} elseif ($uid == -4) {
$this->base->message('Email 格式有误');
} elseif ($uid == -5) {
$this->base->message('Email 不允许注册');
} elseif ($uid == -6) {
$this->base->message('该 Email 已经被注册');
} else {
$this->base->message('未定义');
}
} else {
if (isset($this->base->post['access_token'])) {
$uid = $_ENV['user']->add($this->base->post['username'], $this->base->post['password'], $this->base->post['email'], $uid, $this->base->post['access_token']);
} else {
$_ENV['user']->add($this->base->post['username'], $this->base->post['password'], $this->base->post['email'], $uid);
}
$_ENV['user']->refresh($uid);
$ucsynlogin = uc_user_synlogin($uid);
$this->base->message('注册成功' . $ucsynlogin . '<br><a href="' . $_SERVER['PHP_SELF'] . '">继续</a>');
}
}
public function changePassword($userId, $oldPassword, $newPassword)
{
$this->initDiscuzApi();
$user = uc_get_user($userId, 1);
$result = uc_user_edit($user[1], null, $newPassword, null, 1);
return $result == 1;
}
function register_header()
{
global $_G;
$inputemail = 'gp_' . $this->regemail['email'];
$_G['gp_email'] = $_G[$inputemail];
if ($_POST) {
$_G['gp_activationauth'] = strip_tags(str_replace(" ", "+", $_G['gp_activationauth']));
$activationinfo = authcode($_G['gp_activationauth'], $operation = 'DECODE');
$activationinfoname = preg_replace("/\\s.+/i", "", $activationinfo);
if ($activationinfoname) {
loaducenter();
if ($data = uc_get_user($activationinfoname)) {
list($uid, $username, $email) = $data;
}
$_G['gp_email'] = getEmail(strip_tags($email));
} else {
$_G['gp_email'] = getEmail(strip_tags($_G['gp_email']));
}
$_G['gp_rid'] = strip_tags($_G['gp_rid']);
if (!$_G['gp_rid']) {
showmessage('dsu_amufzc:1', '');
}
if (!$_G['gp_email']) {
showmessage('dsu_amufzc:5', '');
}
$amutb = DB::table("plugin_dsuamfzc");
$query = DB::fetch_first("SELECT * FROM {$amutb} WHERE rid = '" . $_G['gp_rid'] . "'");
if (!$query || $query['yes'] == '1') {
showmessage('dsu_amufzc:2', '');
}
if ($_G['gp_email'] != $query['email']) {
showmessage('dsu_amufzc:11', '');
}
}
}
public function member($uname, $isuid = false)
{
if ($data = uc_get_user(addslashes($this->iconv($uname)), (bool) $isuid)) {
list($uid, $uname, $mail) = $data;
return array('uid' => $uid, 'uname' => $this->iconv($uname, true), 'mail' => $mail);
}
return false;
}
function uc_feed_note($username, $feed)
{
$data = uc_get_user($username);
if (!$data) {
return '';
}
$uid = $data[0];
return uc_feed_add($feed['icon'], $uid, $username, $feed['title_template'], $feed['title_data'], $feed['body_template'], $feed['body_data'], '', '', $feed['images']);
}
public function actionIndex()
{
require_once 'ucenter.php';
if ($data = uc_get_user(Yii::app()->user->name)) {
list($uid, $username, $email) = $data;
} else {
echo '用户不存在';
}
$this->render('index', array('uid' => $uid, 'username' => $username, 'email' => $email));
}
function synlogin($get, $post)
{
!API_SYNLOGIN && exit(API_RETURN_FORBIDDEN);
$ID = intval($get['uid']);
for ($i = 0; $i < 2; $i++) {
$user = get_user_by('id', $ID);
if ($user) {
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
wp_set_auth_cookie($ID, true, '');
return API_RETURN_SUCCEED;
}
$query = uc_get_user($ID, 1);
createUser($ID, $get['username'], $get['password'], $query[2]);
}
exit(API_RETURN_SUCCEED);
}
function API_Login($user, $pass)
{
global $db, $onlineip;
include_once ONEZ_ROOT . './uc_client/client.php';
$api = uc_user_login($user, $pass, 0);
list($uid, $username, $password, $email) = $api;
if ($uid < 0) {
if ($uid == -1) {
return '用户不存在,或者被删除';
} elseif ($uid == -2) {
return '用户名或密码不正确';
} elseif ($uid == -3) {
return '安全提问错';
}
}
if (!$db) {
include_once ONEZ_ROOT . './include/db_mysql.class.php';
db_local();
$db = new onez_db();
}
$db->reset();
if ($db->rows("users", "uid='{$uid}'") == 0) {
