function user_login($uid) { $member = getuserbyuid($uid); $cookietime = 1296000; require_once libfile('function/member'); setloginstatus($member, $cookietime); }
function common() { if ($_GET['openid']) { $binduser = C::t('#aljwsq#aljwsq_user')->fetch($_GET['openid']); if (empty($binduser) && file_exists(DISCUZ_ROOT . './source/plugin/wechat/wechat.lib.class.php')) { $binduser = DB::fetch_first('SELECT * FROM %t WHERE openid=%s', array('common_member_wechat', $_GET['openid'])); } //debug($binduser); //debug($_GET['openid']); if ($binduser) { $user = C::t('common_member')->fetch_by_username($binduser['username']); require_once libfile('function/member'); setloginstatus($user, 2592000); } } }
function connect_login($connect_member) { global $_G; if (!($member = getuserbyuid($connect_member['uid'], 1))) { return false; } else { if (isset($member['_inarchive'])) { C::t('common_member_archive')->move_to_master($member['uid']); } } require_once libfile('function/member'); $cookietime = 1296000; setloginstatus($member, $cookietime); dsetcookie('connect_login', 1, $cookietime); dsetcookie('connect_is_bind', '1', 31536000); dsetcookie('connect_uin', $connect_member['conopenid'], 31536000); return true; }
function xwb_setSiteUserLogin($uid) { global $_G; if (empty($uid)) { return false; } //登录 $member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $uid . "'"); if (!$member) { return false; } setloginstatus($member, time() + 60 * 60 * 24 ? 2592000 : 0); DB::query("UPDATE " . DB::table('common_member_status') . " SET lastip='" . $_G['clientip'] . "', lastvisit='" . time() . "' WHERE uid='{$uid}'"); include_once libfile('function/stat'); updatestat('login'); updatecreditbyaction('daylogin', $uid); checkusergroup($uid); return true; }
public function register() { if ($this->memberID > 0) { $this->redirect($this->referer ? $this->referer : 'Member/index'); } if (IS_POST) { $membersModel = D('Members'); if ($membersModel->create()) { if ($insertId = $membersModel->add()) { $info = $membersModel->where("id='{$insertId}'")->find(); setloginstatus($info); $this->success('register success', $this->referer ? $this->referer : U('Member/index')); } } else { $this->error($membersModel->getError()); } } else { $this->display(); } }
private function _qqInfo($res, $openId, $oauthToken, $platformId) { global $_G; $password = MOBCENT_HACKER_PASSWORD; require_once libfile('function/member'); if (!empty($platformId) && $platformId == 20) { $qqUserInfo = $this->_getQQinfoByOpenId($openId); if (isset($qqUserInfo) && !empty($qqUserInfo)) { $userInfo = UserUtils::getUserInfo($qqUserInfo['uid']); setloginstatus($userInfo, $_GET['cookietime'] ? 2592000 : 0); C::t('common_member_status')->update($userInfo['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP)); $ipArray = explode('.', $_G['clientip']); $sid = FileUtils::getRandomFileName('', 6); $data = array('sid' => $sid, 'ip1' => $ipArray[0], 'ip2' => $ipArray[1], 'ip3' => $ipArray[2], 'ip4' => $ipArray[3], 'uid' => $userInfo['uid'], 'username' => $userInfo['username'], 'groupid' => $userInfo['groupid'], 'invisible' => '0', 'action' => '', 'lastactivity' => time(), 'fid' => '0', 'tid' => '0', 'lastolupdate' => '0'); $comSess = DzCommonSession::getComSessByUid($userInfo['uid']); if (!empty($comSess)) { DzCommonSession::delComSess($userInfo['uid']); } DzCommonSession::insertComSess($data); $userAccess = AppbymeUserAccess::loginProcess($userInfo['uid'], $password); $res['body']['register'] = 0; $res['body']['uid'] = (int) $userInfo['uid']; $res['body']['userName'] = (string) $userInfo['username']; $res['body']['avatar'] = (string) UserUtils::getUserAvatar($userInfo['uid']); $res['body']['token'] = (string) $userAccess['token']; $res['body']['secret'] = (string) $userAccess['secret']; return $res; } else { $res['body']['register'] = 1; $res['body']['openId'] = (string) $openId; $res['body']['oauthToken'] = (string) $oauthToken; $res['body']['platformId'] = (int) $platformId; return $res; } } // 客户端参数不正确 return $this->makeErrorInfo($res, 'mobcent_error_params'); }
function on_login() { global $_G; empty($mrefreshtime) && ($mrefreshtime = 2000); if ($_G['uid']) { $ucsynlogin = uc_user_synlogin($_G['uid']); $param = array('username' => $_G['member']['username'], 'ucsynlogin' => $ucsynlogin, 'uid' => $_G['member']['uid']); showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => 1)); } if (!($_G['member_loginperm'] = logincheck())) { showmessage('login_strike'); } if (!submitcheck('loginsubmit', 1)) { $_G['referer'] = dreferer(); $cookietimecheck = !empty($_G['cookie']['cookietime']) ? 'checked="checked"' : ''; $username = !empty($_G['cookie']['loginuser']) ? htmlspecialchars($_G['cookie']['loginuser']) : ''; include template('member/login'); } else { $_G['uid'] = $_G['member']['uid'] = 0; $_G['username'] = $_G['member']['username'] = $_G['member']['password'] = ''; $result = userlogin($_G['gp_username'], $_G['gp_password'], null, null, 'auto'); if ($result['status'] > 0) { setloginstatus($result['member'], $_G['gp_cookietime'] ? 2592000 : 0); $ucsynlogin = uc_user_synlogin($_G['uid']); $message = 1; $param = array('username' => $_G['member']['username'], 'ucsynlogin' => $ucsynlogin, 'uid' => $_G['uid']); showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => 1)); } else { $password = preg_replace("/^(.{" . round(strlen($_G['gp_password']) / 4) . "})(.+?)(.{" . round(strlen($_G['gp_password']) / 6) . "})\$/s", "\\1***\\3", $_G['gp_password']); $errorlog = dhtmlspecialchars(TIMESTAMP . "\t" . ($result['ucresult']['username'] ? $result['ucresult']['username'] : dstripslashes($_G['gp_username'])) . "\t" . $password . "\t" . "Ques #" . intval($_G['gp_questionid']) . "\t" . $_G['clientip']); writelog('illegallog', $errorlog); loginfailed($_G['member_loginperm']); $fmsg = $result['ucresult']['uid'] == '-3' ? empty($_G['gp_questionid']) || $answer == '' ? 'login_question_empty' : 'login_question_invalid' : 'login_invalid'; showmessage($fmsg, '', array('loginperm' => $_G['member_loginperm'])); } } }
if ($result['status'] <= 0) { loginfailed($_GET['username']); failedip(); showmessage('login_invalid', '', array('loginperm' => $loginperm - 1)); } if (!$_G['wechat']['setting']['wechat_qrtype']) { if ($wechatuser) { if ($result['member']['uid'] != $wechatuser['uid']) { showmessage('wechat:wechat_openid_exists'); } wechat_setloginstatus($result['member']['uid'], true); } else { WeChatHook::bindOpenId($result['member']['uid'], $openid); wsq::report('bind'); } setloginstatus($result['member'], 1296000); showmessage('wechat:wechat_member_bind_succeed', $selfurl . 'bind'); } else { C::t('#wechat#common_member_wechatmp')->insert(array('uid' => $result['member']['uid'], 'openid' => $_GET['wxopenid'], 'status' => 1), false, true); wsq::report('bind'); $url = wsq::wxuserregisterUrl($result['member']['uid']); showmessage('wechat:wechat_member_bind_succeed', $url); } } elseif (($ac == 'register' && submitcheck('submit') || $ac == 'wxregister') && $_G['wechat']['setting']['wechat_allowregister']) { if ($wechatuser) { showmessage('wechat:wechat_openid_exists'); } else { if ($ac == 'wxregister') { loaducenter(); $user = uc_get_user($_GET['username']); if (!empty($user)) {
function register() { /*{{{*/ require_once dirname(dirname(dirname(__FILE__))) . '/bigappjson.class.php'; require_once libfile('function/misc'); require_once libfile('function/member'); require_once libfile('class/member'); $userName = isset($_REQUEST["username"]) ? $_REQUEST["username"] : ""; $password = isset($_REQUEST["password"]) ? $_REQUEST["password"] : ""; $email = isset($_REQUEST["email"]) ? strtolower($_REQUEST["email"]) : ""; global $_G; if (function_exists('iconv')) { $userName = iconv('UTF-8', CHARSET . '//ignore', $userName); } else { $userName = mb_convert_encoding($userName, CHARSET, 'UTF-8'); } if (empty($userName) || empty($password) || empty($email)) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'empty_params'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'empty_params')))); die(0); } $userNamelen = dstrlen($userName); if ($userNamelen < 3) { echo BIGAPPJSON::encode(array('error_code' => 3, 'error_msg' => lang('plugin/bigapp', 'username_short'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_short')))); die(0); } if ($userNamelen > 15) { echo BIGAPPJSON::encode(array('error_code' => 4, 'error_msg' => lang('plugin/bigapp', 'username_long'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_long')))); die(0); } $ctlObj = new register_ctl(); $ctlObj->setting = $_G['setting']; if (isset($ctlObj->setting['pwlength']) && $ctlObj->setting['pwlength']) { if (strlen($password) < $ctlObj->setting['pwlength']) { echo BIGAPPJSON::encode(array('error_code' => 5, 'error_msg' => lang('plugin/bigapp', 'password_length') . ' [ >= ' . $ctlObj->setting['pwlength'] . ' ]', 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_not_equal') . ' [ >= ' . $ctlObj->setting['pwlength'] . ' ]'))); die(0); } } if (isset($ctlObj->setting['strongpw']) && $ctlObj->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $ctlObj->setting['strongpw']) && !preg_match("/\\d+/", $password)) { $strongpw_str[] = lang('plugin/bigapp', 'password_number'); } if (in_array(2, $ctlObj->setting['strongpw']) && !preg_match("/[a-z]+/", $password)) { $strongpw_str[] = lang('plugin/bigapp', 'password_lowercase_char'); } if (in_array(3, $ctlObj->setting['strongpw']) && !preg_match("/[A-Z]+/", $password)) { $strongpw_str[] = lang('plugin/bigapp', 'password_uppercase_char'); } if (in_array(4, $ctlObj->setting['strongpw']) && !preg_match("/[^a-zA-Z0-9]+/", $password)) { $strongpw_str[] = lang('plugin/bigapp', 'password_charset'); } if ($strongpw_str) { echo BIGAPPJSON::encode(array('error_code' => 6, 'error_msg' => lang('plugin/bigapp', 'password_invalid') . ' [ ' . implode(', ', $strongpw_str) . ' ]', 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_invalid') . ' [ ' . implode(', ', $strongpw_str) . ' ]'))); die(0); } } /* if(!isset($_G['setting']['mobile']['mobileregister']) || !