function reg($data) { if (!$data['email']) { return array('status' => 0, 'msg' => L('email_require')); } if (!$data['password']) { return array('status' => 0, 'msg' => L('password_require')); } if ($this->check_user($data['email']) > 0) { return array('status' => 0, 'msg' => '用户已经存在,登录邮箱不能重复。'); } // 用于写入的数组 $indata = array(); $indata = $data; $indata['regtime'] = time(); $indata['regip'] = get_client_ip(); $indata['status'] = 1; $indata['salt'] = user_salt(); $indata['password'] = user_md5($data['password'], $indata['salt']); $insertId = $this->add($indata); // 写入记录 if ($insertId) { return array('status' => 1, 'msg' => '注册成功!', 'userid' => $insertId); } return array('status' => 0, 'msg' => '注册失败,请重试。'); }
public function _before_update($data) { if ($data['id'] == '1' and $data['status'] == 0) { $this->error('最后一个了,状态不能禁用哦'); exit; } $info = $this->_mod->find($data['id']); if ($info['password'] != $data['password']) { !$info['salt'] && ($data['salt'] = $info['salt'] = user_salt()); $data['password'] = user_md5($data['password'] . $info['salt']); } return $data; }
public function add_user($data) { if (in_array('', $data)) { return array('status' => 0, 'msg' => '内容不完整'); } // 再次检查是否重复 if ($this->field_exists($data['username'])) { return array('status' => 0, 'msg' => sprintf(L('is_exist'), L('username'))); } // 处理密码 $data['salt'] = user_salt(); $data['password'] = user_md5($data['password'], $data['salt']); if ($this->add($data)) { return array('status' => 1, 'msg' => L('operation_success')); } }
public function profile() { if (IS_POST) { $post = $this->_post('info'); $data = $this->_mod->create($post); // 修改密码 if (trim($post['password'])) { $data['salt'] = user_salt(); $data['password'] = user_md5($data['password'], $data['salt']); } else { unset($data['password']); } $data['id'] = $this->_userid; $this->_mod->where(array('id' => $this->_userid))->save($data); $this->success(L('operation_success')); } else { $this->assign('active', 'profile'); $this->theme('profile', 'user'); } }
/** * Respond to password reset confirmation. * @return The url to display after the command is processed. */ function command_reset_password_confirm() { global $esc_post; // Check code if (!user_check_reset_code($_POST['code'])) { error_register('Invalid reset code'); return crm_url(); } // Check that passwords match if ($_POST['password'] != $_POST['confirm']) { error_register('Passwords do not match'); return crm_url(); } // Get user id $sql = "SELECT * FROM `resetPassword` WHERE `code`='{$esc_post['code']}'"; $res = mysql_query($sql); if (!$res) { die(mysql_error()); } $row = mysql_fetch_assoc($res); $esc_cid = mysql_real_escape_string($row['cid']); // Calculate hash $salt = user_salt(); $esc_hash = mysql_real_escape_string(user_hash($_POST['password'], $salt)); $esc_salt = mysql_real_escape_string($salt); // Update password $sql = "\n UPDATE `user`\n SET `hash`='{$esc_hash}'\n , `salt`='{$esc_salt}'\n WHERE `cid`='{$esc_cid}'\n "; $res = mysql_query($sql); if (!$res) { die(mysql_error()); } // Notify user to check their email message_register('Your password has been reset, you may now log in'); return crm_url('login'); }
/** * Handle installation request. * * @return The url to redirect to on completion. */ function command_module_install() { global $esc_post; // Create tables $res = module_install(); if (!$res) { return crm_url(); } // Add admin contact and user $sql = "\n INSERT INTO `contact`\n (`firstName`, `lastName`, `email`)\n VALUES\n ('Admin', 'User', '{$esc_post['email']}')\n "; $res = mysql_query($sql); if (!$res) { die(mysql_error()); } $cid = mysql_insert_id(); $esc_cid = mysql_real_escape_string($cid); $salt = user_salt(); $esc_hash = mysql_real_escape_string(user_hash($_POST['password'], $salt)); $esc_salt = mysql_real_escape_string($salt); $sql = "\n INSERT INTO `user`\n (`cid`, `username`, `hash`, `salt`)\n VALUES\n ('{$esc_cid}', 'admin', '{$esc_hash}', '{$esc_salt}')\n "; $res = mysql_query($sql); if (!$res) { die(mysql_error()); } message_register('Seltzer CRM has been installed.'); message_register('You may log in as user "admin"'); return crm_url('login'); }