public function action() { // protect $this->security->protect(); /** 如果已经登录 */ if ($this->user->hasLogin()) { /** 直接返回 */ $this->response->redirect($this->options->index); } /** 初始化验证类 */ $validator = new Typecho_Validate(); $validator->addRule('name', 'required', _t('请输入用户名')); $validator->addRule('password', 'required', _t('请输入密码')); /** 截获验证异常 */ if ($error = $validator->run($this->request->from('name', 'password'))) { Typecho_Cookie::set('__typecho_remember_name', $this->request->name); /** 设置提示信息 */ $this->widget('Widget_Notice')->set($error); $this->response->goBack(); } /** 开始验证用户 **/ $valid = $this->user->login($this->request->name, $this->request->password, false, 1 == $this->request->remember ? $this->options->gmtTime + $this->options->timezone + 30 * 24 * 3600 : 0); /** 比对密码 */ if (!$valid) { /** 防止穷举,休眠3秒 */ sleep(3); Typecho_Cookie::set('__typecho_remember_name', $this->request->name); $this->widget('Widget_Notice')->set(_t('用户名或密码无效'), 'error'); $this->response->goBack('?referer=' . urlencode($this->request->referer)); } $this->widget('Widget_Notice')->set('已成功登录!', 'notice'); //登录积分 Widget_Common::credits('login'); /** 跳转验证后地址 */ $this->response->redirect($this->request->get('redir', $this->options->index)); }
public function writePost() { $this->security->protect(); $contents = $this->request->from('title', 'text', 'category', 'tags'); if (!empty($contents['text'])) { $contents['text'] = '<!--markdown-->' . $contents['text']; } if (!empty($contents['category'])) { $contents['category'] = array($contents['category']); } $contents['slug'] = NULL; $contents['created'] = $this->getCreated(); $contents['type'] = 'post'; $contents['allowComment'] = 1; $contents['allowPing'] = 1; $contents['allowFeed'] = 1; /** 发布内容, 检查是否具有直接发布的权限 */ if ($this->user->pass('editor', true)) { if (empty($contents['visibility'])) { $contents['status'] = 'publish'; } else { if ('password' == $contents['visibility'] || !in_array($contents['visibility'], array('private', 'waiting', 'publish', 'hidden'))) { if (empty($contents['password']) || 'password' != $contents['visibility']) { $contents['password'] = ''; } $contents['status'] = 'publish'; } else { $contents['status'] = $contents['visibility']; $contents['password'] = ''; } } } else { $contents['status'] = 'publish'; $contents['password'] = ''; } /** 真实的内容id */ $realId = 0; /** 是否是从草稿状态发布 */ $isDraftToPublish = 'post_draft' == $this->type; $isBeforePublish = 'publish' == $this->status; $isAfterPublish = 'publish' == $contents['status']; /** 重新发布现有内容 */ if ($this->have()) { /** 如果它本身不是草稿, 需要删除其草稿 */ if (!$isDraftToPublish && $this->draft) { $this->deleteDraft($this->draft['cid']); $this->deleteFields($this->draft['cid']); } /** 直接将草稿状态更改 */ if ($this->update($contents, $this->db->sql()->where('cid = ?', $this->cid))) { $realId = $this->cid; } } else { /** 发布一个新内容 */ $realId = $this->insert($contents); if ($realId > 0) { Widget_Common::credits('publish'); } } if ($realId > 0) { /** 插入分类 */ if (array_key_exists('category', $contents)) { $this->setCategories($realId, !empty($contents['category']) && is_array($contents['category']) ? $contents['category'] : array($this->options->defaultCategory), !$isDraftToPublish && $isBeforePublish, $isAfterPublish); } /** 插入标签 */ if (array_key_exists('tags', $contents)) { $this->setTags($realId, $contents['tags'], !