$_G['setting']['mobile']['mobileregister']){ echo BIGAPPJSON::encode(array('error_code' => 7, 'error_msg' => lang('plugin/bigapp', 'forbid_mobreg'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_mobreg')))); die(0); } */ loaducenter(); if (!$ctlObj->setting['regclosed'] && (!$ctlObj->setting['regstatus'] || !$ctlObj->setting['ucactivation'])) { if (!$ctlObj->setting['regstatus']) { echo BIGAPPJSON::encode(array('error_code' => 8, 'error_msg' => lang('plugin/bigapp', 'forbid_registration'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_registration')))); die(0); } } if ($ctlObj->setting['regverify']) { if ($ctlObj->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($ctlObj->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $ctlObj->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctlObj->setting['regverify'] = 0; break; } } } } if ($ctlObj->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $ctlObj->setting['newusergroupid']; } if (!$password || $password != addslashes($password)) { echo BIGAPPJSON::encode(array('error_code' => 9, 'error_msg' => lang('plugin/bigapp', 'password_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password_invalid_char')))); die(0); } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($ctlObj->setting['censoruser'] = trim($ctlObj->setting['censoruser']), '/')) . ')$/i'; if ($ctlObj->setting['censoruser'] && @preg_match($censorexp, $userName)) { echo BIGAPPJSON::encode(array('error_code' => 10, 'error_msg' => lang('plugin/bigapp', 'forbid_username'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_username')))); die(0); } if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $ctlObj->setting['regctrl'] = $ctlObj->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($ctlObj->setting['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $ctlObj->setting['regctrl'] * 3600)) { echo BIGAPPJSON::encode(array('error_code' => 11, 'error_msg' => lang('plugin/bigapp', 'forbid_ip'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_ip')))); die(0); } } $setregip = null; if ($ctlObj->setting['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $ctlObj->setting['regfloodctrl']) { echo BIGAPPJSON::encode(array('error_code' => 12, 'error_msg' => lang('plugin/bigapp', 'forbid_ip_today'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'forbid_ip_today')))); die(0); } else { $setregip = 1; } } else { $setregip = 2; } } $uid = uc_user_register($userName, $password, $email, '', '', $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_invalid_char')))); } elseif ($uid == -2) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_invalid_char'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_invalid_char')))); } elseif ($uid == -3) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'username_used'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'username_used')))); } elseif ($uid == -4) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'invalid_email'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_email')))); } elseif ($uid == -5) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'invalid_email'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_email')))); } elseif ($uid == -6) { echo BIGAPPJSON::encode(array('error_code' => 13, 'error_msg' => lang('plugin/bigapp', 'email_used'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email_used')))); } die(0); } $_G['username'] = $userName; $password = md5(random(10)); if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } $profile = $verifyarr = array(); $emailstatus = 0; $init_arr = array('credits' => explode(',', $ctlObj->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus); C::t('common_member')->insert($uid, $userName, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($ctlObj->setting['regctrl'] || $ctlObj->setting['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($ctlObj->setting['regctrl'] > 72 ? $ctlObj->setting['regctrl'] : 72) * 3600); if ($ctlObj->setting['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } if ($ctlObj->setting['regverify'] == 1) { $idstring = random(6); $authstr = $ctlObj->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('common_member_field_forum')->update($uid, array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$uid}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $username, 'bbname' => $ctlObj->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } } require_once libfile('cache/userstats', 'function'); build_cache_userstats(); $_GET['regmessage'] = 'from bigapp client'; $regmessage = dhtmlspecialchars($_GET['regmessage']); if ($ctlObj->setting['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); updatestat('register'); checkfollowfeed(); C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP)); //////////////////////////////////////////////// // 注册成功,绑定第三方openid $plat = $_GET["platform"]; if ($plat == "qq") { include_once CUR_PATH . "/../qqconnect/bind.php"; } else { if ($plat == "wechat") { include_once CUR_PATH . "/../wechatconnect/bind.php"; } } //////////////////////////////////////////////// echo BIGAPPJSON::encode(array('error_code' => 0, 'error_msg' => lang('plugin/bigapp', 'regist_succ'), 'Message' => array('messageval' => 'register_succeed', 'messagestr' => lang('plugin/bigapp', 'regist_succ')), 'Variables' => array('auth' => 'in order to be comapatible'))); die(0); }
function common() { global $_G; if (!defined('IN_MOBILE_API')) { return; } if (!$_G['setting']['mobile']['allowmobile']) { mobile_core::result(array('error' => 'mobile_is_closed')); } if (!empty($_GET['tpp'])) { $_G['tpp'] = intval($_GET['tpp']); } if (!empty($_GET['ppp'])) { $_G['ppp'] = intval($_GET['ppp']); } $_G['pluginrunlist'] = array('mobile', 'qqconnect', 'wechat'); $_G['siteurl'] = preg_replace('/api\\/mobile\\/$/', '', $_G['siteurl']); $_G['setting']['msgforward'] = ''; $_G['setting']['cacheindexlife'] = $_G['setting']['cachethreadlife'] = false; if (!$_G['setting']['mobile']['nomobileurl'] && function_exists('diconv') && !empty($_GET['charset'])) { $_GET = mobile_core::diconv_array($_GET, $_GET['charset'], $_G['charset']); } if ($_GET['_auth']) { require_once DISCUZ_ROOT . './source/plugin/wechat/wsq.class.php'; $uid = wsq::decodeauth($_GET['_auth']); $disablesec = false; if ($uid) { require_once libfile('function/member'); $member = getuserbyuid($uid, 1); if ($_GET['module'] != 'login') { setloginstatus($member, 1296000); $disablesec = true; } else { $disablesec = logincheck($member['username']); } } elseif ($_GET['module'] == 'login') { $disablesec = logincheck($_GET['username']); } if ($disablesec) { $_G['setting']['seccodedata'] = array(); $_G['setting']['seccodestatus'] = 0; $_G['setting']['secqaa'] = array(); unset($_GET['force']); define('IN_MOBILE_AUTH', $uid); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $_GET['formhash'] = $_G['formhash']; } } } if (class_exists('mobile_api', false) && method_exists('mobile_api', 'common')) { mobile_api::common(); } }
