/* * CC98 ID 相关功能页面 * * 版本:1.0 * 作者:樱桃 * 时间:2014-10-14 * * 修订记录: * 无 * */ require_once "include/bittorrent.php"; dbconn(); loggedinorreturn(); $user_lang = get_current_user_lang(); $res = get_current_user_resource()['cc98_logon']; function generate_uri($state) { global $cc98_client_id, $cc98_client_secret, $cc98_redirect_uri; return MessageFormatter::formatMessage('', 'https://login.cc98.org/OAuth/Authorize?client_id={0}&redirect_uri={1}&response_type=code&state={2}', array(urlencode($cc98_client_id), urlencode($cc98_redirect_uri), urlencode($state))); } // 是否是 Post 协议。 if (!empty($_POST)) { switch ($_POST['action']) { case 'delete': dodelete(); break; } // 异常处理。 die;
/** * 登录相关操作。 */ function dologon($cc98_id) { global $res; $user_lang = get_current_user_lang(); $sql = new_mysqli(); $query = $sql->prepare('SELECT `id`, `passhash`, `username` FROM `users` WHERE `cc98id` = ?'); $query->bind_param('s', $cc98_id); $query->execute(); $query->bind_result($id, $passhash, $username); // 是否匹配到结果。 if ($query->fetch()) { logincookie($id, md5($passhash)); ?> <meta http-equiv="refresh" content="3; url=/" /> <?php $title = $res['msg_logon_success_title']; $msg = MessageFormatter::formatMessage($user_lang, $res['msg_logon_success_text'], array($username)); stdhead($title); stdmsg($title, $msg); stdfoot(); die; break; // 没有关联到账户 } else { stderr($res['msg_no_associated_account_title'], $res['msg_no_associated_account_text']); die; } }
$send_email = $email; $email = sqlesc($email); $country = sqlesc($country); $gender = sqlesc($gender); $sitelangid = sqlesc(get_langid_from_langcookie()); $res_check_user = sql_query("SELECT * FROM users WHERE username = "******"INSERT INTO users (username, passhash, secret, editsecret, email, country, gender, status, class, invites, " . ($type == 'invite' ? "invited_by," : "") . " added, last_access, lang, stylesheet" . ($showschool == 'yes' ? ", school" : "") . ", uploaded,ip) VALUES (" . $wantusername . "," . $wantpasshash . "," . $secret . "," . $editsecret . "," . $email . "," . $country . "," . $gender . ", 'pending', " . $defaultclass_class . "," . $invite_count . ", " . ($type == 'invite' ? "'{$inviter}'," : "") . " '" . date("Y-m-d H:i:s") . "' , " . " '" . date("Y-m-d H:i:s") . "' , " . $sitelangid . "," . $defcss . ($showschool == 'yes' ? "," . $school : "") . "," . ($iniupload_main > 0 ? $iniupload_main : 0) . ",'" . getip() . "')") or sqlerr(__FILE__, __LINE__); $id = mysql_insert_id(); // 发送欢迎消息 // 消息可选参数 $messageParams = array($wantusernameraw, $SITENAME); $title = MessageFormatter::formatMessage(get_current_user_lang(), get_current_user_resource()['signup']['welcome_message_title'], $messageParams); $text = MessageFormatter::formatMessage(get_current_user_lang(), get_current_user_resource()['signup']['welcome_message_text'], $messageParams); send_message(0, $id, $title, $text); //write_log("User account $id ($wantusername) was created"); $res = sql_query("SELECT passhash, secret, editsecret, status FROM users WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__); $row = mysql_fetch_assoc($res); $psecret = md5($row['secret']); $ip = getip(); $usern = htmlspecialchars($wantusername); $title = $SITENAME . $lang_takesignup['mail_title']; $body = <<<EOD {$lang_takesignup['mail_one']}{$usern}{$lang_takesignup['mail_two']}({$email}){$lang_takesignup['mail_three']}{$ip}{$lang_takesignup['mail_four']} <b><a href="http://{$BASEURL}/confirm.php?id={$id}&secret={$psecret}" target="_blank"> {$lang_takesignup['mail_this_link']} </a></b><br /> http://{$BASEURL}/confirm.php?id={$id}&secret={$psecret} {$lang_takesignup['mail_four_1']} <b><a href="http://{$BASEURL}/confirm_resend.php" target="_blank">{$lang_takesignup['mail_here']}</a></b><br />