function MemberConnect_DoLogin($apptype, $openid)
{
global $empire, $dbtbpre;
$apptype = RepPostVar($apptype);
$openid = RepPostVar($openid);
$mcr = MemberConnect_CheckOpenid($apptype, $openid);
if ($mcr['id']) {
$lifetime = 0;
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='" . $mcr['userid'] . "' limit 1");
DoEcmsMemberLogin($r, $lifetime);
MemberConnect_UpdateBindLogin($mcr['id']);
MemberConnect_ResetVar();
printerrortourl('../../../');
} else {
printerrortourl('../tobind.php');
}
}
function EditInfo($post)
{
global $empire, $dbtbpre, $public_r;
$user_r = islogin();
//是否登陆
$userid = $user_r[userid];
$username = $user_r[username];
$dousername = $username;
$rnd = $user_r[rnd];
$groupid = $user_r[groupid];
if (!$userid || !$username) {
printerror("NotEmpty", "history.go(-1)", 1);
}
//验证附加表必填项
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
$user_r = $empire->fetch1("select " . eReturnSelectMemberF('groupid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}'");
$fid = GetMemberFormId($user_r['groupid']);
if (empty($addr[userid])) {
$mr['add_filepass'] = $userid;
$member_r = ReturnDoMemberF($fid, $post, $mr, 0, $dousername);
} else {
$addr['add_filepass'] = $userid;
$member_r = ReturnDoMemberF($fid, $post, $addr, 1, $dousername);
}
//附加表
if (empty($addr[userid])) {
//IP
$regip = egetip();
$regipport = egetipport();
$lasttime = time();
$sql = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$regip}','{$lasttime}','{$regip}',1,'{$regipport}','{$regipport}'" . $member_r[1] . ");");
} else {
$sql = $empire->query("update {$dbtbpre}enewsmemberadd set userid='{$userid}'" . $member_r[0] . " where userid='{$userid}'");
}
//更新附件
UpdateTheFileEditOther(6, $userid, 'member');
if ($sql) {
printerror("EditInfoSuccess", "../member/EditInfo/", 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function AddMemberGbook($add)
{
global $empire, $dbtbpre;
//验证码
$keyvname = 'checkspacegbkey';
ecmsCheckShowKey($keyvname, $add['key'], 1);
//用户
$userid = intval($add['userid']);
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
if (empty($ur['userid'])) {
printerror("NotUsername", "", 1);
}
//发表者
$uid = (int) getcvar('mluserid');
if ($uid) {
$uname = RepPostVar(getcvar('mlusername'));
} else {
$uid = 0;
$uname = trim($add['uname']);
}
$uname = RepPostStr($uname);
$gbtext = RepPostStr($add['gbtext']);
if (empty($uname) || !trim($gbtext)) {
printerror("EmptyMemberGbook", "history.go(-1)", 1);
}
$isprivate = intval($add['isprivate']);
$addtime = date("Y-m-d H:i:s");
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsmembergbook(userid,isprivate,uid,uname,ip,addtime,gbtext,retext,eipport) values({$userid},{$isprivate},{$uid},'{$uname}','{$ip}','{$addtime}','{$gbtext}','','{$eipport}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
printerror("AddMemberGbookSuccess", $_SERVER['HTTP_REFERER'], 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function AddMsg($add)
{
global $empire, $level_r, $dbtbpre;
$user = islogin();
$title = RepPostStr(trim($add['title']));
$to_username = RepPostVar(trim($add['to_username']));
$msgtext = RepPostStr($add['msgtext']);
if (empty($title) || !trim($msgtext) || empty($to_username)) {
printerror("EmptyMsg", "", 1);
}
if ($user['username'] == $to_username) {
printerror("MsgToself", "", 1);
}
//字数
$len = strlen($msgtext);
if ($len > $level_r[$user[groupid]][msglen]) {
printerror("MoreMsglen", "", 1);
}
//接收方是否存在
$r = $empire->fetch1("select " . eReturnSelectMemberF('userid,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$to_username}' limit 1");
if (!$r['userid']) {
printerror("MsgNotToUsername", "", 1);
}
//对方短消息是否满
$mnum = $empire->gettotal("select count(*) as total from {$dbtbpre}enewsqmsg where to_username='******'");
if ($mnum + 1 > $level_r[$r[groupid]][msgnum]) {
printerror("UserMoreMsgnum", "", 1);
}
$msgtime = date("Y-m-d H:i:s");
$sql = $empire->query("insert into {$dbtbpre}enewsqmsg(title,msgtext,haveread,msgtime,to_username,from_userid,from_username,isadmin,issys) values('" . addslashes($title) . "','" . addslashes($msgtext) . "',0,'{$msgtime}','{$to_username}','{$user['userid']}','{$user['username']}',0,0);");
$newhavemsg = eReturnSetHavemsg($user['havemsg'], 0);
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('havemsg') . "='{$newhavemsg}' where " . egetmf('username') . "='{$to_username}' limit 1");
if ($sql) {
printerror("AddMsgSuccess", "../member/msg/", 1);
} else {
printerror("DbError", "", 1);
}
}
function CardGetFen($username, $reusername, $card_no, $password)
{
global $empire, $dbtbpre;
$card_no = RepPostVar($card_no);
$password = RepPostVar($password);
$username = RepPostVar($username);
if (!trim($username) || !trim($card_no) || !trim($password)) {
printerror("EmptyGetCard", "history.go(-1)", 1);
}
if ($username != $reusername) {
printerror("DifCardUsername", "history.go(-1)", 1);
}
$user = $empire->fetch1("select " . eReturnSelectMemberF('userid,userdate,username') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$user['userid']) {
printerror("ExiestCardUsername", "history.go(-1)", 1);
}
$num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewscard where card_no='" . $card_no . "' and password='******' limit 1");
if (!$num) {
printerror("CardPassError", "history.go(-1)", 1);
}
//是否过期
$buytime = date("Y-m-d H:i:s");
$r = $empire->fetch1("select cardfen,money,endtime,carddate,cdgroupid,cdzgroupid from {$dbtbpre}enewscard where card_no='{$card_no}' limit 1");
if ($r[endtime] != "0000-00-00") {
$endtime = to_date($r[endtime]);
if ($endtime < time()) {