function on_register() { global $_G; $_GET['username'] = $_GET['' . $this->setting['reginput']['username']]; $_GET['password'] = $_GET['' . $this->setting['reginput']['password']]; $_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']]; $_GET['email'] = $_GET['' . $this->setting['reginput']['email']]; if ($_G['uid']) { $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; $url_forward = dreferer(); if (strpos($url_forward, $this->setting['regname']) !== false) { $url_forward = 'forum.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin)); } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) { if ($_GET['action'] == 'activation' || $_GET['activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { if ($this->setting['regconnect']) { dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple'); } showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; if ($this->setting['regverify']) { if ($this->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $this->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $this->setting['regverify'] = 0; break; } } } } $invitestatus = false; if ($this->setting['regstatus'] == 2) { if ($this->setting['inviteconfig']['inviteareawhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $invitestatus = true; } } } if ($this->setting['inviteconfig']['inviteipwhite']) { foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $invitestatus = true; break; } } } } $groupinfo = array(); if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = $this->setting['secqaa']['status'] & 1; $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0; $username = isset($_GET['username']) ? $_GET['username'] : ''; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_GET['auth']; if (!$invitestatus) { $invite = getinvite(); } $sendurl = $this->setting['sendregisterurl'] ? true : false; if ($sendurl) { if (!empty($_GET['hash'])) { $_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']); $hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey'])); if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) { $sendurl = false; } } } if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) { if ($_GET['action'] == 'activation') { $auth = explode("\t", authcode($auth, 'DECODE')); if (FORMHASH != $auth[1]) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $username = $auth[0]; $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE'); $sendurl = false; } if (!$sendurl) { if ($fromuid) { $member = getuserbyuid($fromuid); if (!empty($member)) { $fromuser = dhtmlspecialchars($member['username']); } else { dsetcookie('promotion'); } } if ($_GET['action'] == 'activation') { $auth = dhtmlspecialchars($auth); } if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); $dreferer = dreferer(); include template($this->template); } else { $activationauth = array(); if (isset($_GET['activationauth']) && $_GET['activationauth']) { $activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE')); if ($activationauth[1] != FORMHASH) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $sendurl = false; } if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) { checkemail($_GET['email']); } if ($sendurl) { $hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey'])); $registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&hash={$hashstr}&email={$_GET[email]}"; $email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl)); if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) { runlog('sendmail', "{$_GET['email']} sendmail failed."); } showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10)); } $emailstatus = 0; if ($this->setting['sendregisterurl'] && !$sendurl) { $_GET['email'] = strtolower($hash[0]); $this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify']; if (!$this->setting['regverify']) { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $emailstatus = 1; } if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } $activation = array(); if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) { if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } } if (!$activation) { $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } elseif ($usernamelen > 15) { showmessage('profile_username_toolong'); } if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) { if ($_G['inajax']) { showmessage('profile_username_duplicate'); } else { showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username)); } } if ($this->setting['pwlength']) { if (strlen($_GET['password']) < $this->setting['pwlength']) { showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength'])); } } if ($this->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_1'); } if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_2'); } if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_3'); } if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_4'); } if ($strongpw_str) { showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str)); } } $email = strtolower(trim($_GET['email'])); if (empty($email) && $_G['setting']['forgeemail']) { $_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST']; } if (empty($this->setting['ignorepassword'])) { if ($_GET['password'] !== $_GET['password2']) { showmessage('profile_passwd_notmatch'); } if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) { showmessage('profile_passwd_illegal'); } $password = $_GET['password']; } else { $password = md5(random(10)); } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i'; if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) { showmessage('profile_username_protect'); } if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) { showmessage('profile_required_info_invalid'); } if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $this->setting['regctrl'] = $this->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($this->setting['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) { showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl'])); } } $setregip = null; if ($this->setting['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $this->setting['regfloodctrl']) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl'])); } else { $setregip = 1; } } else { $setregip = 2; } } $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { if (defined('IN_MOBILE')) { break; } $field_key = $field['fieldid']; $field_val = $_GET['' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } if (!$activation) { $uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } } else { list($uid, $username, $email) = $activation; } $_G['username'] = $username; if (getuserbyuid($uid, 1)) { if (!$activation) { uc_user_delete($uid); } showmessage('profile_uid_duplicate', '', array('uid' => $uid)); } $password = md5(random(10)); $secques = $questionid > 0 ? random(8) : ''; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { $upload = new discuz_upload(); foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { $upload->init($file, 'profile'); $attach = $upload->attach; if (!$upload->error()) { $upload->save(); if (!$upload->get_image_info($attach['target'])) { @unlink($attach['target']); continue; } $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment'])); if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attach['attachment']; } else { $profile[$key] = $attach['attachment']; } } } } } if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } if ($invite && $this->setting['inviteconfig']['invitegroupid']) { $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid']; } $init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus); C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($emailstatus) { updatecreditbyaction('realemail', $uid); } if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP); C::t('common_member_verify_info')->insert($setverify); C::t('common_member_verify')->insert(array('uid' => $uid)); } require_once libfile('cache/userstats', 'function'); build_cache_userstats(); if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600); if ($this->setting['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } $regmessage = dhtmlspecialchars($_GET['regmessage']); if ($this->setting['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); updatestat('register'); if ($invite['id']) { $result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid); if (!$result) { C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2)); updatestat('invite'); } else { $invite = array(); } } if ($invite['uid']) { if ($this->setting['inviteconfig']['inviteaddcredit']) { updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit'])); } if ($this->setting['inviteconfig']['invitedaddcredit']) { updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit'])); } require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1); space_merge($invite, 'field_home'); if (!empty($invite['privacy']['feed']['invite'])) { require_once libfile('function/feed'); $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>'); feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']); } if ($invite['appid']) { updatestat('appinvite'); } } if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = replacesitevar($welcomemsgtitle); $welcomemsgtxt = replacesitevar($welcomemsgtxt); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1); } } if ($fromuid) { updatecreditbyaction('promotion_register', $fromuid); dsetcookie('promotion', ''); } dsetcookie('loginuser', ''); dsetcookie('activationauth', ''); dsetcookie('invite_auth', ''); $url_forward = dreferer(); $refreshtime = 3000; switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $refreshtime = 10000; break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; break; } $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'forum.php'; } $href = str_replace("'", "\\'", $url_forward); $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false); showmessage($message, $url_forward, $param, $extra); } }