$isDraftToPublish && $isBeforePublish, $isAfterPublish); } /** 同步附件 */ //$this->attach($realId); /** 保存自定义字段 */ //$this->applyFields($this->getFields(), $realId); $this->db->fetchRow($this->select()->where('table.contents.cid = ?', $realId)->limit(1), array($this, 'push')); } /** 设置提示信息 */ $this->widget('Widget_Notice')->set('post' == $this->type ? _t('文章 "<a href="%s">%s</a>" 已经发布', $this->permalink, $this->title) : _t('文章 "%s" 等待审核', $this->title), 'success'); if ($this->have()) { $this->response->redirect($this->permalink); } else { $this->response->goBack(); } }
public function action() { // protect $this->security->protect(); /** 如果已经登录 */ if ($this->user->hasLogin()) { /** 直接返回 */ $this->response->redirect($this->options->index); } /** 如果未开启注册 */ if (!$this->options->allowRegister) { /** 直接返回 */ $this->widget('Widget_Notice')->set('未开启注册!', 'error'); $this->response->redirect($this->options->index); } /** 初始化验证类 */ $validator = new Typecho_Validate(); $validator->addRule('captcha', 'required', _t('必须填写验证码')); $validator->addRule('captcha', array($this, 'checkCaptcha'), _t('验证码错误')); $validator->addRule('name', 'required', _t('必须填写用户名称')); $validator->addRule('name', 'minLength', _t('用户名至少包含2个字符'), 2); $validator->addRule('name', 'maxLength', _t('用户名最多包含32个字符'), 32); $validator->addRule('name', 'xssCheck', _t('请不要在用户名中使用特殊字符')); $validator->addRule('name', array($this, 'nameExists'), _t('用户名已经存在')); $validator->addRule('mail', 'required', _t('必须填写电子邮箱')); $validator->addRule('mail', array($this, 'mailExists'), _t('电子邮箱地址已经存在')); $validator->addRule('mail', 'email', _t('电子邮箱格式错误')); $validator->addRule('mail', 'maxLength', _t('电子邮箱最多包含200个字符'), 200); /** 如果请求中有password */ $validator->addRule('password', 'required', _t('必须填写密码')); $validator->addRule('password', 'minLength', _t('为了保证账户安全, 请输入至少六位的密码'), 6); $validator->addRule('password', 'maxLength', _t('为了便于记忆, 密码长度请不要超过十八位'), 18); $validator->addRule('confirm', 'confirm', _t('两次输入的密码不一致'), 'password'); /** 截获验证异常 */ if ($error = $validator->run($this->request->from('captcha', 'name', 'password', 'mail', 'confirm'))) { Typecho_Cookie::set('__typecho_remember_name', $this->request->name); Typecho_Cookie::set('__typecho_remember_mail', $this->request->mail); /** 设置提示信息 */ $this->widget('Widget_Notice')->set($error, 'error'); $this->response->goBack(); } $hasher = new PasswordHash(8, true); //$generatedPassword = Typecho_Common::randString(7); $extend = array(); $inviter = Typecho_Cookie::get('__typecho_inviter'); if (!empty($inviter)) { $inviter = $this->widget('Widget_Users_Query@name_' . $inviter, 'name=' . $inviter); if ($inviter->have()) { $extend['inviter'] = $inviter->name; } Typecho_Cookie::delete('__typecho_inviter'); } $dataStruct = array('name' => $this->request->name, 'mail' => $this->request->mail, 'screenName' => $this->request->name, 'password' => $hasher->HashPassword($this->request->password), 'created' => $this->options->gmtTime, 'group' => 'subscriber', 'extend' => empty($extend) ? '' : serialize($extend)); $insertId = $this->insert($dataStruct); $this->db->fetchRow($this->select()->where('uid = ?', $insertId)->limit(1), array($this, 'push')); $this->user->login($this->request->name, $this->request->password); $params = array('uid' => $this->user->uid, 'confirm' => $this->user->mail, 'name' => $this->user->screenName, 'type' => 'register'); //发送验证信息 Widget_Common::sendVerify($params); //注册积分 Widget_Common::credits('register'); $this->widget('Widget_Notice')->set(_t('用户 <strong>%s</strong> 已经成功注册,请及时验证邮件', $this->screenName), 'success'); $this->response->redirect($this->options->index); }
