Пример #1
0
function getverifyicon($iconkey = 'iconnew', $target)
{
    global $_G, $_GET, $_FILES;
    if ($_FILES[$iconkey]) {
        $iconnew = uploadtolocal($_FILES[$iconkey], 'common', $target);
    } elseif ($_GET['' . $iconkey]) {
        $icon_url = parse_url($_GET['' . $iconkey]);
        if ($icon_url['host']) {
            $iconnew = imagetolocal($_GET['' . $iconkey], 'common', $target);
        } else {
            $iconnew = $_GET['' . $iconkey];
        }
    } else {
        $iconnew = '';
    }
    return $iconnew;
}
Пример #2
0
 foreach ($_FILES as $key => $file) {
     if (!isset($_G['cache']['profilesetting'][$key])) {
         continue;
     }
     $field = $_G['cache']['profilesetting'][$key];
     if (!empty($file) && $file['error'] == 0 || !empty($space[$key]) && empty($_GET['deletefile'][$key])) {
         $value = '1';
     } else {
         $value = '';
     }
     if (!profile_check($key, $value, $space)) {
         profile_showerror($key);
     } elseif ($field['size'] && $field['size'] * 1024 < $file['size']) {
         profile_showerror($key, lang('message', 'filesize_lessthan') . $field['size'] . 'KB');
     }
     if ($attachment = uploadtolocal($file, 'profile', '')) {
         if (!@getimagesize($_G['setting']['attachdir'] . $attachment)) {
             //判断是否为图片文件
             @unlink($_G['setting']['attachdir'] . $attachment);
             continue;
         }
         $setarr[$key] = '';
         //$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
         if ($vid && $verifyconfig['available'] && isset($verifyconfig['field'][$key])) {
             if (isset($verifyinfo['field'][$key])) {
                 @unlink(getglobal('setting/attachdir') . $verifyinfo['field'][$key]);
                 $verifyarr[$key] = $attachment;
             }
             continue;
         }
         if (isset($setarr[$key]) && $_G['cache']['profilesetting'][$key]['needverify']) {
Пример #3
0
 function on_register()
 {
     global $_G;
     $_GET['username'] = $_GET['username'];
     $_GET['nickname'] = $_GET['nickname'];
     $_GET['password'] = $_GET['password'];
     $_GET['password2'] = $_GET['password2'];
     $_GET['email'] = $_GET['email'];
     if ($_G['uid']) {
         $url_forward = dreferer();
         if (strpos($url_forward, 'reg') !== false) {
             $url_forward = 'index.php';
         }
         showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array());
     } elseif (!$this->setting['regclosed']) {
         if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
             if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
                 showmessage('register_disable_activation');
             }
         } elseif (!$this->setting['regstatus']) {
             showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
         }
     }
     $bbrules =& $this->setting['bbrules'];
     $bbrulesforce =& $this->setting['bbrulesforce'];
     $bbrulestxt =& $this->setting['bbrulestxt'];
     $welcomemsg =& $this->setting['welcomemsg'];
     $welcomemsgtitle =& $this->setting['welcomemsgtitle'];
     $welcomemsgtxt =& $this->setting['welcomemsgtxt'];
     $regname = $this->setting['regname'];
     $username = isset($_GET['username']) ? $_GET['username'] : '';
     $invitestatus = false;
     $seccodecheck = $this->setting['seccodestatus'] & 1;
     $secqaacheck = 0;
     $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
     $auth = $_GET['auth'];
     if (!$invitestatus) {
         $invite = getinvite();
     }
     if (!submitcheck('regsubmit', 0, $seccodecheck)) {
         if ($seccodecheck) {
             $seccode = random(6, 1);
         }
         $username = dhtmlspecialchars($username);
         $htmls = $settings = array();
         foreach ($_G['cache']['fields_register'] as $field) {
             $fieldid = $field['fieldid'];
             $html = profile_setting($fieldid, array(), false, false, true);
             if ($html) {
                 $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
                 $htmls[$fieldid] = $html;
             }
         }
         $navtitle = $this->setting['reglinkname'];
         if ($this->extrafile && file_exists($this->extrafile)) {
             require_once $this->extrafile;
         }
         $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
         $dreferer = dreferer();
         include template($this->template);
     } else {
         $emailstatus = 0;
         if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
             showmessage('not_open_registration_invite');
         }
         //验证同意协议
         if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
             showmessage('register_rules_agree');
         }
         //验证用户姓名
         $usernamelen = dstrlen($username);
         if ($usernamelen < 3) {
             showmessage('profile_username_tooshort');
         }
         if ($usernamelen > 30) {
             showmessage('profile_username_toolong');
         }
         //验证用户名
         if ($nickname = trim($_GET['nickname'])) {
             $nicknamelen = dstrlen($nickname);
             if ($nicknamelen < 3) {
                 showmessage('profile_nickname_tooshort');
             }
             if ($nicknamelen > 30) {
                 showmessage('profile_nickname_toolong');
             }
         } else {
             $nickname = '';
         }
         //验证邮箱