function connect_login($connect_member) { global $_G; $member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='{$connect_member['uid']}'"); if (!$member) { return false; } require_once libfile('function/member'); $cookietime = 1296000; setloginstatus($member, $cookietime); dsetcookie('connect_login', 1, $cookietime); dsetcookie('connect_is_bind', '1', 31536000); dsetcookie('connect_uin', $connect_member['conopenid'], 31536000); include_once libfile('function/stat'); updatestat('login', 1); updatestat('connectlogin', 1); updatecreditbyaction('daylogin', $_G['uid']); checkusergroup($_G['uid']); return true; }
public function login() { global $_G; $validate_error = array(); //数据验证 $validate_error_rules = $this->rules(); if ($validate_error_rules !== true) { return $validate_error_rules; } require_once libfile('function/member'); $input_email = $_POST['email']; $input_password = $_POST['password']; $input_rememberme = $_POST['rememberme']; if (!($_G['member_loginperm'] = logincheck($input_email))) { $validate_error['password'] = '******'; return $validate_error; } $result = userlogin($input_email, $input_password, 0, 0, 'email', $_G['clientip']); if ($result['status'] <= 0) { $password = preg_replace("/^(.{" . round(strlen($input_password) / 4) . "})(.+?)(.{" . round(strlen($input_password) / 6) . "})\$/s", "\\1***\\3", $input_password); $errorlog = dhtmlspecialchars(TIMESTAMP . "\t" . ($result['ucresult']['username'] ? $result['ucresult']['username'] : $input_email) . "\t" . $password . "\t" . "Ques #" . intval($_GET['questionid']) . "\t" . $_G['clientip']); writelog('illegallog', $errorlog); loginfailed($input_email); failedip(); if ($_G['member_loginperm'] > 1) { $loginperm = $_G['member_loginperm'] - 1; $validate_error['password'] = '******' . $loginperm . ' 次'; return $validate_error; } elseif ($_G['member_loginperm'] == -1) { $validate_error['password'] = '******'; return $validate_error; } else { $validate_error['password'] = '******'; return $validate_error; } } else { setloginstatus($result['member'], $_GET['rememberme'] ? 2592000 : 0); //是否记住密码,自动登录 if ($_G['member']['lastip'] && $_G['member']['lastvisit']) { dsetcookie('lip', $_G['member']['lastip'] . ',' . $_G['member']['lastvisit']); } C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'port' => $_G['remoteport'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP)); $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; //是否Ucenter同步登录 return true; } }
function login() { global $_G; $userName = null; $password = null; if (isset($_REQUEST['username'])) { $userName = $_REQUEST['username']; } if (isset($_REQUEST['password'])) { $password = $_REQUEST['password']; } if (isset($_REQUEST['questionid'])) { $questionid = intval($_REQUEST['questionid']); } else { $questionid = 0; } if (isset($_REQUEST['answer'])) { $answer = $_REQUEST['answer']; } else { $answer = ''; } if (function_exists('iconv')) { $userName = iconv('UTF-8', CHARSET . '//ignore', $userName); $answer = iconv('UTF-8', CHARSET . '//ignore', $answer); } else { $userName = mb_convert_encoding($userName, CHARSET, 'UTF-8'); $answer = mb_convert_encoding($answer, CHARSET, 'UTF-8'); } $_G['uid'] = $_G['member']['uid'] = 0; $_G['username'] = $_G['member']['username'] = $_G['member']['password'] = ''; if (empty($userName) || empty($password) || $password != addslashes($password)) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'invalid_param'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'invalid_param')))); die(0); } require_once dirname(dirname(dirname(__FILE__))) . '/bigappjson.class.php'; require_once libfile('function/misc'); require_once libfile('function/mail'); loaducenter(); if (!($_G['member_loginperm'] = logincheck($userName))) { echo BIGAPPJSON::encode(array('error_code' => 3, 'error_msg' => lang('plugin/bigapp', 'too_many_errors'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'too_many_errors')))); die(0); } $result = userlogin($userName, $password, $questionid, $answer, 'username', $_G['clientip']); if ($result['ucresult']['uid'] == '-3') { /* $sql = 'SELECT * FROM ' . DB::table('common_member') . " WHERE username = '******'"; $query = DB::query($sql); $userInfo = array(); while($tmp = DB::fetch($query)) { $userInfo = $tmp; break; } if(empty($userInfo)){ echo BIGAPPJSON::encode(array('error_code' => 4, 'error_msg' => lang('plugin/bigapp', 'user_not_exists'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'user_not_exists')))); die(0); }else */ //if(!empty($answer)){ echo BIGAPPJSON::encode(array('error_code' => 9, 'error_msg' => lang('plugin/bigapp', 'user_seq_question'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'user_seq_question')))); die(0); //} /* $result['ucresult']['uid'] = $userInfo['uid']; $result['member'] = $userInfo; $result['status'] = 1; */ } $uid = $_G['uid'] = $result['ucresult']['uid']; $userName = $result['ucresult']['username']; $userAvatar = avatar($_G['uid'], 'big', true); $userAvatar = str_replace("\r", '', $userAvatar); $userAvatar = str_replace("\n", '', $userAvatar); $ctlObj = new logging_ctl(); $ctlObj->setting = $_G['setting']; if ($result['status'] == -1) { if (!$ctlObj->setting['fastactivation']) { echo BIGAPPJSON::encode(array('error_code' => 5, 'error_msg' => lang('plugin/bigapp', 'activate_first'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'login_failed')))); die(0); } $init_arr = explode(',', $ctlObj->setting['initcredits']); $groupid = $ctlObj->setting['regverify'] ? 8 : $ctlObj->setting['newusergroupid']; C::t('common_member')->insert($uid, $result['ucresult']['username'], md5(random(10)), $result['ucresult']['email'], $_G['clientip'], $groupid, $init_arr); $result['member'] = getuserbyuid($uid); $result['status'] = 1; } if ($result['status'] > 0) { if ($ctlObj->extrafile && file_exists($ctlObj->extrafile)) { require_once $ctlObj->extrafile; } setloginstatus($result['member'], $_GET['cookietime'] ? 2592000 : 0); checkfollowfeed(); C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP)); if (isset($result['member']['password'])) { unset($result['member']['password']); } if (isset($result['member']['credits'])) { unset($result['member']['credits']); } echo BIGAPPJSON::encode(array('error_code' => 0, 'error_msg' => lang('plugin/bigapp', 'login_succ'), 'data' => $result['member'], 'Message' => array('messageval' => 'login_succeed', 'messagestr' => lang('plugin/bigapp', 'login_succ')), 'Variables' => array('auth' => 'in order to be comapatible'))); die(0); } if ($_G['member_loginperm'] > 1) { echo BIGAPPJSON::encode(array('error_code' => 6, 'error_msg' => lang('plugin/bigapp', 'login_failed'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'login_failed')))); } elseif ($_G['member_loginperm'] == -1) { echo BIGAPPJSON::encode(array('error_code' => 7, 'error_msg' => lang('plugin/bigapp', 'error_password'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'error_password')))); } else { echo BIGAPPJSON::encode(array('error_code' => 8, 'error_msg' => lang('plugin/bigapp', 'too_many_errors'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'too_many_errors')))); } die(0); }
if ($bind = C::t('#weibo#weibo')->fetch($_G['uid'])) { C::t('#weibo#weibo')->update($_G['uid'], array('sina_uid' => $token['uid'], 'sina_username' => $token['username'], 'token' => $token['access_token'], 'remind_in' => $token['remind_in'], 'expires_in' => $token['expires_in'], 'update' => $_G['timestamp'])); } else { C::t('#weibo#weibo')->insert(array('uid' => $_G['uid'], 'username' => $_G['username'], 'sina_uid' => $token['uid'], 'sina_username' => $token['username'], 'token' => $token['access_token'], 'remind_in' => $token['remind_in'], 'expires_in' => $token['expires_in'], 'thread' => 1, 'reply' => 1, 'follow' => 1, 'blog' => 1, 'doing' => 1, 'share' => 1, 'article' => 1, 'dateline' => $_G['timestamp'], 'update' => $_G['timestamp'])); } showmessage('weibo:bind_succeed', 'home.php?mod=spacecp&ac=plugin&id=weibo:bind'); } else { $bind = C::t('#weibo#weibo')->fetch_by_sina_uid($token['uid']); $member = getuserbyuid($bind['uid'], 1); if ($bind && $member) { if (isset($member['_inarchive'])) { C::t('common_member_archive')->move_to_master($member['uid']); } require_once libfile('function/member'); $cookietime = 1296000; setloginstatus($member, $cookietime); loadcache('usergroups'); $usergroups = $_G['cache']['usergroups'][$_G['groupid']]['grouptitle']; $param = array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle']); C::t('common_member_status')->update($bind['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP)); $ucsynlogin = ''; if ($_G['setting']['allowsynlogin']) { loaducenter(); $ucsynlogin = uc_user_synlogin($_G['uid']); } showmessage('login_succeed', dreferer(), $param, array('extrajs' => $ucsynlogin)); } else { $dreferer = rawurlencode(dreferer()); showmessage('weibo:complete_or_bind', 'member.php?mod=' . $_G['setting']['regname'] . '&referer=' . $dreferer); } }