//创建本地用户
if ($data = uc_get_user($uid, 1)) {
list($uid, $username, $email) = $data;
$arr = array('uid' => $uid, 'username' => $username, 'password' => md5($pass), 'email' => $email, 'infoip' => $onlineip, 'infotime' => time());
$db->insert('users', $arr);
}
}
$GLOBALS['cookiepre'] = 'onez_';
osetcookie('userid', $uid, 31536000);
osetcookie('username', $username, 31536000);
echo uc_user_synlogin($uid);
echo <<<ONEZ
<p align="center"><br /><br /><br /><br />
<a href="#" onclick="ReLoad()"><font size="2" color="#0000ff">正在同步登录中...</font></a>
</p>
<script type="text/javascript">
function ReLoad(){
top.location.reload();
}
window.onload=ReLoad;
</script>
ONEZ;
exit;
return 'Y';
}
public function UcenterLogin($data)
{
$db = new dbstuff();
$db->connect(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, 0);
list($uid, $username, $email) = uc_get_user($data['username']);
if (is_null($uid)) {
$_data['email'] = $data['email'];
$_data['username'] = $data['username'];
$_data['password'] = $data['password'];
$_data['user_id'] = $data['user_id'];
$uid = self::UcenterReg($_data);
return self::UcenterLogin($data);
} else {
$ucsynlogin = uc_user_synlogin($uid);
}
//var_dump($uid);
return $ucsynlogin;
}
function ajax_reg_action()
{
$post = array_keys($_POST);
$key_name = $post[0];
if (!in_array($key_name, array('username', 'email'))) {
exit;
}
$Member = $this->MODEL("userinfo");
if ($key_name == "username") {
$username = yun_iconv("utf-8", "gbk", $_POST['username']);
if (!$this->CheckRegUser($username) && !$this->CheckRegEmail($username)) {
echo 2;
die;
}
if ($this->config['sy_uc_type'] == "uc_center") {
$this->uc_open();
$user = uc_get_user($username);
} else {
$user = $Member->GetMemberNum(array("username" => $username));
}
if ($this->config['sy_regname'] != "") {
$regname = @explode(",", $this->config['sy_regname']);
if (in_array($username, $regname)) {
echo 3;
die;
}
}
} elseif ($key_name == "email") {
if (!$this->CheckRegEmail($_POST['email'])) {
echo 2;
die;
}
$user = $Member->GetMemberNum(array("`email`='" . $_POST['email'] . "' or `username`='" . $_POST['email'] . "'"));
}
if ($user) {
echo 1;
} else {
echo 0;
}
}
function ajax_reg_action()
{
$post = array_keys($_POST);
$key_name = $post[0];
if (!in_array($key_name, array('username', 'email'))) {
exit;
}
if ($key_name == "username") {
$username = $this->stringfilter($_POST['username']);
if (!$this->CheckRegUser($username) && !$this->CheckRegEmail($username)) {
echo 2;
die;
}
if ($this->config['sy_uc_type'] == "uc_center") {
$this->obj->uc_open();
$user = uc_get_user($username);
} else {
$user = $this->obj->DB_select_num("member", "`username`='" . $username . "'");
}
if ($this->config['sy_regname'] != "") {
$regname = @explode(",", $this->config['sy_regname']);
if (in_array($username, $regname)) {
echo 2;
die;
}
}
} elseif ($key_name == "email") {
if (!$this->CheckRegEmail($_POST['email'])) {
echo 2;
die;
}
$user = $this->obj->DB_select_num("member", "`email`='" . $_POST['email'] . "' or `username`='" . $_POST['email'] . "'");
}
if ($user) {
echo 1;
} else {
echo 0;
}
}
/**
* 设置用户登陆
*
* @access public
* @param int $uid
* @return void
*/
function set_login($user_id = '', $user_name = '')
{
if (empty($user_id)) {
return;
} else {
$sql = "SELECT user_name, email FROM {pre}users WHERE user_id='$user_id' LIMIT 1";
$row = $GLOBALS['db']->query($sql);
$row = reset($row);
if ($row) {
set_cookie($user_id, $row['user_name'], $row['email']);
set_session($user_id, $row['user_name'], $row['email']);
update_user_info();
} else {
include_once (ROOT_PATH . 'plugins/uc_client/client.php');
if ($data = uc_get_user($user_name)) {
list ($uid, $uname, $email) = $data;
$sql = "REPLACE INTO {pre}users (user_id, user_name, email) VALUES('$uid', '$uname', '$email')";