printerror("CardOutDate", "history.go(-1)", 1);
}
}
//充值
eAddFenToUser($r[cardfen], $r[carddate], $r[cdgroupid], $r[cdzgroupid], $user);
$sql1 = $empire->query("delete from {$dbtbpre}enewscard where card_no='{$card_no}'");
//删除卡号
//备份购买记录
BakBuy($user['userid'], $username, $card_no, $r[cardfen], $r[money], $r[carddate], 0);
printerror("CardGetFenSuccess", "../member/card/", 1);
}
function GetSofturl($classid, $id, $pathid, $p, $pass, $onlinetime, $onlinepass)
{
global $empire, $dbtbpre, $public_r, $class_r, $emod_r, $level_r, $ecms_config;
//验证IP
eCheckAccessDoIp('onlineinfo');
$classid = (int) $classid;
$id = (int) $id;
$pathid = (int) $pathid;
$onlinetime = (int) $onlinetime;
$p = RepPostVar($p);
if (!$classid || empty($id) || empty($p)) {
exit;
}
$p_r = explode(":::", $p);
$userid = $p_r[0];
$rnd = $p_r[1];
//验证码
$cpass = md5(ReturnDownSysCheckIp() . "wm_chief" . $public_r[downpass] . $userid);
if ($cpass != $pass) {
exit;
}
//验证验证码
CheckOnlinePass($onlinetime, $onlinepass);
//表不存在
if (empty($class_r[$classid][tbname])) {
exit;
}
$mid = $class_r[$classid][modid];
$tbname = $class_r[$classid][tbname];
$r = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id='{$id}' limit 1");
if (empty($r['id']) || $r['classid'] != $classid) {
exit;
}
//副表
$finfor = $empire->fetch1("select " . ReturnSqlFtextF($mid) . " from {$dbtbpre}ecms_" . $tbname . "_data_" . $r[stb] . " where id='{$r['id']}' limit 1");
$r = array_merge($r, $finfor);
//区分下载地址
$path_r = explode("\r\n", $r[onlinepath]);
if (!$path_r[$pathid]) {
exit;
}
$showdown_r = explode("::::::", $path_r[$pathid]);
$downgroup = $showdown_r[2];
//下载权限
if ($downgroup) {
$userid = (int) $userid;
$rnd = RepPostVar($rnd);
//取得会员资料
$u = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' and " . egetmf('rnd') . "='{$rnd}' limit 1");
if (empty($u['userid'])) {
exit;
}
//下载次数限制
$setuserday = "";
if ($level_r[$u['groupid']]['daydown']) {
$setuserday = DoCheckMDownNum($userid, $u['groupid'], 1);
}
if ($level_r[$downgroup][level] > $level_r[$u[groupid]][level]) {
exit;
}
//点数是否足够
$showdown_r[3] = intval($showdown_r[3]);
if ($showdown_r[3]) {
//---------是否有历史记录
$bakr = $empire->fetch1("select id,truetime from {$dbtbpre}enewsdownrecord where id='{$id}' and classid='{$classid}' and userid='{$userid}' and pathid='{$pathid}' and online=1 order by truetime desc limit 1");
if ($bakr[id] && time() - $bakr[truetime] <= $public_r[redodown] * 3600) {
} else {
//包月卡
if ($u['userdate'] - time() > 0) {
} else {
if ($showdown_r[3] > $u['userfen']) {
exit;
}
//去除点数
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "-" . $showdown_r[3] . " where " . egetmf('userid') . "='{$userid}'");
}
//备份下载记录
$utfusername = $u['username'];
BakDown($classid, $id, $pathid, $userid, $utfusername, $r[title], $showdown_r[3], 1);
}
}
//更新用户下载次数
if ($setuserday) {
$usql = $empire->query($setuserday);
}
}
//总下载数据增一
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set totaldown=totaldown+1 where id='{$id}'");
//选择播放器
$ftype = GetFiletype($showdown_r[1]);
if (strstr($ecms_config['sets']['realplayertype'], ',' . $ftype . ',')) {
Header("Content-Type: audio/x-pn-realaudio");
} else {
Header("Content-Type: video/x-ms-asf");
}
$downurl = stripSlashes($showdown_r[1]);
$downurlr = ReturnDownQzPath($downurl, $showdown_r[4]);
$downurl = $downurlr['repath'];
//防盗链
@(include ECMS_PATH . DASHBOARD . "/DownSys/class/enpath.php");
$downurl = DoEnOnlinepath($downurl);
db_close();
$empire = null;
echo $downurl;
exit;
}
function PayApiBuyGroupPay($bgid, $money, $orderid, $userid, $username, $groupid, $ecms_paytype)
{
global $empire, $dbtbpre, $level_r;
$bgid = (int) $bgid;
$userid = (int) $userid;
$username = RepPostVar($username);
$groupid = (int) $groupid;
$ecms_paytype = RepPostVar($ecms_paytype);
//验证是否重复提交
$orderid = RepPostVar($orderid);
$num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewspayrecord where orderid='{$orderid}' limit 1");
if ($num) {
printerror('您已成功充值', '../../../', 1, 0, 1);
}
$buyr = $empire->fetch1("select * from {$dbtbpre}enewsbuygroup where id='{$bgid}'");
if ($buyr['id'] && $money == $buyr['gmoney'] && $level_r[$buyr[buygroupid]][level] <= $level_r[$groupid][level]) {
$money = (double) $money;
//充值
$user = $empire->fetch1("select " . eReturnSelectMemberF('userdate,userid,username') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}'");
eAddFenToUser($buyr['gfen'], $buyr['gdate'], $buyr['ggroupid'], $buyr['gzgroupid'], $user);
$posttime = date("Y-m-d H:i:s");
$payip = egetip();
$paybz = "充值类型:" . addslashes($buyr['gname']);
$paybz = RepPostStr($paybz);
$empire->query("insert into {$dbtbpre}enewspayrecord(id,userid,username,orderid,money,posttime,paybz,type,payip) values(NULL,'{$userid}','{$username}','{$orderid}','{$money}','{$posttime}','{$paybz}','{$ecms_paytype}','{$payip}');");
//备份充值记录
BakBuy($userid, $username, $buyr['gname'], $buyr['gfen'], $money, $buyr['gdate'], 1);
}
printerror('您已成功充值', '../../../', 1, 0, 1);
}
function register($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
//关闭注册
if ($public_r['register_ok']) {
printerror('CloseRegister', '', 1);
}
//验证时间段允许操作
eCheckTimeCloseDo('reg');
//验证IP
eCheckAccessDoIp('register');
if (!empty($ecms_config['member']['registerurl'])) {
Header("Location:" . $ecms_config['member']['registerurl']);
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror('LoginToRegister', '', 1);
}
CheckCanPostUrl();
//验证来源
$username = trim($add['username']);
$password = trim($add['password']);
$username = RepPostVar($username);
$password = RepPostVar($password);
$email = RepPostStr($add['email']);