public function doLogin() { $url_referer = $_SESSION['urlReferer']; $this->waitSecond = 3; if ($this->memberID > 0) { $this->redirect($url_referer ? $url_referer : U('MemberIndex/index')); } $dao = D("Members"); //临时密码 $list = $dao->where("email ='" . $_POST['email'] . "'")->find(); if (!$list) { $this->error("email error, do not have this account!"); } else { if (md5($_POST['password']) != $list['password'] && $_POST['password'] != $list['password']) { $this->error("Password error!"); } else { $cookietime = 0; if (intval($_POST['isStay'])) { $cookietime = 86400 * 30; } setloginstatus($list, $cookietime); //将会员帐号的sessionid修改为现在的sessionid; if ($list['id'] > 0) { $cartModel = D('Cart'); $data['session_id'] = Cookie::get('sessionID'); //$data['uid']=$list['id']; $cartModel->where("uid='" . $list['id'] . "' or session_id='" . Cookie::get('sessionID') . "'")->data($data)->save(); } $data['lastlogindate'] = time(); $data['lastloginip'] = get_client_ip(); $dao->where("id ='" . $list['id'] . "'")->save($data); self::$Model = D("Shippingaddress"); $memberShippingAddress = self::$Model->where("id=" . $list['id'])->find(); if (!$memberShippingAddress && $this->isAjax()) { $this->ajaxReturn(!empty($url_referer) ? $url_referer : '', 'noaddress', 0); } elseif (isset($url_referer) && !$this->isAjax()) { redirect($url_referer); } $this->jumpUrl = !empty($url_referer) ? $url_referer : U('MemberIndex/index'); $this->success("Login Successful!"); } } }
function check_user_login() { global $_G; $admin_username = isset($_POST['admin_username']) ? trim($_POST['admin_username']) : ''; if ($admin_username != '') { require_once libfile('function/member'); if (logincheck($_POST['admin_username'])) { if ((empty($_POST['admin_questionid']) || empty($_POST['admin_answer'])) && $_G['config']['admincp']['forcesecques']) { $this->do_user_login(); } $result = userlogin($_POST['admin_username'], $_POST['admin_password'], $_POST['admin_questionid'], $_POST['admin_answer']); if ($result['status'] == 1) { $cpgroupid = DB::result_first("SELECT uid FROM " . DB::table('common_admincp_member') . " WHERE uid='{$result['member']['uid']}'"); if ($cpgroupid || $this->checkfounder($result['member'])) { DB::insert('common_admincp_session', array('uid' => $result['member']['uid'], 'adminid' => $result['member']['adminid'], 'panel' => $this->panel, 'dateline' => TIMESTAMP, 'ip' => $this->core->var['clientip'], 'errorcount' => -1), false, true); setloginstatus($result['member'], 0); dheader('Location: ' . ADMINSCRIPT . '?' . cpurl('url', array('sid'))); } else { $this->cpaccess = -2; } } else { loginfailed($_POST['admin_username']); } } else { $this->cpaccess = -4; } } }
function on_login() { global $_G; if ($_G['uid']) { $ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; $param = array('username' => $_G['member']['username'], 'uid' => $_G['member']['uid']); showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => true, 'extrajs' => $ucsynlogin)); } $seccodecheck = $_G['setting']['seccodestatus'] & 2; $invite = getinvite(); if (!submitcheck('loginsubmit', 1, $seccodecheck)) { $_G['referer'] = dreferer(); $thetimenow = '(GMT ' . ($_G['setting']['timeoffset'] > 0 ? '+' : '') . $_G['setting']['timeoffset'] . ') ' . dgmdate(TIMESTAMP, 'u') . ($cookietimecheck = !empty($_G['cookie']['cookietime']) ? 'checked="checked"' : ''); if ($seccodecheck) { $seccode = random(6, 1) + $seccode[0] * 1000000; } $username = !empty($_G['cookie']['loginuser']) ? htmlspecialchars($_G['cookie']['loginuser']) : ''; $navtitle = lang('core', 'title_login'); include template('member/login'); } else { if (!($_G['member_loginperm'] = logincheck())) { showmessage('login_strike'); } if ($_G['gp_fastloginfield']) { $_G['gp_loginfield'] = $_G['gp_fastloginfield']; } $_G['uid'] = $_G['member']['uid'] = 0; $_G['username'] = $_G['member']['username'] = $_G['member']['password'] = ''; $result = userlogin($_G['gp_username'], $_G['gp_password'], $_G['gp_questionid'], $_G['gp_answer'], $_G['setting']['autoidselect'] ? 'auto' : $_G['gp_loginfield']); if ($result['status'] > 0) { setloginstatus($result['member'], $_G['gp_cookietime'] ? 2592000 : 0); DB::query("UPDATE " . DB::table('common_member_status') . " SET lastip='" . $_G['clientip'] . "', lastvisit='" . time() . "', lastactivity='" . TIMESTAMP . "' WHERE uid='{$_G['uid']}'"); $ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; include_once libfile('function/stat'); updatestat('login', 1); updatecreditbyaction('daylogin', $_G['uid']); checkusergroup($_G['uid']); if ($invite['id']) { DB::update("common_invite", array('fuid' => $uid, 'fusername' => $username), array('id' => $invite['id'])); updatestat('invite'); } if ($invite['uid']) { require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); dsetcookie('invite_auth', ''); if ($invite['appid']) { updatestat('appinvite'); } } if (!empty($_G['inajax']) && empty($_G['gp_quickforward'])) { $_G['setting']['msgforward'] = unserialize($_G['setting']['msgforward']); $mrefreshtime = intval($_G['setting']['msgforward']['refreshtime']) * 1000; loadcache('usergroups'); $usergroups = addslashes($_G['cache']['usergroups'][$_G['groupid']]['grouptitle']); $message = 1; include template('member/login'); } else { $param = array('username' => $_G['member']['username'], 'uid' => $_G['member']['uid'], 'syn' => $ucsynlogin ? 1 : 0); if ($_G['groupid'] == 8) { showmessage('login_succeed_inactive_member', 'home.php?mod=space&do=home', $param, array('extrajs' => $ucsynlogin)); } else { showmessage('login_succeed', $invite ? 'home.php?mod=space&do=home' : dreferer(), $param, array('extrajs' => $ucsynlogin)); } } } elseif ($result['status'] == -1) { $auth = authcode($result['ucresult']['username'] . "\t" . FORMHASH, 'ENCODE'); $location = 'member.php?mod=' . $_G['setting']['regname'] . '&action=activation&auth=' . rawurlencode($auth); if ($_G['inajax'] && empty($_G['gp_quickforward'])) { $message = 2; include template('member/login'); } else { showmessage('login_activation', $location); } } else { $password = preg_replace("/^(.{" . round(strlen($_G['gp_password']) / 4) . "})(.+?)(.{" . round(strlen($_G['gp_password']) / 6) . "})\$/s", "\\1***\\3", $_G['gp_password']); $errorlog = dhtmlspecialchars(TIMESTAMP . "\t" . ($result['ucresult']['username'] ? $result['ucresult']['username'] : dstripslashes($_G['gp_username'])) . "\t" . $password . "\t" . "Ques #" . intval($_G['gp_questionid']) . "\t" . $_G['clientip']); writelog('illegallog', $errorlog); loginfailed($_G['member_loginperm']); $fmsg = $result['ucresult']['uid'] == '-3' ? empty($_G['gp_questionid']) || $answer == '' ? 'login_question_empty' : 'login_question_invalid' : 'login_invalid'; showmessage($fmsg, '', array('loginperm' => $_G['member_loginperm'])); } } }
function connect_login($connect_member) { global $_G; $member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='{$connect_member['uid']}'"); if (!$member) { return false; } require_once libfile('function/member'); $cookietime = 1296000; setloginstatus($member, $cookietime); dsetcookie('connect_login', 1, $cookietime); dsetcookie('connect_is_bind', '1', 31536000); dsetcookie('connect_uin', $connect_member['conopenid'], 31536000); return true; }
/** * 登录写入缓存并改变登录状态 * * @param array $userInfo 将要登录的用户信息. * @param mixed $uid 将要登录用户的uid. * */ public static function updateCookie($userInfo = array(), $uid) { require_once libfile('function/member'); // discuz的源码,修改有未知风险,所以采用赋值的方式. $result['member'] = $userInfo; $_G['uid'] = $uid; setloginstatus($result['member'], $_GET['cookietime'] ? 2592000 : 0); checkfollowfeed(); C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP)); // uc同步登录写入cookie有问题,暂时注释,待以后修复 9.26 // $ucsynlogin = $ctlObj->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; if ($invite['id']) { $result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid); if (!$result) { C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'])); updatestat('invite'); } else { $invite = array(); } } if ($invite['uid']) { require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); dsetcookie('invite_auth', ''); if ($invite['appid']) { updatestat('appinvite'); } } }