$GLOBALS['db']->query($sql);
set_login($uid);
} else {
return false;
}
}
}
}
}
checkuser($_POST['id'], $member['authstr']);
uc_user_edit(addslashes($member['username']), $_POST['newpasswd'], $_POST['newpasswd'], $_POST['email'], 1);
updatetable('members', array('authstr' => ''), array('uid' => $_POST['uid']));
showmessage('getpasswd_succeed', geturl('action/login'));
}
$_GET['op'] = trim($_GET['op']);
if ($_GET['op'] == 'reset') {
$_GET['uid'] = intval($_GET['uid']);
$_GET['id'] = trim($_GET['id']);
$query = $_SGLOBAL['db']->query("SELECT uid, username, authstr FROM " . tname('members') . " WHERE uid='{$_GET['uid']}'");
$member = $_SGLOBAL['db']->fetch_array($query);
if (empty($member)) {
showmessage('user_does_not_exist', geturl('action/login'));
}
$user = uc_get_user($member['username']);
checkuser($_GET['id'], $member['authstr']);
}
include template('site_lostpasswd');
//验证地址地否有效
function checkuser($id, $space)
{
global $_SGLOBAL;
if (empty($space)) {
showmessage('link_failure', geturl('action/login'));
}
list($dateline, $operation, $idstring) = explode("\t", $space);
if ($dateline < $_SGLOBAL['timestamp'] - 86400 * 3 || $operation != 1 || $idstring != $id) {
showmessage('getpasswd_illegal');
}
}
public static function getnewname($openid)
{
global $_G;
if (!$_G['wechat']['setting']) {
$_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']);
}
$wechat_client = new WeChatClient($_G['wechat']['setting']['wechat_appId'], $_G['wechat']['setting']['wechat_appsecret']);
$userinfo = $wechat_client->getUserInfoById($openid);
if ($userinfo) {
$defaultusername = substr(WeChatEmoji::clear($userinfo['nickname']), 0, 15);
loaducenter();
$user = uc_get_user($defaultusername);
if (!empty($user)) {
$defaultusername = cutstr($defaultusername, 7, '') . '_' . random(5);
}
} else {
$defaultusername = '******' . random(5);
}
return $defaultusername;
}
} elseif ($ucid == -3) {
array_push($checkresults, array('ucreg_username' => $lang['user_name_already_exists']));
} elseif ($ucid == -4) {
array_push($checkresults, array('ucreg_email' => $lang['email_format_is_wrong']));
} elseif ($ucid == -5) {
array_push($checkresults, array('ucreg_email' => $lang['email_not_registered']));
} elseif ($ucid == -6) {
array_push($checkresults, array('ucreg_email' => $lang['email_has_been_registered']));
} else {
array_push($checkresults, array('message' => $lang['register_error']));
}
if (!empty($checkresults)) {
cpmsg('user_info_failed', '', '', '', true, true, $checkresults);
}
}
$ucdata = uc_get_user($ucid, 1);
list($ucid, $ucname, $ucemail) = $ucdata;
//unset所有uc註冊變量
$ucarr = array('ucreg_username', 'ucreg_password', 'ucreg_rtpassword', 'ucreg_email');
foreach ($ucarr as $value) {
unset($_POST[$value]);
}
}
//提交了數據
if ($itemid = pkpost($cacheinfo)) {
if (in_array($mname, array('good', 'notice', 'consume', 'album', 'groupbuy'))) {
if (!empty($_POST['attr_ids'])) {
require_once B_ROOT . '/batch.attribute.php';
setattributesettings($_POST['catid'], $itemid, $_POST['attr_ids']);
}
if ($mname == 'good' || $mname == 'groupbuy') {
/**
* 同步登录
*/
public function synlogin($get, $post)
{
if (!API_SYNLOGIN) {
return API_RETURN_FORBIDDEN;
}
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$username = trim($get['username']);
$login_time = $get['time'];
$user_info = $this->_user_mod->field('id,username')->where(array('username' => $username))->find();
if (!$user_info) {
$uc_user = uc_get_user($username);
$user_id = $this->_user_mod->add(array('uc_uid' => $uc_user['uid'], 'username' => $uc_user['username'], 'password' => md5(time() . rand(100000, 999999)), 'email' => $uc_user['email']));
$user_info = array('id' => $user_id, 'username' => $username);
}
//登录
$this->_api_visitor()->assign_info($user_info);