         $email = strtolower(trim($_GET['email']));
         checkemail($email);
         //验证密码长度
         if ($this->setting['pwlength']) {
             if (strlen($_GET['password']) < $this->setting['pwlength']) {
                 showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
             }
         }
         //验证密码强度
         if ($this->setting['strongpw']) {
             $strongpw_str = array();
             if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
                 $strongpw_str[] = lang('user/template', 'strongpw_1');
             }
             if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
                 $strongpw_str[] = lang('user/template', 'strongpw_2');
             }
             if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
                 $strongpw_str[] = lang('user/template', 'strongpw_3');
             }
             if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
                 $strongpw_str[] = lang('user/template', 'strongpw_4');
             }
             if ($strongpw_str) {
                 showmessage(lang('user/template', 'password_weak') . implode(',', $strongpw_str));
             }
         }
         //验证两次密码一致性
         if ($_GET['password'] !== $_GET['password2']) {
             showmessage('两次密码不匹配');
         }
         if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
             showmessage('profile_passwd_illegal');
         }
         $password = $_GET['password'];
         $ctrlip = $_G['clientip'];
         $setregip = null;
         $profile = $verifyarr = array();
         foreach ($_G['cache']['fields_register'] as $field) {
             /*if(defined('IN_MOBILE')) {
             			break;
             		}*/
             $field_key = $field['fieldid'];
             $field_val = $_GET['' . $field_key];
             if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
                 $field_val = true;
             }
             if (!profile_check($field_key, $field_val)) {
                 $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
                 showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.parentNode.parentNode.className = \'form-group warning\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.parentNode.parentNode.className = \'form-group\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
             }
             if ($field['needverify']) {
                 $verifyarr[$field_key] = $field_val;
             } else {
                 $profile[$field_key] = $field_val;
             }
         }
         $groupinfo = array();
         $addorg = 0;
         if ($this->setting['regverify']) {
             $groupinfo['groupid'] = 8;
         } else {
             $groupinfo['groupid'] = $this->setting['newusergroupid'];
             $addorg = 1;
         }
         $result = uc_user_register(addslashes($username), $password, $email, addslashes($nickname), $questionid, $answer, $_G['clientip'], $addorg);
         if (is_array($result)) {
             $uid = $result['uid'];
             $password = $result['password'];
         } else {
             $uid = $result;
         }
         if ($uid <= 0) {
             if ($uid == -1) {
                 showmessage('profile_nickname_illegal');
             } elseif ($uid == -2) {
                 showmessage('profile_nickname_protect');
             } elseif ($uid == -3) {
                 showmessage('profile_nickname_duplicate');
             } elseif ($uid == -4) {
                 showmessage('profile_email_illegal');
             } elseif ($uid == -5) {
                 showmessage('profile_email_domain_illegal');
             } elseif ($uid == -6) {
                 showmessage('profile_email_duplicate');
             } elseif ($uid == -7) {
                 showmessage('profile_username_illegal');
             } else {
                 showmessage('undefined_action');
             }
         }
         $_G['username'] = $username;
         if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
             $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
         }
         if (isset($_POST['birthyear'])) {
             $profile['zodiac'] = get_zodiac($_POST['birthyear']);
         }
         if ($_FILES) {
             foreach ($_FILES as $key => $file) {
                 $field_key = 'field_' . $key;
                 if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
                     if ($attachment = uploadtolocal($file, 'profile', '')) {
                         if (@getimagesize($_G['setting']['attachdir'] . $attachment)) {
                             //判断是否为图片文件
                             @unlink($_G['setting']['attachdir'] . $attachment);
                             continue;
                         }
                         if ($_G['cache']['fields_register'][$field_key]['needverify']) {
                             $verifyarr[$key] = $attachment;
                         } else {
                             $profile[$key] = $attachment;
                         }
                     }
                 }
             }
         }
         $init_arr = array('profile' => $profile, 'emailstatus' => $emailstatus);
         C::t('user')->insert($uid, $_G['clientip'], $groupinfo['groupid'], $init_arr);
         if ($verifyarr) {
             $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