unset($_GET['mapifrom'], $_GET['charset']); if (wsq::checksign($_GET)) { $member = getuserbyuid($_GET['siteuid'], 1); if ($member) { require_once libfile('function/member'); setloginstatus($member, 1296000); } } } elseif ($ac == 'wxregverify') { if (!wsq::checksign($_GET)) { showmessage('wechat:wechat_member_auth_fail'); } $member = getuserbyuid($_GET['siteuid'], 1); if ($member) { require_once libfile('function/member'); setloginstatus($member, 1296000); } if ($_G['cookie']['wxnewuser']) { $groupid = $_G['wechat']['setting']['wechat_newusergroupid'] ? $_G['wechat']['setting']['wechat_newusergroupid'] : $_G['setting']['newusergroupid']; C::t('common_member')->update($_G['uid'], array('groupid' => $groupid)); dsetcookie('wxnewuser', '', -1); } dheader('location: ' . ($_GET['referer'] ? $_GET['referer'] : $_G['siteurl'])); } else { showmessage('undefined_action'); } function redirectregister($username) { global $_G; $defaultusername = substr($username, 0, 15); loaducenter();
$newuid = DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'gp_username']}'"); if (DB::result_first("SELECT COUNT(*) FROM " . DB::table('myrepeats') . " WHERE uid='{$newuid}' AND username='******'")) { $username = htmlspecialchars($_G['gp_username']); include template('myrepeats:switch_login'); exit; } showmessage('myrepeats:user_nonexistence'); } elseif ($user['locked']) { $usernamess = stripslashes($_G['gp_username']); showmessage('myrepeats:user_locked', '', array('user' => $usernamess)); } list($password, $questionid, $answer) = explode("\t", authcode($user['logindata'], 'DECODE', $_G['config']['security']['authkey'])); $result = userlogin($_G['gp_username'], $password, $questionid, $answer); $_G['myrepeats_ucresult'] = $result['ucresult']; if ($result['status'] > 0) { setloginstatus($result['member'], 2592000); DB::query("UPDATE " . DB::table('myrepeats') . " SET lastswitch='" . TIMESTAMP . "' WHERE uid='{$olddiscuz_uid}' AND username='******'gp_username']}'"); $ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; dsetcookie('mrn', ''); dsetcookie('mrd', ''); $comment = $user['comment'] ? '(' . $user['comment'] . ') ' : ''; showmessage('myrepeats:login_succeed', $referer, array('user' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'comment' => $comment), array('showmsg' => 1, 'showdialog' => 1, 'locationtime' => 3, 'extrajs' => $ucsynlogin)); } elseif ($result['status'] == -1) { clearcookies(); $_G['myrepeats_ucresult']['username'] = addslashes($_G['myrepeats_ucresult']['username']); $_G['username'] = ''; $_G['uid'] = 0; $auth = authcode($_G['myrepeats_ucresult']['username'] . "\t" . formhash(), 'ENCODE'); showmessage('myrepeats:login_activation', 'member.php?mod=' . $_G['setting']['regname'] . '&action=activation&auth=' . rawurlencode($auth) . '&referer=' . rawurlencode($referer), array('user' => $_G['myrepeats_ucresult']['username']), array('showmsg' => 1, 'showdialog' => 1, 'locationtime' => 3)); } else { myrepeats_loginfailure($_G['gp_username'], $password, $questionid, $answer);
public function register() { global $_G; $validate_error = array(); //数据验证 $validate_error_rules = $this->rules(); if ($validate_error_rules !== true) { return $validate_error_rules; } $input_email = $_POST['email']; $input_password = $_POST['password']; $rand = rand(100, 999); $newusername = '******' . $_G['timestamp'] . $rand; //*注册数据提交 loaducenter(); $uid = uc_user_register(addslashes($newusername), $input_password, $input_email); if ($uid <= 0) { if ($uid == -4) { $validate_error['email'] = 'Email 地址无效'; return $validate_error; } elseif ($uid == -5) { $validate_error['email'] = 'Email 包含不可使用的邮箱域名'; return $validate_error; } elseif ($uid == -6) { $validate_error['email'] = '该 Email 地址已经被注册'; return $validate_error; } elseif ($uid == -1) { $rand = rand(100, 999); $newusername = '******' . $_G['timestamp'] . $rand; $uid = uc_user_register(addslashes($newusername), $input_password, $input_email); do { $rand = rand(100, 999); $newusername = '******' . $_G['timestamp'] . $rand; $uid = uc_user_register(addslashes($newusername), $input_password, $input_email); } while ($uid == -1); } else { $validate_error['email'] = '未知错误'; return $validate_error; } } loadcache('fields_register'); $init_arr = explode(',', $_G['setting']['initcredits']); $password = md5(random(10)); C::t('common_member')->insert($uid, $newusername, $password, $input_email, $_G['clientip'], 10, $init_arr, 0); //直接登录 require_once libfile('function/member'); $result = userlogin($input_email, $input_password, 0, 0, 'email', $_G['clientip']); setloginstatus($result['member'], 0); //是否记住密码,自动登录 C::t('common_member_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'port' => $_G['remoteport'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP)); $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; //是否Ucenter同步登录 return true; }
function on_register() { global $_G; $_G['gp_username'] = $_G['gp_' . $this->setting['reginput']['username']]; $_G['gp_password'] = $_G['gp_' . $this->setting['reginput']['password']]; $_G['gp_password2'] = $_G['gp_' . $this->setting['reginput']['password2']]; $_G['gp_email'] = $_G['gp_' . $this->setting['reginput']['email']]; if ($_G['uid']) { $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; $url_forward = dreferer(); if (strpos($url_forward, $this->setting['regname']) !== false) { $url_forward = 'forum.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin)); } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) { if ($_G['gp_action'] == 'activation' || $this->setting['gp_activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; if ($this->setting['regverify']) { if ($this->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $this->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $this->setting['regverify'] = 0; break; } } } } $invitestatus = false; if ($this->setting['regstatus'] == 2) { if ($this->setting['inviteconfig']['inviteareawhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $invitestatus = true; } } } if ($this->setting['inviteconfig']['inviteipwhite']) { foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $invitestatus = true; break; } } } } $groupinfo = array(); if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = $this->setting['secqaa']['status'] & 1; $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0; $username = isset($_G['gp_username']) ? $_G['gp_username'] : ''; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_G['gp_auth']; if (!$invitestatus) { $invite = getinvite(); } if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) { if ($_G['gp_action'] == 'activation') { $auth = explode("\t", authcode($auth, 'DECODE')); if (FORMHASH != $auth[1]) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $username = $auth[0]; $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE'); } if ($fromuid) { $query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$fromuid}'"); if (DB::num_rows($query)) { $fromuser = dhtmlspecialchars(DB::result($query, 0)); } else { dsetcookie('promotion'); } } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); if ($_G['gp_action'] == 'activation') { $auth = dhtmlspecialchars($auth); } if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) { require_once libfile('member/' . $this->extrafile, 'module'); } $dreferer = dreferer(); include template($this->template); } else { if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } $activation = array(); if (isset($_G['gp_activationauth'])) { $activationauth = explode("\t", authcode($_G['gp_activationauth'], 'DECODE')); if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } } if (!$activation) { $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } elseif ($usernamelen > 15) { showmessage('profile_username_toolong'); } $username = addslashes(trim(dstripslashes($username))); if (uc_get_user($username) && !DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'")) { if ($_G['inajax']) { showmessage('profile_username_duplicate'); } else { showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => stripslashes($username))); } } $email = trim($_G['gp_email']); if (empty($this->setting['ignorepassword'])) { if ($_G['gp_password'] !== $_G['gp_password2']) { showmessage('profile_passwd_notmatch'); } if (!