// 更新用户信息
$this->_user_mod->where(array('id' => $user_info['id']))->save(array('last_time' => $login_time, 'last_ip' => get_client_ip()));
return API_RETURN_SUCCEED;
}
function delete_train_user($uid)
{
global $db;
if (!is_array($uid)) {
$uid = array($uid);
}
$sqlin = implode(",", $uid);
if (preg_match("/^(\\d{1,10},)*(\\d{1,10})\$/", $sqlin)) {
if (defined('UC_API')) {
include_once QISHI_ROOT_PATH . 'uc_client/client.php';
foreach ($uid as $tuid) {
$userinfo = get_user($tuid);
$uc_user = uc_get_user($userinfo['username']);
$uc_uid_arr[] = $uc_user[0];
}
uc_user_delete($uc_uid_arr);
}
if (!$db->query("Delete from " . table('members') . " WHERE uid IN (" . $sqlin . ")")) {
return false;
}
if (!$db->query("Delete from " . table('members_info') . " WHERE uid IN (" . $sqlin . ")")) {
return false;
}
if (!$db->query("Delete from " . table('members_log') . " WHERE log_uid IN (" . $sqlin . ")")) {
return false;
}
if (!$db->query("Delete from " . table('members_points') . " WHERE uid IN (" . $sqlin . ")")) {
return false;
}
if (!$db->query("Delete from " . table('order') . " WHERE uid IN (" . $sqlin . ")")) {
return false;
}
if (!$db->query("Delete from " . table('members_train_setmeal') . " WHERE uid IN (" . $sqlin . ")")) {
return false;
}
return true;
write_log("删除会员uid为" . $sqlin . "的培训机构会员", $_SESSION['admin_name'], 3);
}
return false;
}
private function _do_email_login()
{
$username = $_POST['username'];
$password = $_POST['password'];
if (strpos($username, "@") > 0) {
//邮箱登陆
$where['user_email'] = $username;
} else {
$where['user_login'] = $username;
}
$users_model = M('Users');
$result = $users_model->where($where)->find();
$ucenter_syn = C("UCENTER_ENABLED");
$ucenter_old_user_login = false;
$ucenter_login_ok = false;
if ($ucenter_syn) {
setcookie("thinkcmf_auth", "");
include UC_CLIENT_ROOT . "client.php";
list($uc_uid, $username, $password, $email) = uc_user_login($username, $password);
if ($uc_uid > 0) {
if (!$result) {
$data = array('user_login' => $username, 'user_email' => $email, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(0, true), 'create_time' => time(), 'last_login_time' => time(), 'user_status' => '1', 'user_type' => 2);
$id = $users_model->add($data);
$data['id'] = $id;
$result = $data;
}
} else {
switch ($uc_uid) {
case "-1":
//用户不存在,或者被删除
if ($result) {
//本应用已经有这个用户
if (sp_compare_password($password, $result['user_pass'])) {
//本应用已经有这个用户,且密码正确,同步用户
$uc_uid2 = uc_user_register($username, $password, $result['user_email']);
if ($uc_uid2 < 0) {
$uc_register_errors = array("-1" => "用户名不合法", "-2" => "包含不允许注册的词语", "-3" => "用户名已经存在", "-4" => "Email格式有误", "-5" => "Email不允许注册", "-6" => "该Email已经被注册");
$this->error("同步用户失败--" . $uc_register_errors[$uc_uid2]);
}
$uc_uid = $uc_uid2;
} else {
$this->error("密码错误1!");
}
}
break;
case -2:
//密码错
if ($result) {
//本应用已经有这个用户
if (sp_compare_password($password, $result['user_pass'])) {
//本应用已经有这个用户,且密码正确,同步用户
$uc_user_edit_status = uc_user_edit($username, "", $password, "", 1);
if ($uc_user_edit_status <= 0) {
$this->error("登陆错误3!");
}
list($uc_uid2) = uc_get_user($username);
$uc_uid = $uc_uid2;
$ucenter_old_user_login = true;
} else {
$this->error("密码错误4!");
}
} else {
$this->error("密码错误1!");
}
break;
}
}
$ucenter_login_ok = true;
echo uc_user_synlogin($uc_uid);
}
//exit();
if (!empty($result)) {
if (sp_compare_password($password, $result['user_pass']) || $ucenter_login_ok) {
$_SESSION["user"] = $result;
//写入此次登录信息
$data = array('last_login_time' => date("Y-m-d H:i:s"), 'last_login_ip' => get_client_ip(0, true));
$users_model->where("id=" . $result["id"])->save($data);
$redirect = empty($_SESSION['login_http_referer']) ? __ROOT__ . "/" : $_SESSION['login_http_referer'];
$_SESSION['login_http_referer'] = "";
$ucenter_old_user_login_msg = "";