private function activateHandle(Typecho_Db_Query $select, &$hasPushed) { $hasPushed = true; $this->setArchiveType($this->parameter->type); $this->setMetaTitle('激活帐号'); $token = $this->request->token; if (empty($token)) { throw new Typecho_Widget_Exception(_t('请求的地址不存在'), 404); } $verify = $this->widget('Util_Verify')->setParams('type=register')->check($token); if (!empty($verify) && $verify['status'] != 1) { $row['group'] = 'contributor'; $this->db->query($this->db->update('table.users')->rows($row)->where('uid = ?', $verify['uid'])); $this->widget('Util_Verify')->setParams('type=register')->delete($token); Widget_Common::credits('invite', $verify['uid']); } $this->setThemeFile('user/activate.php'); }
/** * 评论处理函数 * * @throws Typecho_Widget_Exception * @throws Exception * @throws Typecho_Exception */ private function comment() { // modified_by_jiangmuzi 2015.09.23 // 必须登录后才可以回复 if (!$this->user->hasLogin()) { $this->widget('Widget_Notice')->set(_t('请先<a href="%s">登录</a>', $this->options->someUrl('login', null, false) . '?redir=' . $this->request->getRequestUrl()), NULL, 'success'); $this->response->goBack(); } // end modified // 使用安全模块保护 $this->security->protect(); $comment = array('cid' => $this->_content->cid, 'created' => $this->options->gmtTime, 'agent' => $this->request->getAgent(), 'ip' => $this->request->getIp(), 'ownerId' => $this->_content->author->uid, 'type' => 'comment', 'status' => !$this->_content->allow('edit') && $this->options->commentsRequireModeration ? 'waiting' : 'approved'); //检验格式 $validator = new Typecho_Validate(); $validator->addRule('text', 'required', _t('必须填写评论内容')); $comment['text'] = $this->request->text; /** 记录登录用户的id */ $comment['authorId'] = $this->user->uid; if ($error = $validator->run($comment)) { /** 记录文字 */ Typecho_Cookie::set('__some_remember_text', $comment['text']); throw new Typecho_Widget_Exception(implode("\n", $error)); } /** 生成过滤器 */ try { $comment = $this->pluginHandle()->comment($comment, $this->_content); } catch (Typecho_Exception $e) { Typecho_Cookie::set('__some_remember_text', $comment['text']); throw $e; } // modified_by_jiangmuzi 2015.09.23 // 解析@数据 $atArr = $this->searchAt($comment); // end modified /** 添加评论 */ $commentId = $this->insert($comment); Typecho_Cookie::delete('__some_remember_text'); $this->db->fetchRow($this->select()->where('coid = ?', $commentId)->limit(1), array($this, 'push')); //更新最后评论人及时间 $this->db->query($this->db->update('table.contents')->rows(array('lastUid' => $this->authorId, 'lastComment' => $this->created))->where('cid = ?', $this->cid)); //提醒主题作者 if ($comment['authorId'] != $comment['ownerId']) { $atArr[] = array('uid' => $comment['ownerId'], 'type' => 'comment'); } if (!empty($atArr)) { foreach ($atArr as $v) { $this->widget('Widget_Users_Messages')->addMessage($v['uid'], $commentId, $v['type']); } } //触发评论积分规则 Widget_Common::credits('reply', null, $commentId); /** 评论完成接口 */ $this->pluginHandle()->finishComment($this); $this->response->goBack('#' . $this->theId); }