$_G['gp_password'] || $_G['gp_password'] != addslashes($_G['gp_password'])) { showmessage('profile_passwd_illegal'); } $password = $_G['gp_password']; } else { $password = md5(random(10)); } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i'; if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) { showmessage('profile_username_protect'); } if ($this->setting['regverify'] == 2 && !trim($_G['gp_regmessage'])) { showmessage('profile_required_info_invalid'); } if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $this->setting['regctrl'] = $this->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($this->setting['regctrl']) { $query = DB::query("SELECT ip FROM " . DB::table('common_regip') . " WHERE ip LIKE '{$ctrlip}' AND count='-1' AND dateline>{$_G['timestamp']}-'" . $this->setting['regctrl'] . "'*3600 LIMIT 1"); if (DB::num_rows($query)) { showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl'])); } } $regipsql = ''; if ($this->setting['regfloodctrl']) { if ($regattempts = DB::result_first("SELECT count FROM " . DB::table('common_regip') . " WHERE ip='{$_G['clientip']}' AND count>'0' AND dateline>'{$_G['timestamp']}'-86400")) { if ($regattempts >= $this->setting['regfloodctrl']) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl'])); } else { $regipsql = "UPDATE " . DB::table('common_regip') . " SET count=count+1 WHERE ip='{$_G['clientip']}' AND count>'0'"; } } else { $regipsql = "INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '1', '{$_G['timestamp']}')"; } } $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { if (defined('IN_MOBILE')) { break; } $field_key = $field['fieldid']; $field_val = $_G['gp_' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } if (!$activation) { $uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } } else { list($uid, $username, $email) = $activation; } $_G['username'] = $username; if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) { if (!$activation) { uc_user_delete($uid); } showmessage('profile_uid_duplicate', '', array('uid' => $uid)); } $password = md5(random(10)); $secques = $questionid > 0 ? random(8) : ''; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { require_once libfile('class/upload'); $upload = new discuz_upload(); foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { $upload->init($file, 'profile'); $attach = $upload->attach; if (!$upload->error()) { $upload->save(); if (!$upload->get_image_info($attach['target'])) { @unlink($attach['target']); continue; } $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment'])); if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attach['attachment']; } else { $profile[$key] = $attach['attachment']; } } } } } if ($regipsql) { DB::query($regipsql); } if ($invite && $this->setting['inviteconfig']['invitegroupid']) { $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid']; } $init_arr = explode(',', $this->setting['initcredits']); $userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => TIMESTAMP, 'credits' => $init_arr[0], 'timeoffset' => 9999); $status_data = array('uid' => $uid, 'regip' => $_G['clientip'], 'lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP, 'lastpost' => 0, 'lastsendmail' => 0); $profile['uid'] = $uid; $field_forum['uid'] = $uid; $field_home['uid'] = $uid; if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) { require_once libfile('member/' . $this->extrafile, 'module'); } DB::insert('common_member', $userdata); DB::insert('common_member_status', $status_data); DB::insert('common_member_profile', $profile); DB::insert('common_member_field_forum', $field_forum); DB::insert('common_member_field_home', $field_home); if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => TIMESTAMP); DB::insert('common_member_verify_info', $setverify); DB::insert('common_member_verify', array('uid' => $uid)); } $count_data = array('uid' => $uid, 'extcredits1' => $init_arr[1], 'extcredits2' => $init_arr[2], 'extcredits3' => $init_arr[3], 'extcredits4' => $init_arr[4], 'extcredits5' => $init_arr[5], 'extcredits6' => $init_arr[6], 'extcredits7' => $init_arr[7], 'extcredits8' => $init_arr[8]); DB::insert('common_member_count', $count_data); DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true); manyoulog('user', $uid, 'add'); $totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member')); $userstats = array('totalmembers' => $totalmembers, 'newsetuser' => stripslashes($username)); save_syscache('userstats', $userstats); if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) { DB::query("DELETE FROM " . DB::table('common_regip') . " WHERE dateline<='{$_G['timestamp']}'-" . ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) . "*3600", 'UNBUFFERED'); if ($this->setting['regctrl']) { DB::query("INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '-1', '{$_G['timestamp']}')"); } } $regmessage = dhtmlspecialchars($_G['gp_regmessage']); if ($this->setting['regverify'] == 2) { DB::query("REPLACE INTO " . DB::table('common_member_validate') . " (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\t\t\tVALUES ('{$uid}', '{$_G['timestamp']}', '0', '', '1', '0', '{$regmessage}', '')"); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => dstripslashes($_G['username']), 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); updatestat('register'); if ($invite['id']) { $result = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_invite') . " WHERE uid='{$invite['uid']}' AND fuid='{$uid}'"); if (!$result) { DB::update("common_invite", array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2), array('id' => $invite['id'])); updatestat('invite'); } else { $invite = array(); } } if ($invite['uid']) { if ($this->setting['inviteconfig']['inviteaddcredit']) { updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit'])); } if ($this->setting['inviteconfig']['invitedaddcredit']) { updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit'])); } require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1); space_merge($invite, 'field_home'); if (!empty($invite['privacy']['feed']['invite'])) { require_once libfile('function/feed'); $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>'); feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']); } if ($invite['appid']) { updatestat('appinvite'); } } if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = addslashes(replacesitevar($welcomemsgtitle)); $welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt)); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array(), 1); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array(), 1); } } if ($fromuid) { updatecreditbyaction('promotion_register', $fromuid); dsetcookie('promotion', ''); } dsetcookie('loginuser', ''); dsetcookie('activationauth', ''); dsetcookie('invite_auth', ''); loadcache('setting', true); $_G['setting']['lastmember'] = stripslashes($username); $settingnew = $_G['setting']; $settingnew['pluginhooks'] = array(); save_syscache('setting', $settingnew); switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; DB::query("UPDATE " . DB::table('common_member_field_forum') . " SET authstr='{$authstr}' WHERE uid='{$_G['uid']}'"); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message); $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $url_forward = dreferer(); break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; $url_forward = $_G['setting']['homestatus'] ? 'home.php?mod=space&do=home' : 'home.php?mod=spacecp'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; $url_forward = dreferer(); break; } $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'forum.php'; } $href = str_replace("'", "\\'", $url_forward); $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false); showmessage($message, $url_forward, $param, $extra); } }
function synlogin($get, $post) { global $_G; if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } //note 同步登录 API 接口 header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); $cookietime = 31536000; $uid = intval($get['uid']); $query = DB::query("SELECT uid, username, password FROM " . DB::table('common_member') . " WHERE uid='{$uid}'"); if ($member = DB::fetch($query)) { dsetcookie('auth', authcode("{$member['password']}\t{$member['uid']}", 'ENCODE'), $cookietime); } elseif (!empty($_G['setting']['autoactivationuser'])) { //自动激活 require_once libfile('function/login'); $result = autoactivationuser($uid); if ($result) { setloginstatus($result, $cookietime); } } }