if ($ucenter_old_user_login) {
//$ucenter_old_user_login_msg="老用户请在跳转后,再次登陆";
}
$this->success("登录验证成功!", $redirect);
} else {
$this->error("密码错误7!");
}
} else {
$this->error("用户名不存在!");
}
}
include_once dirname(__FILE__) . '/include/general.inc.php';
include_once M_ROOT . './include/common.fun.php';
if (empty($forward)) {
$forward = empty($enable_pptout) || $pptout_file != 'phpwind' ? M_REFERER : $cms_abs;
}
$mode = empty($mode) ? '' : $mode;
$action = empty($action) ? 'login' : $action;
$getval = empty($enable_pptout) || $pptout_file != 'phpwind' ? 'forward' : 'jumpurl';
if ($action == 'login') {
$memberid && $mode != 'js' && message('dontrepeatlogin', '', '<a href="?action=logout">' . lang('logout') . '</a>');
if ($memberid && $enable_uc) {
require_once M_ROOT . './include/ucenter/config.inc.php';
require_once M_ROOT . './uc_client/client.php';
$ucresult = uc_get_user($curuser->info['mname']);
if (is_array($ucresult)) {
list($uid, $username) = uc_get_user($curuser->info['mname']);
$uc_synlogin = uc_user_synlogin($uid);
echo $ucsynlogin;
}
}
if (!submitcheck('cmslogin')) {
$temparr = array('forward' => rawurlencode($forward));
if ($mode == 'js') {
js_write(template(empty($curuser->info['mid']) ? 'jslogin' : 'jsloginok', $temparr));
mexit();
} else {
if ($enable_pptin && !empty($pptin_url) && $pptin_login) {
$url = $pptin_url . $pptin_login;
$url .= (strpos($url, '?') ? '&' : '?') . "{$getval}=" . rawurlencode($forward);
header('location:' . $url);
exit;
}
if (C::t('common_member')->fetch_uid_by_username($newusername) || C::t('common_member_archive')->fetch_uid_by_username($newusername)) {
cpmsg('members_add_username_duplicate', '', 'error');
}
loaducenter();
$uid = uc_user_register(addslashes($newusername), $newpassword, $newemail);
if ($uid <= 0) {
if ($uid == -1) {
cpmsg('members_add_illegal', '', 'error');
} elseif ($uid == -2) {
cpmsg('members_username_protect', '', 'error');
} elseif ($uid == -3) {
if (empty($_GET['confirmed'])) {
cpmsg('members_add_username_activation', 'action=members&operation=add&addsubmit=yes&newgroupid=' . $_GET['newgroupid'] . '&newusername='******'form');
} else {
list($uid, , $newemail) = uc_get_user(addslashes($newusername));
}
} elseif ($uid == -4) {
cpmsg('members_email_illegal', '', 'error');
} elseif ($uid == -5) {
cpmsg('members_email_domain_illegal', '', 'error');
} elseif ($uid == -6) {
cpmsg('members_email_duplicate', '', 'error');
}
}
$group = C::t('common_usergroup')->fetch($_GET['newgroupid']);
$newadminid = in_array($group['radminid'], array(1, 2, 3)) ? $group['radminid'] : ($group['type'] == 'special' ? -1 : 0);
if ($group['radminid'] == 1) {
cpmsg('members_add_admin_none', '', 'error');
}
if (in_array($group['groupid'], array(5, 6, 7))) {
list($tmp['uid'], , $tmp['email']) = uc_get_user(addslashes($_GET['username']));
$tmp['email'] = strtolower(trim($tmp['email']));
if ($_GET['email'] != $tmp['email']) {
showmessage('getpasswd_account_notmatch');
}
$member = getuserbyuid($tmp['uid'], 1);
} else {
$emailcount = C::t('common_member')->count_by_email($_GET['email'], 1);
if (!$emailcount) {
showmessage('lostpasswd_email_not_exist');
}
if ($emailcount > 1) {
showmessage('lostpasswd_many_users_use_email');
}
$member = C::t('common_member')->fetch_by_email($_GET['email'], 1);
list($tmp['uid'], , $tmp['email']) = uc_get_user(addslashes($member['username']));
$tmp['email'] = strtolower(trim($tmp['email']));
}
if (!$member) {
showmessage('getpasswd_account_notmatch');
} elseif ($member['adminid'] == 1 || $member['adminid'] == 2) {
showmessage('getpasswd_account_invalid');
}
$table_ext = $member['_inarchive'] ? '_archive' : '';
if ($member['email'] != $tmp['email']) {
C::t('common_member' . $table_ext)->update($tmp['uid'], array('email' => $tmp['email']));