/** * 评论处理函数 * * @throws Typecho_Widget_Exception * @throws Exception * @throws Typecho_Exception */ private function comment() { // modified_by_jiangmuzi 2015.09.23 // 必须登录后才可以回复 if (!$this->user->hasLogin()) { $this->widget('Widget_Notice')->set(_t('请先<a href="%s">登录</a>', $this->options->someUrl('login', null, false) . '?redir=' . $this->request->getRequestUrl()), NULL, 'success'); $this->response->goBack(); } // end modified // 使用安全模块保护 $this->security->protect(); $comment = array('cid' => $this->_content->cid, 'created' => $this->options->gmtTime, 'agent' => $this->request->getAgent(), 'ip' => $this->request->getIp(), 'ownerId' => $this->_content->author->uid, 'type' => 'comment', 'status' => !$this->_content->allow('edit') && $this->options->commentsRequireModeration ? 'waiting' : 'approved'); /** 判断父节点 */ /* if ($parentId = $this->request->filter('int')->get('parent')) { if ($this->options->commentsThreaded && ($parent = $this->db->fetchRow($this->db->select('coid', 'cid')->from('table.comments') ->where('coid = ?', $parentId))) && $this->_content->cid == $parent['cid']) { $comment['parent'] = $parentId; } else { throw new Typecho_Widget_Exception(_t('父级评论不存在')); } }*/ //检验格式 $validator = new Typecho_Validate(); $validator->addRule('text', 'required', _t('必须填写评论内容')); $comment['text'] = $this->request->text; /** 记录登录用户的id */ $comment['authorId'] = $this->user->uid; if ($error = $validator->run($comment)) { /** 记录文字 */ Typecho_Cookie::set('__some_remember_text', $comment['text']); throw new Typecho_Widget_Exception(implode("\n", $error)); } /** 生成过滤器 */ try { $comment = $this->pluginHandle()->comment($comment, $this->_content); } catch (Typecho_Exception $e) { Typecho_Cookie::set('__some_remember_text', $comment['text']); throw $e; } // modified_by_jiangmuzi 2015.09.23 // 解析@数据 $search = $replace = $atMsg = array(); $pattern = "/@([^@^\\s^:]{1,})([\\s\\:\\,\\;]{0,1})/"; preg_match_all($pattern, $comment['text'], $matches); if (!empty($matches[1])) { $matches[1] = array_unique($matches[1]); foreach ($matches[1] as $name) { if (empty($name)) { continue; } $atUser = $this->widget('Widget_Users_Query@name_' . $name, array('name' => $name)); if (!$atUser->have()) { continue; } $search[] = '@' . $name; $replace[] = '<a href="' . $atUser->ucenter . '" target="_blank">@' . $name . '</a>'; //提醒at用户 if ($comment['authorId'] != $atUser->uid && $atUser->uid != $comment['ownerId']) { $atMsg[] = array('uid' => $atUser->uid, 'type' => 'at'); } } if (!empty($search)) { $comment['text'] = str_replace(@$search, @$replace, $comment['text']); } } // end modified /** 添加评论 */ $commentId = $this->insert($comment); Typecho_Cookie::delete('__some_remember_text'); $this->db->fetchRow($this->select()->where('coid = ?', $commentId)->limit(1), array($this, 'push')); //更新最后评论人及时间 $this->db->query($this->db->update('table.contents')->rows(array('lastUid' => $this->authorId, 'lastComment' => $this->created))->where('cid = ?', $this->cid)); //提醒主题作者 if ($comment['authorId'] != $comment['ownerId']) { $atMsg[] = array('uid' => $comment['ownerId'], 'type' => 'comment'); } if (!empty($atMsg)) { foreach ($atMsg as $v) { $this->widget('Widget_Users_Messages')->addMessage($v['uid'], $commentId, $v['type']); } } //触发评论积分规则 Widget_Common::credits('reply'); /** 评论完成接口 */ $this->pluginHandle()->finishComment($this); $this->response->goBack('#' . $this->theId); }