function on_register() { global $_G; $_GET['username'] = $_GET['username']; $_GET['nickname'] = $_GET['nickname']; $_GET['password'] = $_GET['password']; $_GET['password2'] = $_GET['password2']; $_GET['email'] = $_GET['email']; if ($_G['uid']) { $url_forward = dreferer(); if (strpos($url_forward, 'reg') !== false) { $url_forward = 'index.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array()); } elseif (!$this->setting['regclosed']) { if ($_GET['action'] == 'activation' || $_GET['activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; $username = isset($_GET['username']) ? $_GET['username'] : ''; $invitestatus = false; $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = 0; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_GET['auth']; if (!$invitestatus) { $invite = getinvite(); } if (!submitcheck('regsubmit', 0, $seccodecheck)) { if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); $dreferer = dreferer(); include template($this->template); } else { $emailstatus = 0; if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } //验证同意协议 if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } //验证用户姓名 $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } if ($usernamelen > 30) { showmessage('profile_username_toolong'); } //验证用户名 if ($nickname = trim($_GET['nickname'])) { $nicknamelen = dstrlen($nickname); if ($nicknamelen < 3) { showmessage('profile_nickname_tooshort'); } if ($nicknamelen > 30) { showmessage('profile_nickname_toolong'); } } else { $nickname = ''; } //验证邮箱 $email = strtolower(trim($_GET['email'])); checkemail($email); //验证密码长度 if ($this->setting['pwlength']) { if (strlen($_GET['password']) < $this->setting['pwlength']) { showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength'])); } } //验证密码强度 if ($this->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_1'); } if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_2'); } if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_3'); } if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) { $strongpw_str[] = lang('user/template', 'strongpw_4'); } if ($strongpw_str) { showmessage(lang('user/template', 'password_weak') . implode(',', $strongpw_str)); } } //验证两次密码一致性 if ($_GET['password'] !== $_GET['password2']) { showmessage('两次密码不匹配'); } if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) { showmessage('profile_passwd_illegal'); } $password = $_GET['password']; $ctrlip = $_G['clientip']; $setregip = null; $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { /*if(defined('IN_MOBILE')) { break; }*/ $field_key = $field['fieldid']; $field_val = $_GET['' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.parentNode.parentNode.className = \'form-group warning\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.parentNode.parentNode.className = \'form-group\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } $groupinfo = array(); $addorg = 0; if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; $addorg = 1; } $result = uc_user_register(addslashes($username), $password, $email, addslashes($nickname), $questionid, $answer, $_G['clientip'], $addorg); if (is_array($result)) { $uid = $result['uid']; $password = $result['password']; } else { $uid = $result; } if ($uid <= 0) { if ($uid == -1) { showmessage('profile_nickname_illegal'); } elseif ($uid == -2) { showmessage('profile_nickname_protect'); } elseif ($uid == -3) { showmessage('profile_nickname_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } elseif ($uid == -7) { showmessage('profile_username_illegal'); } else { showmessage('undefined_action'); } } $_G['username'] = $username; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { if ($attachment = uploadtolocal($file, 'profile', '')) { if (@getimagesize($_G['setting']['attachdir'] . $attachment)) { //判断是否为图片文件 @unlink($_G['setting']['attachdir'] . $attachment); continue; } if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attachment; } else { $profile[$key] = $attachment; } } } } } $init_arr = array('profile' => $profile, 'emailstatus' => $emailstatus); C::t('user')->insert($uid, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP); C::t('user_verify_info')->insert($setverify); C::t('user_verify')->insert(array('uid' => $uid)); } require_once libfile('cache/userstats', 'function'); build_cache_userstats(); if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = replacesitevar($welcomemsgtitle); $welcomemsgtxt = replacesitevar($welcomemsgtxt); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); } } dsetcookie('loginuser', ''); dsetcookie('invite_auth', ''); $url_forward = dreferer(); $refreshtime = 3000; switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('user')->update($_G['uid'], array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}user.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'sitename' => $this->setting['sitename'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $refreshtime = 10000; break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; break; } $param = daddslashes(array('sitename' => $this->setting['sitename'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid'])); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'index.php'; } $extra = array('showdialog' => true, 'locationtime' => false, 'extrajs' => ''); showmessage('', $url_forward, array(), array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $url_forward . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $url_forward . '\';' . '$(\'register_form\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $message, $param) . '\';</script>', 'striptags' => false, 'showdialog' => false)); //showmessage($message, $url_forward, $param, $extra); } }
public static function register($username, $return = 0, $groupid = 0) { global $_G; if (!$username) { return; } if (!$_G['wechat']['setting']) { $_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']); } loaducenter(); $groupid = !$groupid ? $_G['wechat']['setting']['wechat_newusergroupid'] ? $_G['wechat']['setting']['wechat_newusergroupid'] : $_G['setting']['newusergroupid'] : $groupid; $password = md5(random(10)); $email = 'wechat_' . strtolower(random(10)) . '@null.null'; $usernamelen = dstrlen($username); if ($usernamelen < 3) { $username = $username . '_' . random(5); } if ($usernamelen > 15) { if (!$return) { showmessage('profile_username_toolong'); } else { return; } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($_G['setting']['censoruser'] = trim($_G['setting']['censoruser']), '/')) . ')$/i'; if ($_G['setting']['censoruser'] && @preg_match($censorexp, $username)) { if (!$return) { showmessage('profile_username_protect'); } else { return; } } if (!$_G['wechat']['setting']['wechat_disableregrule']) { loadcache('ipctrl'); if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $_G['setting']['regctrl'] = $_G['setting']['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($_G['setting']['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $_G['setting']['regctrl'] * 3600)) { if (!$return) { showmessage('register_ctrl', NULL, array('regctrl' => $_G['setting']['regctrl'])); } else { return; } } } $setregip = null; if ($_G['setting']['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $_G['setting']['regfloodctrl']) { if (!$return) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $_G['setting']['regfloodctrl'])); } else { return; } } else { $setregip = 1; } } else { $setregip = 2; } } if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } } $uid = uc_user_register(addslashes($username), $password, $email, '', '', $_G['clientip']); if ($uid <= 0) { if (!$return) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } else { return; } } $init_arr = array('credits' => explode(',', $_G['setting']['initcredits'])); C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupid, $init_arr); if ($_G['setting']['regctrl'] || $_G['setting']['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($_G['setting']['regctrl'] > 72 ? $_G['setting']['regctrl'] : 72) * 3600); if ($_G['setting']['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } if ($_G['setting']['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => '', 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $username, 'password' => $password, 'groupid' => $groupid), 0); //统计 include_once libfile('function/stat'); updatestat('register'); return $uid; }
function check_user_login() { global $_G; $admin_email = isset($_POST['admin_email']) ? trim($_POST['admin_email']) : ''; if ($admin_email != '') { if (logincheck($_POST['admin_email'])) { if ((empty($_POST['admin_questionid']) || empty($_POST['admin_answer'])) && ($_G['config']['admincp']['forcesecques'] || $_G['group']['forcesecques'])) { $this->do_user_login(); } $result = userlogin($_POST['admin_email'], $_POST['admin_password'], $_POST['admin_questionid'], $_POST['admin_answer'], 'auto', $this->core->var['clientip']); if ($result['status'] == 1) { if ($this->checkfounder($result['member']) || $result['member']['groupid'] == 1 || $result['member']['groupid'] == 2) { C::t('admincp_session')->insert(array('uid' => $result['member']['uid'], 'adminid' => $result['member']['adminid'], 'panel' => $result['member']['groupid'], 'dateline' => TIMESTAMP, 'ip' => $this->core->var['clientip'], 'errorcount' => -1), false, true); setloginstatus($result['member'], 0); dheader('Location: ' . ADMINSCRIPT . '?' . cpurl('url', array('sid'))); } else { $this->cpaccess = -2; } } else { loginfailed($_POST['admin_email']); } } else { $this->cpaccess = -4; } } }