}
$idstring = random(6);
C::t('common_member_field_forum' . $table_ext)->update($member['uid'], array('authstr' => "{$_G['timestamp']}\t1\t{$idstring}"));
require_once libfile('function/mail');
$get_passwd_subject = lang('email', 'get_passwd_subject');
$activation = array();
if (isset($_G['gp_activationauth'])) {
$activationauth = explode("\t", authcode($_G['gp_activationauth'], 'DECODE'));
if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if (!$activation) {
$usernamelen = strlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong');
}
$username = addslashes(trim(dstripslashes($username)));
if (uc_get_user($username) && !DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'")) {
if ($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username));
}
}
if ($_G['gp_password'] !== $_G['gp_password2']) {
showmessage('profile_passwd_notmatch');
}
if (!$_G['gp_password'] || $_G['gp_password'] != addslashes($_G['gp_password'])) {
showmessage('profile_passwd_illegal');
}
$email = trim($_G['gp_email']);
$password = $_G['gp_password'];
}
}
if (DB::result_first("SELECT count(*) FROM " . DB::table('common_member') . " WHERE username='******'")) {
cpmsg('members_add_username_duplicate', '', 'error');
}
loaducenter();
$uid = uc_user_register($newusername, $newpassword, $newemail);
if ($uid <= 0) {
if ($uid == -1) {
cpmsg('members_add_illegal', '', 'error');
} elseif ($uid == -2) {
cpmsg('members_username_protect', '', 'error');
} elseif ($uid == -3) {
if (empty($_G['gp_confirmed'])) {
cpmsg('members_add_username_activation', 'action=members&operation=add&addsubmit=yes&newgroupid=' . $_G['gp_newgroupid'] . '&newusername='******'form');
} else {
list($uid, , $newemail) = uc_get_user($newusername);
}
} elseif ($uid == -4) {
cpmsg('members_email_illegal', '', 'error');
} elseif ($uid == -5) {
cpmsg('members_email_domain_illegal', '', 'error');
} elseif ($uid == -6) {
cpmsg('members_email_duplicate', '', 'error');
}
}
$query = DB::query("SELECT groupid, radminid, type FROM " . DB::table('common_usergroup') . " WHERE groupid='{$_G['gp_newgroupid']}'");
$group = DB::fetch($query);
$newadminid = in_array($group['radminid'], array(1, 2, 3)) ? $group['radminid'] : ($group['type'] == 'special' ? -1 : 0);
if ($group['radminid'] == 1) {
cpmsg('members_add_admin_none', '', 'error');
}
function handqx($qxa, $user, $hdbname)
{
/*如果将权限检查函数强制为根据USERNAME/EMAIL中的某一个检查则必须在handlogin中将将传入的值进行统一*/
$qxa = trim($qxa);
$user = addslashes($user);
if ($data = uc_get_user($user)) {
list($uid, $username, $email) = $data;
} else {
return '用户不存在';
}
switch ($qxa) {
case "nickname":
return $username;
break;
case "username":
return $username;
break;
case "email":
return $email;
break;
default:
return "cant";
break;
}
}
$username = dhtmlspecialchars($username);
include template('register');
} else {
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if (isset($activationauth)) {
$activationauth = explode("\t", authcode($activationauth, 'DECODE'));
if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) {
showmessage('register_activation_invalid', 'logging.php?action=login');
}
}
if (!$activation) {
$username = addslashes(trim(stripslashes($username)));
if (uc_get_user($username) && !$db->result_first("SELECT uid FROM {$tablepre}members WHERE username='******'")) {
if ($inajax) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'logging.php?action=login');
}
}
if ($password != $password2) {
showmessage('profile_passwd_notmatch');
}
if (!$password || $password != addslashes($password)) {
showmessage('profile_passwd_illegal');
}
$email = trim($email);
}
$guestexp = '\\xA1\\xA1|\\xAC\\xA3|^Guest|^\\xD3\\xCE\\xBF\\xCD|\\xB9\\x43\\xAB\\xC8';
* @copyright Copyright (c) 2007 - 2010, DesDev, Inc.