if (!$username || !$password || !$email) {
printerror("EmptyMember", "history.go(-1)", 1);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkregkey';
if ($public_r['regkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$user_groupid = eReturnMemberDefGroupid();
$groupid = (int) $add['groupid'];
$groupid = empty($groupid) ? $user_groupid : $groupid;
CheckMemberGroupCanReg($groupid);
//IP
$regip = egetip();
$regipport = egetipport();
//用户字数
$pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
$userlen = strlen($username);
if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
printerror('FaiUserlen', '', 1);
}
//密码字数
$passlen = strlen($password);
if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
printerror('FailPasslen', '', 1);
}
if ($add['repassword'] !== $password) {
printerror('NotRepassword', '', 1);
}
if (!chemail($email)) {
printerror('EmailFail', '', 1);
}
if (strstr($username, '|') || strstr($username, '*')) {
printerror('NotSpeWord', '', 1);
}
//同一IP注册
eCheckIpRegTime($regip, $pr['regretime']);
//保留用户
toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
$username = RepPostStr($username);
//重复用户
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if ($num) {
printerror('ReUsername', '', 1);
}
//重复邮箱
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1");
if ($num) {
printerror('ReEmailFail', '', 1);
}
}
//注册时间
$lasttime = time();
$registertime = eReturnAddMemberRegtime();
$rnd = make_password(20);
//产生随机密码
$userkey = eReturnMemberUserKey();
//密码
$truepassword = $password;
$salt = eReturnMemberSalt();
$password = eDoMemberPw($password, $salt);
//审核
$checked = ReturnGroupChecked($groupid);
if ($checked && $public_r['regacttype'] == 1) {
$checked = 0;
}
//验证附加表必填项
$mr['add_filepass'] = ReturnTranFilepass();
$fid = GetMemberFormId($groupid);
$member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
$sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');");
//取得userid
$userid = $empire->lastid();
//附加表
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
if (!$addr[userid]) {
$spacestyleid = ReturnGroupSpaceStyleid($groupid);
$sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");");
}
//更新附件
UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member');
ecmsEmptyShowKey($keyvname);
//清空验证码
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($userid);
}
if ($sql) {
//邮箱激活
if ($checked == 0 && $public_r['regacttype'] == 1) {
include 'class/member_actfun.php';
SendActUserEmail($userid, $username, $email);
}
//审核
if ($checked == 0) {
$location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
printerror("RegisterSuccessCheck", $location, 1);
}
$logincookie = 0;
if ($ecms_config['member']['regcookietime']) {
$logincookie = time() + $ecms_config['member']['regcookietime'];
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $userid, $logincookie);
$set3 = esetcookie("mlgroupid", $groupid, $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
$location = $returnurl;
}
$set5 = esetcookie("returnurl", "");
//易通行系统
DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("RegisterSuccess", $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function ViewCheckLogin($infor)
{
global $empire, $public_r, $ecms_config, $toreturnurl, $gotourl;
$userid = (int) getcvar('mluserid');
$rnd = RepPostVar(getcvar('mlrnd'));
if (!$userid) {
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您还未登陆,<a href='{$gotourl}'><u>点击这里</u></a>进行登陆操作;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
$cr = $empire->fetch1("select " . eReturnSelectMemberF('checked,userid,username,groupid,userfen,userdate,zgroupid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' and " . egetmf('rnd') . "='{$rnd}' limit 1");
if (!$cr['userid']) {
EmptyEcmsCookie();
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "同一帐号只能一人在线,<a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
if ($cr['checked'] == 0) {
EmptyEcmsCookie();
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您的帐号还未审核通过,<a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
//默认会员组
if (empty($cr['groupid'])) {
$user_groupid = eReturnMemberDefGroupid();
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('groupid') . "='{$user_groupid}' where " . egetmf('userid') . "='" . $cr[userid] . "'");
$cr['groupid'] = $user_groupid;
}
//是否过期
if ($cr['userdate']) {
if ($cr['userdate'] - time() <= 0) {
OutTimeZGroup($cr['userid'], $cr['zgroupid']);
$cr['userdate'] = 0;
if ($cr['zgroupid']) {
$cr['groupid'] = $cr['zgroupid'];
$cr['zgroupid'] = 0;
}
}
}
$re[userid] = $cr['userid'];
$re[username] = $cr['username'];
$re[userfen] = $cr['userfen'];
$re[groupid] = $cr['groupid'];
$re[userdate] = $cr['userdate'];
$re[zgroupid] = $cr['zgroupid'];
return $re;
}
function qlogin($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
if ($ecms_config['member']['loginurl']) {
Header("Location:" . $ecms_config['member']['loginurl']);
exit;
}
$dopr = 1;
if ($_POST['prtype']) {
$dopr = 9;
}
$username = trim($add['username']);
$password = trim($add['password']);
if (!$username || !$password) {
printerror("EmptyLogin", "history.go(-1)", $dopr);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkloginkey';
if ($public_r['loginkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], $dopr);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$num = 0;
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$r['userid']) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if (!eDoCkMemberPw($password, $r['password'], $r['salt'])) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if ($r['checked'] == 0) {