             C::t('user_verify_info')->insert($setverify);
             C::t('user_verify')->insert(array('uid' => $uid));
         }
         require_once libfile('cache/userstats', 'function');
         build_cache_userstats();
         if ($this->extrafile && file_exists($this->extrafile)) {
             require_once $this->extrafile;
         }
         setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
         include_once libfile('function/stat');
         if ($welcomemsg && !empty($welcomemsgtxt)) {
             $welcomemsgtitle = replacesitevar($welcomemsgtitle);
             $welcomemsgtxt = replacesitevar($welcomemsgtxt);
             if ($welcomemsg == 1) {
                 $welcomemsgtxt = nl2br(str_replace(':', '&#58;', $welcomemsgtxt));
             } elseif ($welcomemsg == 2) {
                 sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
             } elseif ($welcomemsg == 3) {
                 sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
                 $welcomemsgtxt = nl2br(str_replace(':', '&#58;', $welcomemsgtxt));
             }
         }
         dsetcookie('loginuser', '');
         dsetcookie('invite_auth', '');
         $url_forward = dreferer();
         $refreshtime = 3000;
         switch ($this->setting['regverify']) {
             case 1:
                 $idstring = random(6);
                 $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
                 C::t('user')->update($_G['uid'], array('authstr' => $authstr));
                 $verifyurl = "{$_G[siteurl]}user.php?mod=activate&amp;uid={$_G[uid]}&amp;id={$idstring}";
                 $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'sitename' => $this->setting['sitename'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
                 if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
                     runlog('sendmail', "{$email} sendmail failed.");
                 }
                 $message = 'register_email_verify';
                 $locationmessage = 'register_email_verify_location';
                 $refreshtime = 10000;
                 break;
             case 2:
                 $message = 'register_manual_verify';
                 $locationmessage = 'register_manual_verify_location';
                 break;
             default:
                 $message = 'register_succeed';
                 $locationmessage = 'register_succeed_location';
                 break;
         }
         $param = daddslashes(array('sitename' => $this->setting['sitename'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']));
         if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
             $url_forward = 'index.php';
         }
         $extra = array('showdialog' => true, 'locationtime' => false, 'extrajs' => '');
         showmessage('', $url_forward, array(), array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $url_forward . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $url_forward . '\';' . '$(\'register_form\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $message, $param) . '\';</script>', 'striptags' => false, 'showdialog' => false));
         //showmessage($message, $url_forward, $param, $extra);
     }
 }
Пример #4
0
            $open[$arr[count($arr) - 1]] = $arr;
        }
    } else {
        $open[$arr[$count - 1]] = $arr;
    }
    $openarr = json_encode(array('orgid' => $open));
    include template('import_list');
} else {
    if (submitcheck('importfilesubmit')) {
        if ($_FILES['importfile']['tmp_name']) {
            $allowext = array('xls', 'xlsx');
            $ext = strtolower(substr(strrchr($_FILES['importfile']['name'], '.'), 1, 10));
            if (!in_array($ext, $allowext)) {
                showmessage('只允许导入xls,xlsx类型的文件', dreferer());
            }
            if ($file = uploadtolocal($_FILES['importfile'], 'cache')) {
                $url = ADMINSCRIPT . '?mod=orguser&op=import&do=list&file=' . urlencode($file);
                @header("Location: {$url}");
                exit;
                showmessage('人员信息表上传成功,正在调转到导入页面', ADMINSCRIPT . '?mod=orguser&op=import&do=list&file=' . urlencode($file));
            } else {
                showmessage('上传信息表未成功,请稍候重试', dreferer());
            }
        } else {
            showmessage('请选择人员信息表', dreferer());
        }
    } else {
        include template('import_guide');
    }
}
function checkprofile($fieldid, &$value)
Пример #5
0
 }
 if (($oappid = DB::result_first("select appid from %t where appurl=%s", array('app_market', $setarr['appurl']))) && $oappid != $appid) {
     $msg .= '应用地址已经存在';
 }
 if ($msg) {
     showmessage($msg);
 }
 //处理应用图标
 $iconnew = '';
 $target = '';
 if ($appid) {
     $target = DB::result_first("select appico from " . DB::table('app_market') . " where appid='{$appid}'");
 }
 if ($_FILES['iconnew']) {
     if ($_FILES['iconnew']['tmp_name']) {
         if ($appico = uploadtolocal($_FILES['iconnew'], 'appico', $target)) {
             $setarr['appico'] = $appico;
         }
     }
 } else {
     if (!$_GET['iconnew']) {
         $_GET['iconnew'] = 'dzz/images/default/icodefault.png';
     }
     if ($_GET['iconnew'] && $_GET['iconnew'] != $_G['setting']['attachurl'] . $target) {
         if ($appico = imagetolocal($_GET['iconnew'], 'appico', $target)) {
             $setarr['appico'] = $appico;
         }
     }
 }
 $picids = $_GET['picids'];
 //删除已有图片