* @license http://help.dedecms.com/usersguide/license.html
* @link http://www.dedecms.com
*/
require_once dirname(__FILE__) . "/config.php";
CheckRank(0, 0);
$menutype = 'mydede';
$menutype_son = 'pm';
$id = isset($id) ? intval($id) : 0;
if ($cfg_mb_lit == 'Y') {
ShowMsg('由于系统开启了精简版会员空间,你不能向其它会员发短信息,不过你可以向他留言!', '-1');
exit;
}
#api{{
if (defined('UC_API') && @(include_once DEDEROOT . '/uc_client/client.php')) {
if ($data = uc_get_user($cfg_ml->M_LoginID)) {
uc_pm_location($data[0]);
}
}
#/aip}}
if (!isset($dopost)) {
$dopost = '';
}
//检查用户是否被禁言
CheckNotAllow();
$state = empty($state) ? "" : $state;
/*--------------------
function __send(){ }
----------------------*/
if ($dopost == 'send') {
/** 好友记录 **/
function getspace($key, $indextype = 'uid', $auto_open = 0)
{
global $_SGLOBAL, $_SCONFIG, $_SN;
$var = "space_{$key}_{$indextype}";
if (empty($_SGLOBAL[$var])) {
$space = array();
$query = $_SGLOBAL['db']->query("SELECT sf.*, s.* FROM " . tname('space') . " s LEFT JOIN " . tname('spacefield') . " sf ON sf.uid=s.uid WHERE s.{$indextype}='{$key}'");
if (!($space = $_SGLOBAL['db']->fetch_array($query))) {
$space = array();
if ($indextype == 'uid' && $auto_open) {
//自动开通空间
include_once S_ROOT . './uc_client/client.php';
if ($user = uc_get_user($key, 1)) {
include_once S_ROOT . './source/function_space.php';
$space = space_open($user[0], addslashes($user[1]), 0, addslashes($user[2]));
}
}
}
if ($space) {
$_SN[$space['uid']] = $_SCONFIG['realname'] && $space['name'] && $space['namestatus'] ? $space['name'] : $space['username'];
$space['self'] = $space['uid'] == $_SGLOBAL['supe_uid'] ? 1 : 0;
//好友缓存
$space['friends'] = array();
if (empty($space['friend'])) {
if ($space['friendnum'] > 0) {
$fstr = $fmod = '';
$query = $_SGLOBAL['db']->query("SELECT fuid FROM " . tname('friend') . " WHERE uid='{$space['uid']}' AND status='1'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$space['friends'][] = $value['fuid'];
$fstr .= $fmod . $value['fuid'];
$fmod = ',';
}
$space['friend'] = $fstr;
}
} else {
$space['friends'] = explode(',', $space['friend']);
}
$space['username'] = addslashes($space['username']);
$space['name'] = addslashes($space['name']);
$space['privacy'] = empty($space['privacy']) ? empty($_SCONFIG['privacy']) ? array() : $_SCONFIG['privacy'] : unserialize($space['privacy']);
//通知数
$space['allnotenum'] = 0;
foreach (array('notenum', 'pokenum', 'addfriendnum', 'mtaginvitenum', 'eventinvitenum', 'myinvitenum') as $value) {
$space['allnotenum'] = $space['allnotenum'] + $space[$value];
}
if ($space['self']) {
$_SGLOBAL['member'] = $space;
}
}
$_SGLOBAL[$var] = $space;
}
return $_SGLOBAL[$var];
}
$query = $db->query("SELECT m.uid, m.username, m.credits, mf.authstr FROM {$tablepre}members m, {$tablepre}memberfields mf\r\n\t\tWHERE m.uid='{$uid}' AND mf.uid=m.uid AND m.groupid='8'");
$member = $db->fetch_array($query);
list($dateline, $operation, $idstring) = explode("\t", $member['authstr']);
if ($operation == 2 && $idstring == $id) {
$query = $db->query("SELECT groupid FROM {$tablepre}usergroups WHERE type='member' AND {$member['credits']}>=creditshigher AND {$member['credits']}<creditslower LIMIT 1");
$db->query("UPDATE {$tablepre}members SET groupid='" . $db->result($query, 0) . "' WHERE uid='{$member['uid']}'");
$db->query("UPDATE {$tablepre}memberfields SET authstr='' WHERE uid='{$member['uid']}'");