if ($public_r['regacttype'] == 1) {
printerror('NotCheckedUser', '../member/register/regsend.php', 1);
} else {
printerror('NotCheckedUser', '', 1);
}
}
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($r['userid']);
}
$rnd = make_password(20);
//取得随机密码
//默认会员组
if (empty($r['groupid'])) {
$r['groupid'] = eReturnMemberDefGroupid();
}
$r['groupid'] = (int) $r['groupid'];
$lasttime = time();
//IP
$lastip = egetip();
$lastipport = egetipport();
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('rnd') . "='{$rnd}'," . egetmf('groupid') . "='{$r['groupid']}' where " . egetmf('userid') . "='{$r['userid']}'");
$empire->query("update {$dbtbpre}enewsmemberadd set lasttime='{$lasttime}',lastip='{$lastip}',loginnum=loginnum+1,lastipport='{$lastipport}' where userid='{$r['userid']}'");
//设置cookie
$lifetime = (int) $add['lifetime'];
$logincookie = 0;
if ($lifetime) {
$logincookie = time() + $lifetime;
}
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $r['userid'], $logincookie);
$set3 = esetcookie("mlgroupid", $r['groupid'], $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($r['userid'], $username, $rnd, $r['groupid'], $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl) {
$location = $returnurl;
}
if (strstr($_SERVER['HTTP_REFERER'], "e/member/iframe")) {
$location = "../member/iframe/";
}
if (strstr($location, "enews=exit") || strstr($location, "e/member/register") || strstr($_SERVER['HTTP_REFERER'], "e/member/register")) {
$location = "../member/cp/";
$_POST['ecmsfrom'] = '';
}
ecmsEmptyShowKey($keyvname);
//清空验证码
$set6 = esetcookie("returnurl", "");
if ($set1 && $set2) {
//易通行系统
DoEpassport('login', $r['userid'], $username, $password, $r['salt'], $r['email'], $r['groupid'], $r['registertime']);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("LoginSuccess", $location, $dopr);
} else {
printerror("NotCookie", "history.go(-1)", $dopr);
}
}
function eSendMsg($title, $msgtext, $to_username, $from_userid, $from_username, $isadmin, $issys, $ecms = 0)
{
global $empire, $dbtbpre;
$tbname = $ecms == 1 ? $dbtbpre . 'enewshmsg' : $dbtbpre . 'enewsqmsg';
$msgtime = date("Y-m-d H:i:s");
$empire->query("insert into " . $tbname . "(title,msgtext,haveread,msgtime,to_username,from_userid,from_username,isadmin,issys) values('{$title}','{$msgtext}',0,'{$msgtime}','{$to_username}','{$from_userid}','{$from_username}','{$isadmin}','{$issys}');");
//消息状态
$userr = $empire->fetch1("select " . eReturnSelectMemberF('userid,havemsg') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$to_username}' limit 1");
if (!$userr['havemsg']) {
$newhavemsg = eReturnSetHavemsg($userr['havemsg'], 0);
$empire->query("update " . eReturnMemberTable() . " set " . egetmf('havemsg') . "='{$newhavemsg}' where " . egetmf('userid') . "='" . $userr['userid'] . "' limit 1");
}
}
$userid = intval($_GET['userid']);
if ($userid) {
$add = "userid={$userid}";
$username = '';
$utfusername = '';
$uadd = egetmf('userid') . "='{$userid}'";
} else {
$username = RepPostVar($_GET['username']);
if (empty($username)) {
printerror("NotUsername", "", 1);
}
$add = "username='******'";
$utfusername = $username;
$uadd = egetmf('username') . "='{$username}'";
}
$ur = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . $uadd . " limit 1");
if (empty($ur['username'])) {
printerror("NotUsername", "", 1);
}
$userid = $userid ? $userid : $ur['userid'];
$utfusername = $utfusername ? $utfusername : $ur['username'];
$username = $username ? $username : $ur['username'];
$groupid = $ur['groupid'];
UpdateSpaceViewStats($userid);
//统计访问
$addur = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='" . $userid . "' limit 1");
//头像
$userpic = $addur['userpic'] ? $addur['userpic'] : $public_r[newsurl] . 'e/data/images/nouserpic.gif';
//空间地址
$spaceurl = eReturnDomainSiteUrl() . "e/space/?userid=" . $userid;
//空间名称
function admin_ClearMember($add, $logininid, $loginin)
{
global $empire, $dbtbpre, $level_r;
CheckLevel($logininid, $loginin, $classid, "member");
//验证权限
//变量处理
$username = RepPostVar($add['username']);
$email = RepPostStr($add['email']);
$startuserid = (int) $add['startuserid'];
$enduserid = (int) $add['enduserid'];
$groupid = (int) $add['groupid'];
$startregtime = RepPostVar($add['startregtime']);
$endregtime = RepPostVar($add['endregtime']);
$startuserfen = (int) $add['startuserfen'];
$enduserfen = (int) $add['enduserfen'];
$startmoney = (int) $add['startmoney'];
$endmoney = (int) $add['endmoney'];
$checked = (int) $add['checked'];
$where = '';
if ($username) {
$where .= " and " . egetmf('username') . " like '%{$username}%'";
}
if ($email) {
$where .= " and " . egetmf('email') . " like '%{$email}%'";
}
if ($enduserid) {
$where .= ' and ' . egetmf('userid') . ' BETWEEN ' . $startuserid . ' and ' . $enduserid;
}
if ($groupid) {
$where .= " and " . egetmf('groupid') . "='{$groupid}'";
}
if ($startregtime && $endregtime) {
$startregtime = to_time($startregtime);
$endregtime = to_time($endregtime);
$where .= " and " . egetmf('registertime') . ">='{$startregtime}' and " . egetmf('registertime') . "<='{$endregtime}'";
}
if ($enduserfen) {
$where .= ' and ' . egetmf('userfen') . ' BETWEEN ' . $startuserfen . ' and ' . $enduserfen;
}
if ($endmoney) {
$where .= ' and ' . egetmf('money') . ' BETWEEN ' . $startmoney . ' and ' . $endmoney;
}
if ($checked) {
$checkval = $checked == 1 ? 1 : 0;
$where .= " and " . egetmf('checked') . "='{$checkval}'";
}
if (!$where) {
printerror("EmptyClearMember", "history.go(-1)");
}
$where = substr($where, 5);
