Пример #1
0
function _login($forward = '')
{
    global $_GPC, $_W;
    load()->model('user');
    $member = array();
    $username = trim($_GPC['username']);
    if (empty($username)) {
        message('请输入要登录的用户名');
    }
    $member['username'] = $username;
    $member['password'] = $password = $_GPC['password'];
    if (empty($member['password'])) {
        message('请输入密码');
    }
    $record = user_single($member);
    if (!empty($record)) {
        /*if($record['status'] == 1) {
        			message('您的账号正在审核或是已经被系统禁止,请联系网站管理员解决!');
        		}*/
        $founders = explode(',', $_W['config']['setting']['founder']);
        $_W['isfounder'] = in_array($record['uid'], $founders);
        if ($_W['siteclose'] && !$_W['isfounder']) {
            $settings = setting_load('copyright');
            message('站点已关闭,关闭原因:' . $settings['copyright']['reason']);
        }
        $cookie = array();
        $cookie['uid'] = $record['uid'];
        $cookie['lastvisit'] = $record['lastvisit'];
        $cookie['lastip'] = $record['lastip'];
        $cookie['hash'] = md5($record['password'] . $record['salt']);
        $session = base64_encode(json_encode($cookie));
        isetcookie('__session', $session, !empty($_GPC['rember']) ? 7 * 86400 : 0);
        $status = array();
        $status['uid'] = $record['uid'];
        $status['lastvisit'] = TIMESTAMP;
        $status['lastip'] = CLIENT_IP;
        user_update($status);
        if (empty($forward)) {
            $forward = $_GPC['forward'];
        }
        if (empty($forward)) {
            $forward = './index.php?c=index&a=index';
        }
        $_W['user'] = $record;
        if (cly_isAdmin()) {
            message('', url('admin/index'));
        } else {
            message('', $forward);
        }
        //message("欢迎回来,{$record['username']}。", $forward);
    } else {
        message('登录失败,请检查您输入的用户名和密码!');
    }
}
Пример #2
0
   }*/
 load()->model('account');
 $acc = account($_GPC['account']);
 if ($acc['status_id'] == 2) {
     exit(json_encode(['result' => 1, 'msg' => '此号已经在网站实名认证,如发现其有恶意行为,请第一时间联系我们网站客服QQ,下掉此QQ马甲。投诉电话:0773-3639184']));
 }
 $params['account'] = $_GPC['account'];
 $params['report_ip'] = CLIENT_IP;
 $ipAccTime = setting_module_load('report_set', 'timeLimit', 0);
 $ipTime = setting_module_load('report_set', 'ipTime', 0);
 $ipAccLimit = pdo_fetch("SELECT * FROM " . tablename('report') . " WHERE account=:account AND report_ip=:report_ip AND UNIX_TIMESTAMP()-time<{$ipAccTime}", $params);
 if ($ipAccLimit && !cly_isAdmin()) {
     exit(json_encode(['result' => 1, 'msg' => "禁止在{$ipAccTime}秒内举报同一账号"]));
 }
 $ipLimit = pdo_fetch("SELECT * FROM " . tablename('report') . " WHERE report_ip=:report_ip AND UNIX_TIMESTAMP()-time<{$ipTime}", array('report_ip' => CLIENT_IP));
 if ($ipLimit && !cly_isAdmin()) {
     exit(json_encode(['result' => 1, 'msg' => "禁止在{$ipTime}秒内重复举报"]));
 }
 $newData = cly_array_filter(array('type_id', 'account', 'account_type', 'image'));
 $newData['user_id'] = $_W['uid'];
 $newData['time'] = time();
 $newData['report_ip'] = CLIENT_IP;
 pdo_insert('report', $newData);
 //update other data
 if (pdo_insertid()) {
     load()->model('account');
     $account_type = is_numeric($_GPC['account']) ? 1 : 2;
     account_report_add($_GPC['account'], $account_type);
     //update index cache
     exit(json_encode(['result' => 1, 'msg' => '举报成功']));
 }
Пример #3
0
<?php

define('IN_GW', true);
if (!cly_isAdmin()) {
    message('无权访问', '?c=user&a=login', 'info');
}