showmessage('activate_succeed', $indexname);
} else {
showmessage('activate_illegal', NULL, 'HALTED');
}
} elseif ($action == 'lostpasswd') {
$discuz_action = 141;
if (submitcheck('lostpwsubmit')) {
require_once DISCUZ_ROOT . './uc_client/client.php';
list($tmp['uid'], , $tmp['email']) = uc_get_user($username);
if ($email != $tmp['email']) {
showmessage('getpasswd_account_notmatch');
}
$member = $db->fetch_first("SELECT uid, username, adminid, email FROM {$tablepre}members WHERE uid='{$tmp['uid']}'");
if (!$member) {
showmessage('getpasswd_account_notmatch');
} elseif ($member['adminid'] == 1 || $member['adminid'] == 2) {
showmessage('getpasswd_account_invalid');
}
if ($member['email'] != $tmp['email']) {
$db->query("UPDATE {$tablepre}members SET email='" . addslashes($tmp['email']) . "' WHERE uid='" . addslashes($tmp['uid']) . "'");
}
$idstring = random(6);
$db->query("UPDATE {$tablepre}memberfields SET authstr='{$timestamp}\t1\t{$idstring}' WHERE uid='{$member['uid']}'");
sendmail("{$username} <{$tmp['email']}>", 'get_passwd_subject', 'get_passwd_message');
public function actlogin()
{
setcookie('LoginCookie', '', time() - 10 * 60, "/");
//uc登陆
$loginconfig = FS("Webconfig/loginconfig");
$uc_mcfg = $loginconfig['uc'];
if ($uc_mcfg['enable'] == 1) {
require_once C('APP_ROOT') . "Lib/Uc/config.inc.php";
require C('APP_ROOT') . "Lib/Uc/uc_client/client.php";
}
//uc登陆
if ($_SESSION['verify'] != md5($_POST['sVerCode'])) {
ajaxmsg("验证码错误!", 0);
}
false !== strpos($_POST['sUserName'], "@") ? $data['user_email'] = text($_POST['sUserName']) : ($data['user_name'] = text($_POST['sUserName']));
$vo = M('members')->field('id,user_name,user_email,user_pass,is_ban')->where($data)->find();
if ($vo['is_ban'] == 1) {
ajaxmsg("您的帐户已被冻结,请联系客服处理!", 0);
}
if (!is_array($vo)) {
//本站登陆不成功,偿试uc登陆及注册本站
if ($uc_mcfg['enable'] == 1) {
list($uid, $username, $password, $email) = uc_user_login(text($_POST['sUserName']), text($_POST['sPassword']));
if ($uid > 0) {
$regdata['txtUser'] = text($_POST['sUserName']);
$regdata['txtPwd'] = text($_POST['sPassword']);
$regdata['txtEmail'] = $email;
$newuid = $this->ucreguser($regdata);
if (is_numeric($newuid) && $newuid > 0) {
$logincookie = uc_user_synlogin($uid);
//UC同步登陆
setcookie('LoginCookie', $logincookie, time() + 10 * 60, "/");
$this->_memberlogin($newuid);
ajaxmsg();
//登陆成功
} else {
ajaxmsg($newuid, 0);
}
}
}
//本站登陆不成功,偿试uc登陆及注册本站
ajaxmsg("用户名或者密码错误!", 0);
} else {
if ($vo['user_pass'] == md5($_POST['sPassword'])) {
//本站登陆成功,uc登陆及注册UC
//uc登陆及注册UC
if ($uc_mcfg['enable'] == 1) {
$dataUC = uc_get_user($vo['user_name']);
if ($dataUC[0] > 0) {
$logincookie = uc_user_synlogin($dataUC[0]);
//UC同步登陆
setcookie('LoginCookie', $logincookie, time() + 10 * 60, "/");
} else {
$uid = uc_user_register($vo['user_name'], $_POST['sPassword'], $vo['user_email']);
if ($uid > 0) {
$logincookie = uc_user_synlogin($dataUC[0]);
//UC同步登陆
setcookie('LoginCookie', $logincookie, time() + 10 * 60, "/");
}
}
}
//uc登陆及注册UC
$this->_memberlogin($vo['id']);
$url_referer = text($_POST['url_referer']);
if (empty($url_referer)) {
$url_referer = session("url_referer");
}
if (empty($url_referer)) {
$url_referer = __APP__ . "/member";
}
session("url_referer", null);
ajaxmsg(array("url_referer" => $url_referer));
} else {
//本站登陆不成功
ajaxmsg("用户名或者密码错误!", 0);
}
}
}