$sql = $empire->query("select " . eReturnSelectMemberF('userid,username,groupid') . " from " . eReturnMemberTable() . " where " . $where);
$dh = '';
$inid = '';
while ($r = $empire->fetch($sql)) {
$euid = $r['userid'];
//删除短消息
$dousername = $r['username'];
//删除附加表
$fid = GetMemberFormId($r['groupid']);
DoDelMemberF($fid, $euid, $dousername);
$empire->query("delete from {$dbtbpre}enewsqmsg where to_username='******'");
//集合
$inid .= $dh . $euid;
$dh = ',';
}
if ($inid) {
$addw = egetmf('userid') . " in (" . $inid . ")";
$addaw = "userid in (" . $inid . ")";
$sql = $empire->query("delete from " . eReturnMemberTable() . " where " . $addw);
//删除收藏
$del = $empire->query("delete from {$dbtbpre}enewsfava where " . $addaw);
$del = $empire->query("delete from {$dbtbpre}enewsfavaclass where " . $addaw);
//删除购买记录
$del = $empire->query("delete from {$dbtbpre}enewsbuybak where " . $addaw);
//删除下载记录
$del = $empire->query("delete from {$dbtbpre}enewsdownrecord where " . $addaw);
//删除好友记录
$del = $empire->query("delete from {$dbtbpre}enewshy where " . $addaw);
$del = $empire->query("delete from {$dbtbpre}enewshyclass where " . $addaw);
//删除留言
$del = $empire->query("delete from {$dbtbpre}enewsmembergbook where " . $addaw);
//删除反馈
$del = $empire->query("delete from {$dbtbpre}enewsmemberfeedback where " . $addaw);
//删除绑定
$del = $empire->query("delete from {$dbtbpre}enewsmember_connect where " . $addaw);
}
insert_dolog("");
//操作日志
printerror("DelMemberSuccess", "ClearMember.php" . hReturnEcmsHashStrHref2(1));
}
}
eCheckCloseMods('member');//关闭模块
$myuserid=(int)getcvar('mluserid');
$mhavelogin=0;
if($myuserid)
{
include("../../class/db_sql.php");
include("../../member/class/user.php");
include("../../data/dbcache/MemberLevel.php");
$link=db_connect();
$empire=new mysqlquery();
$mhavelogin=1;
//数据
$myusername=RepPostVar(getcvar('mlusername'));
$myrnd=RepPostVar(getcvar('mlrnd'));
$r=$empire->fetch1("select ".eReturnSelectMemberF('userid,username,groupid,userfen,money,userdate,havemsg,checked')." from ".eReturnMemberTable()." where ".egetmf('userid')."='$myuserid' and ".egetmf('rnd')."='$myrnd' limit 1");
if(empty($r[userid])||$r[checked]==0)
{
EmptyEcmsCookie();
$mhavelogin=0;
}
//会员等级
if(empty($r[groupid]))
{$groupid=eReturnMemberDefGroupid();}
else
{$groupid=$r[groupid];}
$groupname=$level_r[$groupid]['groupname'];
//点数
$userfen=$r[userfen];
//余额
$money=$r[money];
$memberinfor = array();
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mrnd = RepPostVar(getcvar('mlrnd'));
$id = 0;
$newstime = time();
$r[newstime] = date("Y-m-d H:i:s");
$todaytime = $r[newstime];
$showkey = "";
$r['newstext'] = "";
$rechangeclass = '';
//验证会员信息
$mloginauthr = qCheckLoginAuthstr();
//取得登陆会员资料
if ($muserid && $mloginauthr['islogin']) {
$memberinfor = $empire->fetch1("select " . eReturnSelectMemberF('*', 'u.') . ",ui.* from " . eReturnMemberTable() . " u LEFT JOIN {$dbtbpre}enewsmemberadd ui ON u." . egetmf('userid') . "=ui.userid where u." . egetmf('userid') . "='{$muserid}' limit 1");
}
//增加
if ($enews == "MAddInfo") {
$cr = DoQCheckAddLevel($classid, $muserid, $musername, $mrnd, 0, 1);
$mr = $empire->fetch1("select qenter,qmname from {$dbtbpre}enewsmod where mid='{$cr['modid']}'");
if (empty($mr['qenter'])) {
printerror("NotOpenCQInfo", "history.go(-1)", 1);
}
//IP发布数限制
$check_ip = egetip();
$check_checked = $cr['wfid'] ? 0 : $cr['checkqadd'];
eCheckIpAddInfoNum($check_ip, $cr['tbname'], $cr['modid'], $check_checked);
//初始变量
$word = "增加信息";
$ecmsfirstpost = 1;
printerror("NotLevelShowInfo", "", 1);
}
}
$userid = (int) $_GET['userid'];
if ($userid) {
$where = egetmf('userid') . "='{$userid}'";
$username = '';
} else {
$username = RepPostVar($_GET['username']);
if (empty($username)) {
printerror("NotUsername", "", 1);
}
$utfusername = $username;
$where = egetmf('username') . "='{$username}'";
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('userid,username,email,groupid,userfen,userdate,registertime') . " from " . eReturnMemberTable() . " where " . $where . " limit 1");
if (empty($r['userid'])) {
printerror("NotUsername", "", 1);
}
if (empty($username)) {
$username = $r['username'];
}
$registertime = eReturnMemberRegtime($r['registertime'], 'Y-m-d H:i:s');
$email = $r['email'];
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='" . $r['userid'] . "' limit 1");
//取得表单
$formid = GetMemberFormId($r['groupid']);
$formr = $empire->fetch1("select filef,imgf,tobrf,viewenter from {$dbtbpre}enewsmemberform where fid='{$formid}'");
//导入模板
require ECMS_PATH . DASHBOARD . '/template/member/ShowInfo.php';
db_close();
function AddDd($add)
{
global $empire, $public_r, $dbtbpre;
$shoppr = ShopSys_ReturnSet();
//验证权限
ShopCheckAddDdGroup($shoppr);
//购物车无内容
if (!getcvar('mybuycar')) {
printerror("EmptyBuycar", "history.go(-1)", 1);
}
$add[ddno] = RepPostVar($add[ddno]);
$add[truename] = RepPostStr($add[truename]);
$add[oicq] = RepPostStr($add[oicq]);
$add[msn] = RepPostStr($add[msn]);
$add[mycall] = RepPostStr($add[mycall]);
$add[phone] = RepPostStr($add[phone]);
$add[email] = RepPostStr($add[email]);
$add[address] = RepPostStr($add[address]);
$add[zip] = RepPostStr($add[zip]);
$add[signbuild] = RepPostStr($add[signbuild]);
$add[besttime] = RepPostStr($add[besttime]);
$add[bz] = RepPostStr($add[bz]);
$add[fptt] = RepPostStr($add[fptt]);
$add[fpname] = RepPostStr($add[fpname]);
$add[fp] = (int) $add[fp];
$add[psid] = (int) $add[psid];
$add[payfsid] = (int) $add[payfsid];
$add['precode'] = RepPostVar($add['precode']);
//基本必填
if (!$add['ddno']) {
printerror("EmptyBuycar", "history.go(-1)", 1);
}
//必填项
ShopSys_CheckDdMust($add, $shoppr);
$mess = "AddDdSuccess";
$haveprice = 0;
$payby = 0;
//返回购物车存放格式
$buyr = ReturnBuycardd($shoppr);
$alltotal = $buyr[2];
$alltotalfen = $buyr[1];
$buycar = $buyr[3];
$classids = $buyr['classids'];
//配送方式
$pr = array();
if ($shoppr['shoppsmust']) {
$pr = $empire->fetch1("select pid,pname,price from {$dbtbpre}enewsshopps where pid='{$add['psid']}' and isclose=0");
if (empty($pr['pid'])) {
printerror("NotPsid", "history.go(-1)", 1);
}
}
//支付方式
$payr = array();
if ($shoppr['shoppayfsmust']) {
$payr = $empire->fetch1("select payid,payname,payurl,userpay,userfen from {$dbtbpre}enewsshoppayfs where payid='{$add['payfsid']}' and isclose=0");
if (empty($payr['payid'])) {
printerror("NotPayfsid", "history.go(-1)", 1);
}
}
//取得用户信息
$user = array();
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
if ($userid) {
$rnd = RepPostVar(getcvar('mlrnd'));
$user = $empire->fetch1("select " . eReturnSelectMemberF('userid,money,userfen,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' and " . egetmf('rnd') . "='{$rnd}' limit 1");
if (!$user['userid']) {
printerror("MustSingleUser", "history.go(-1)", 1);
}
}
//优惠
$prer = array();
$pretotal = 0;
if ($add['precode']) {
$prer = ShopSys_GetPre($add['precode'], $alltotal, $user, $classids);
$pretotal = ShopSys_PreMoney($prer, $alltotal);
}
//运费
$truetotalmoney = $alltotal - $pretotal;
if ($pr['pid']) {
$pr['price'] = ShopSys_PrePsTotal($pr['pid'], $pr['price'], $truetotalmoney, $shoppr);
}
//发票
$fptotal = 0;
if ($add[fp]) {
$fptotal = ($alltotal - $pretotal) * ($shoppr['fpnum'] / 100);
}
//支付金额
$buyallfen = $alltotalfen + $pr['price'];
$buyallmoney = $alltotal + $pr['price'] + $fptotal - $pretotal;
if ($buyallmoney < 0) {
$buyallmoney = 0;
}
$location = "buycar/";
if ($payr[userfen]) {
if ($buyr[0]) {
printerror("NotProductForBuyfen", "history.go(-1)", 1);
} else {
if ($userid) {
$buyallfen = $alltotalfen + $pr[price];
if ($buyallfen > $user['userfen']) {
printerror("NotEnoughFenBuy", "history.go(-1)", 1);
}
//扣除点数
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "-" . $buyallfen . " where " . egetmf('userid') . "='{$userid}'");
if ($usql) {
$mess = "AddDdSuccessa";
$payby = 1;
$haveprice = 1;
}
} else {
printerror("NotLoginTobuy", "history.go(-1)", 1);
}
}
} elseif ($payr[userpay]) {
if ($userid) {
$buyallmoney = $alltotal + $pr[price] + $fptotal - $pretotal;
if ($buyallmoney < 0) {
$buyallmoney = 0;
}
if ($buyallmoney > $user['money']) {
printerror("NotEnoughMoneyBuy", "history.go(-1)", 1);
}
//扣除金额
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('money') . "=" . egetmf('money') . "-" . $buyallmoney . " where " . egetmf('userid') . "='{$userid}'");
if ($usql) {
$mess = "AddDdSuccessa";
$payby = 2;
$haveprice = 1;
}
} else {
printerror("NotLoginTobuy", "history.go(-1)", 1);
}
} elseif ($payr[payurl]) {
$mess = "AddDdAndToPaySuccess";
$location = $payr[payurl];
} else {
}
$ddtime = date("Y-m-d H:i:s");
$ddtruetime = time();
$ip = egetip();
$pr[price] = (double) $pr[price];
$alltotal = (double) $alltotal;
$alltotalfen = (double) $alltotalfen;
$fptotal = (double) $fptotal;
$pretotal = (double) $pretotal;
$sql = $empire->query("insert into {$dbtbpre}enewsshopdd(ddno,ddtime,userid,username,outproduct,haveprice,checked,truename,oicq,msn,email,`mycall`,phone,address,zip,psid,psname,pstotal,alltotal,payfsid,payfsname,payby,alltotalfen,fp,fptt,fptotal,fpname,userip,signbuild,besttime,pretotal,ddtruetime) values('{$add['ddno']}','{$ddtime}',{$userid},'{$username}',0,'{$haveprice}',0,'{$add['truename']}','{$add['oicq']}','{$add['msn']}','{$add['email']}','{$add['mycall']}','{$add['phone']}','{$add['address']}','{$add['zip']}','{$add['psid']}','{$pr['pname']}',{$pr['price']},{$alltotal},'{$add['payfsid']}','{$payr['payname']}','{$payby}',{$alltotalfen},{$add['fp']},'{$add['fptt']}',{$fptotal},'{$add['fpname']}','{$ip}','{$add['signbuild']}','{$add['besttime']}','{$pretotal}','{$ddtruetime}');");
$ddid = $empire->lastid();
$sqladd = $empire->query("insert into {$dbtbpre}enewsshopdd_add(ddid,buycar,bz,retext) values('{$ddid}','" . addslashes($buycar) . "','{$add['bz']}','');");
//减库存
if ($shoppr['cutnumtype'] == 0) {
Shopsys_CutMaxnum($ddid, $buycar, 0, $shoppr, 0);
} else {
if ($haveprice == 1) {
Shopsys_CutMaxnum($ddid, $buycar, 0, $shoppr, 0);
}
}
//优惠码
if ($prer['id']) {
$prer['id'] = (int) $prer['id'];
if ($prer['reuse'] == 0) {
$empire->query("delete from {$dbtbpre}enewsshop_precode where id='" . $prer['id'] . "'");
} elseif ($prer['reuse'] && $prer['usenum']) {
if ($prer['usenum'] <= $prer['haveusenum'] + 1) {
$empire->query("delete from {$dbtbpre}enewsshop_precode where id='" . $prer['id'] . "'");
} else {
$empire->query("update {$dbtbpre}enewsshop_precode set haveusenum=haveusenum+1 where id='" . $prer['id'] . "'");
}
}
}
if ($sql) {
$set = esetcookie("paymoneyddid", $ddid, 0);
SetBuycar("");
printerror($mess, $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$r['signbuild'] = ehtmlspecialchars($r['signbuild']);
$r['besttime'] = ehtmlspecialchars($r['besttime']);
$r['bz'] = ehtmlspecialchars($r['bz']);
$r['fptt'] = ehtmlspecialchars($r['fptt']);
$r['fpname'] = ehtmlspecialchars($r['fpname']);
$r['fp'] = (int) $r['fp'];
$r['psid'] = (int) $r['psid'];
$r['payfsid'] = (int) $r['payfsid'];
$r['precode'] = RepPostVar($r['precode']);
$total = array();
//必填项
ShopSys_CheckDdMust($r, $shoppr);
$ddno = ShopSys_ReturnDdNo();
//订单ID
$classids = '';
$price = 0;
//取得用户信息
$user = array();
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
if ($userid) {
$rnd = RepPostVar(getcvar('mlrnd'));
$user = $empire->fetch1("select " . eReturnSelectMemberF('userid,money,userfen,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' and " . egetmf('rnd') . "='{$rnd}' limit 1");
if (!$user['userid']) {
printerror("MustSingleUser", "history.go(-1)", 1);
}
}
//导入模板
require ECMS_PATH . DASHBOARD . '/template/ShopSys/SubmitOrder.php';
db_close();
$empire = null;
$id = (int) $_GET['id'];
$n = RepPostVar($_GET['n']);
if (!($id || $n)) {
Header("Location:{$gotourl}");
exit;
}
require "../../class/db_sql.php";
require "../../member/class/user.php";
$link = db_connect();
$empire = new mysqlquery();
if ($id) {
$where = egetmf('userid') . "='" . $id . "'";
} else {
$where = egetmf('username') . "='" . $n . "'";
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('userid,username') . " from " . eReturnMemberTable() . " where " . $where . " limit 1");
if (empty($r[userid])) {
Header("Location:{$gotourl}");
exit;
}
//cookie
if ($type == 1) {
$gfencookie = getcvar('ecmsgfen');
if ($gfencookie) {
Header("Location:{$gotourl}");
exit;
}
$set = esetcookie("ecmsgfen", "ecms", time() + $retime);
} else {
$ip = egetip();
$time = time();
<?php
if(!defined('InEmpireCMS'))
{
exit();
}
?>
<?php
//配置查询自定义字段列表,逗号开头,多个用逗号格开,格式“ui.字段名”
$useraddf=',ui.userpic';
//分页SQL
$query='select '.eReturnSelectMemberF('userid,username,email,registertime,groupid','u.').$useraddf.' from '.eReturnMemberTable().' u'.$add." order by u.".egetmf('userid')." desc limit $offset,$line";
$sql=$empire->query($query);
//导航
$public_diyr['pagetitle']='会员列表';
$url="<a href='../../../'>首页</a> > 会员列表";
require(ECMS_PATH.DASHBOARD.'/template/incfile/header.php');
?>
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" class="tableborder">
<form name="memberform" method="get" action="index.php">
<input type="hidden" name="sear" value="1">
<input type="hidden" name="groupid" value="<?=$groupid?>">
<tr class="header">
<td width="10%"><div align="center">ID</div></td>
<td width="38%" height="25"><div align="center">用户名</div></td>
<td width="30%" height="25"><div align="center">注册时间</div></td>
<td width="22%" height="25"><div align="center"></div></td>
</tr>
<?php
function AddPl($username, $password, $nomember, $key, $saytext, $id, $classid, $repid, $add)
{
global $empire, $dbtbpre, $public_r, $class_r, $level_r;
//验证本时间允许操作
eCheckTimeCloseDo('pl');
//验证IP
eCheckAccessDoIp('pl');
$id = (int) $id;
$repid = (int) $repid;
$classid = (int) $classid;
//验证码
$keyvname = 'checkplkey';
if ($public_r['plkey_ok']) {
ecmsCheckShowKey($keyvname, $key, 1);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mgroupid = (int) getcvar('mlgroupid');
if ($muserid) {
$cklgr = qCheckLoginAuthstr();
if ($cklgr['islogin']) {
$username = $musername;
} else {
$muserid = 0;
}
} else {
if (empty($nomember)) {
if (!$username || !$password) {
printerror("FailPassword", "history.go(-1)", 1);
}
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password,checked,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (empty($ur['userid'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if ($ur['checked'] == 0) {
printerror("NotCheckedUser", '', 1);
}
$muserid = $ur['userid'];
$mgroupid = $ur['groupid'];
} else {
$muserid = 0;
}
}
if ($public_r['plgroupid']) {
if (!$muserid) {
printerror("GuestNotToPl", "history.go(-1)", 1);
}
if ($level_r[$mgroupid][level] < $level_r[$public_r['plgroupid']][level]) {
printerror("NotLevelToPl", "history.go(-1)", 1);
}
}
//专题
$doaction = $add['doaction'];
if ($doaction == 'dozt') {
if (!trim($saytext) || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select ztid,closepl,checkpl,restb from {$dbtbpre}enewszt where ztid='{$classid}'");
if (!$r['ztid']) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($r['closepl']) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//审核
if ($r['checkpl']) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pubid = '-' . $classid;
$id = 0;
$pagefunr = eReturnRewritePlUrl($classid, $id, 'dozt', 0, 0, 1);
$returl = $pagefunr['pageurl'];
} else {
if (!trim($saytext) || !$id || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//表存在
if (empty($class_r[$classid][tbname])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select classid,stb,restb from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1");
if (!$r['classid'] || $r['classid'] != $classid) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($class_r[$r[classid]][openpl]) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//单信息关闭评论
$pubid = ReturnInfoPubid($classid, $id);
$finfor = $empire->fetch1("select closepl from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_data_" . $r['stb'] . " where id='{$id}' limit 1");
if ($finfor['closepl']) {
printerror("CloseInfoPl", "history.go(-1)", 1);
}
//审核
if ($class_r[$classid][checkpl]) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pagefunr = eReturnRewritePlUrl($classid, $id, 'doinfo', 0, 0, 1);
$returl = $pagefunr['pageurl'];
}
//设置参数
$plsetr = $empire->fetch1("select pltime,plsize,plincludesize,plclosewords,plmustf,plf,plmaxfloor,plquotetemp from {$dbtbpre}enewspl_set limit 1");
if (strlen($saytext) > $plsetr['plsize']) {
$GLOBALS['setplsize'] = $plsetr['plsize'];
printerror("PlSizeTobig", "history.go(-1)", 1);
}
$time = time();
$saytime = $time;
$pltime = getcvar('lastpltime');
if ($pltime) {
if ($time - $pltime < $plsetr['pltime']) {
$GLOBALS['setpltime'] = $plsetr['pltime'];
printerror("PlOutTime", "history.go(-1)", 1);
}
}
$sayip = egetip();
$eipport = egetipport();
$username = str_replace("\r\n", "", $username);
$username = RepPostStr($username);
$saytext = nl2br(RepFieldtextNbsp(RepPostStr($saytext)));
if ($repid) {
$saytext = RepPlTextQuote($repid, $saytext, $plsetr, $restb);
CkPlQuoteFloor($plsetr['plmaxfloor'], $saytext);
//验证楼层
}
//过滤字符
$saytext = ReplacePlWord($plsetr['plclosewords'], $saytext);
if ($level_r[$mgroupid]['plchecked']) {
$checked = 0;
}
$ret_r = ReturnPlAddF($add, $plsetr, 0);
//主表
$sql = $empire->query("insert into {$dbtbpre}enewspl_" . $restb . "(pubid,username,sayip,saytime,id,classid,checked,zcnum,fdnum,userid,isgood,saytext,eipport" . $ret_r['fields'] . ") values('{$pubid}','" . $username . "','{$sayip}','{$saytime}','{$id}','{$classid}','{$checked}',0,0,'{$muserid}',0,'" . addslashes($saytext) . "','{$eipport}'" . $ret_r['values'] . ");");
$plid = $empire->lastid();
if ($doaction != 'dozt') {
//信息表加1
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set plnum=plnum+1 where id='{$id}' limit 1");
}
//更新新评论数
DoUpdateAddDataNum('pl', $restb, 1);
//设置最后发表时间
$set1 = esetcookie("lastpltime", time(), time() + 3600 * 24);
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl($returl, $_POST['ecmsfrom']);
printerror("AddPlSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$finfor = $empire->fetch1("select " . ReturnSqlFtextF($mid) . " from {$dbtbpre}ecms_" . $tbname . "_data_" . $r[stb] . " where id='{$r['id']}' limit 1");
$r = array_merge($r, $finfor);
//区分下载地址
$path_r = explode("\r\n", $r[downpath]);
if (!$path_r[$pathid]) {
echo "<script>alert('此信息不存在');window.close();</script>";
exit;
}
$showdown_r = explode("::::::", $path_r[$pathid]);
//下载权限
$user = array();
$downgroup = $showdown_r[2];
if ($downgroup) {
$user = islogin();
//取得会员资料
$u = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$user['userid']}' and " . egetmf('rnd') . "='{$user['rnd']}' limit 1");
if (empty($u['userid'])) {
echo "<script>alert('同一帐号,只能一人在线');window.close();</script>";
exit;
}
//下载次数限制
if ($level_r[$u['groupid']]['daydown']) {
$setuserday = DoCheckMDownNum($user['userid'], $u['groupid'], 2);
if ($setuserday == 'error') {
echo "<script>alert('您的下载与观看次数已超过系统限制(" . $level_r[$u['groupid']]['daydown'] . " 次)!');window.close();</script>";
exit;
}
}
if ($level_r[$downgroup][level] > $level_r[$u['groupid']][level]) {
echo "<script>alert('您的会员级别不足(" . $level_r[$downgroup][groupname] . "),没有下载此软件的权限!');window.close();</script>";
exit;
function DoRegSend($add)
{
global $empire, $dbtbpre, $public_r;
if ($public_r['regacttype'] != 1) {
printerror('CloseRegAct', '', 1);
}
$username = trim($add[username]);
$password = trim($add[password]);
$email = trim($add[email]);
$newemail = trim($add[newemail]);
if (!$username || !$password || !$email) {
printerror("EmptyRegAct", "history.go(-1)", 1);
}
//验证码
$key = $add['key'];
$keyvname = 'checkregsendkey';
ecmsCheckShowKey($keyvname, $key, 1);
$username = RepPostVar($username);
$password = RepPostVar($password);
$username = RepPostStr($username);
$email = RepPostStr($email);
$newemail = RepPostStr($newemail);
if (!chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
if ($newemail) {
if (!chemail($newemail)) {
printerror("EmailFail", "history.go(-1)", 1);
}
$sendemail = $newemail;
} else {
$sendemail = $email;
}
//密码
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$ur['userid']) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
$useremail = $r['email'];
if (!$r['userid'] || $useremail != $email) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
if ($r['checked']) {
printerror("HaveRegActUser", '', 1);
}
$addr = $empire->fetch1("select userid,authstr from {$dbtbpre}enewsmemberpub where userid='" . $r['userid'] . "' limit 1");
$ar = explode('||', $addr['authstr']);
if (!$addr['userid'] || !$addr['authstr'] || $ar[1] != 2) {
printerror("HaveRegActUser", '', 1);
}
ecmsEmptyShowKey($keyvname);
//清空验证码
SendActUserEmail($r['userid'], $username, $sendemail);
}
$search .= "&sear=1&show={$show}&groupid=" . $groupid . "&keyboard=" . $keyboard;
}
//审核
$schecked = (int) $_GET['schecked'];
if ($schecked) {
$and = $add ? ' and ' : ' where ';
if ($schecked == 1) {
$add .= $and . egetmf('checked') . "=0";
} else {
$add .= $and . egetmf('checked') . "=1";
}
$search .= "&schecked={$schecked}";
}
$totalquery = "select count(*) as total from " . eReturnMemberTable() . $add;
$num = $empire->gettotal($totalquery);
$query = "select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . $add;
$query .= " order by " . egetmf('userid') . " desc limit {$offset},{$line}";
$sql = $empire->query($query);
$returnpage = page2($num, $line, $page_line, $start, $page, $search);
//----------会员组
$sql1 = $empire->query("select * from {$dbtbpre}enewsmembergroup order by level");
while ($l_r = $empire->fetch($sql1)) {
if ($groupid == $l_r[groupid]) {
$select = " selected";
} else {
$select = "";
}
$group .= "<option value=" . $l_r[groupid] . $select . ">" . $l_r[groupname] . "</option>";
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
function AddInfoFen($cardfen, $userid, $checkfen = 1)
{
global $empire, $dbtbpre;
$cardfen = (int) $cardfen;
if (!$cardfen) {
return '';
}
//checkfen
if ($checkfen == 1) {
if ($cardfen < 0) {
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,userdate,userfen') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
if (!$ur['userid']) {
return '';
}
if ($ur['userdate'] - time() > 0) {
return '';
}
if ($cardfen + $ur['userfen'] < 0) {
$cardfen = $ur['userfen'] * -1;
}
}
}
$sql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "+" . $cardfen . " where " . egetmf('userid') . "='{$userid}'");
}
