} else { showmessage('profile_succeed', 'home.php?mod=spacecp&ac=profile&op=password'); } } if ($operation == 'password') { $resend = getcookie('resendemail'); $resend = empty($resend) ? true : TIMESTAMP - $resend > 300; $newemail = getcookie('newemail'); $space['newemail'] = !$space['emailstatus'] ? $space['email'] : ''; if (!empty($newemail)) { $mailinfo = explode("\t", $newemail); $space['newemail'] = $mailinfo[0] == $_G['uid'] && isemail($mailinfo[1]) && $mailinfo[1] != $space['email'] ? $mailinfo[1] : ''; } if ($_G['gp_resend'] && $resend) { $toemail = $space['newemail'] ? $space['newemail'] : $space['email']; emailcheck_send($space['uid'], $toemail); dsetcookie('resendemail', TIMESTAMP); showmessage('send_activate_mail_succeed', "home.php?mod=spacecp&ac=profile&op=password"); } elseif ($_G['gp_resend']) { showmessage('send_activate_mail_error', "home.php?mod=spacecp&ac=profile&op=password"); } if (!empty($space['newemail'])) { $acitvemessage = lang('spacecp', 'email_acitve_message', array('newemail' => $space['newemail'], 'imgdir' => $_G['style']['imgdir'])); } $actives = array('password' => ' class="a"'); $navtitle = lang('core', 'title_password_security'); } else { space_merge($space, 'field_home'); space_merge($space, 'field_forum'); require_once libfile('function/editor'); $space['sightml'] = html2bbcode($space['sightml']);
// } //邮箱修改 if (empty($newemail)) { //邮箱删除 $setarr['email'] = ''; $setarr['emailcheck'] = 0; } elseif ($newemail != $space['email']) { //之前已经验证 if ($space['emailcheck']) { //发送邮件验证,不修改邮箱 $setarr['newemail'] = $newemail; } else { //修改邮箱 $setarr['email'] = $newemail; } emailcheck_send($space['uid'], $newemail); } } updatetable('spacefield', $setarr, array('uid' => $_SGLOBAL['supe_uid'])); //隐私 $inserts = array(); foreach ($_POST['friend'] as $key => $value) { $value = intval($value); $inserts[] = "('contact','{$key}','{$space['uid']}','{$value}')"; } if ($inserts) { $_SGLOBAL['db']->query("DELETE FROM " . tname('spaceinfo') . " WHERE uid='{$space['uid']}' AND type='contact'"); $_SGLOBAL['db']->query("INSERT INTO " . tname('spaceinfo') . " (type,subtype,uid,friend)\r\n\t\t\t\tVALUES " . implode(',', $inserts)); } //变更记录 if ($_SCONFIG['my_status']) {
function common() { global $_G; $space = getuserbyuid($_G['uid']); if (empty($space)) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'cant find user info'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'cant find user info')))); die(0); } $membersql = $memberfieldsql = $authstradd1 = $authstradd2 = $newpasswdadd = ''; $setarr = array(); $emailnew = dhtmlspecialchars($_GET['emailnew']); $ignorepassword = 0; if (empty($_GET['newpassword'])) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'empty_params'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'empty_params')))); die(0); } if (!isset($_GET['questionidnew']) || $_GET['questionidnew'] === '') { $_GET['questionidnew'] = $_GET['answernew'] = ''; } else { $secquesnew = $_GET['questionidnew'] > 0 ? random(8) : ''; } //密码强度,取消 $strongpw = false; if ($strongpw && !empty($_GET['newpassword']) && $_G['setting']['strongpw']) { $strongpw_str = array(); if (in_array(1, $_G['setting']['strongpw']) && !preg_match("/\\d+/", $_GET['newpassword'])) { $strongpw_str[] = lang('member/template', 'strongpw_1'); } if (in_array(2, $_G['setting']['strongpw']) && !preg_match("/[a-z]+/", $_GET['newpassword'])) { $strongpw_str[] = lang('member/template', 'strongpw_2'); } if (in_array(3, $_G['setting']['strongpw']) && !preg_match("/[A-Z]+/", $_GET['newpassword'])) { $strongpw_str[] = lang('member/template', 'strongpw_3'); } if (in_array(4, $_G['setting']['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['newpassword'])) { $strongpw_str[] = lang('member/template', 'strongpw_4'); } if ($strongpw_str) { showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str)); } } if (!empty($_GET['newpassword']) && $_GET['newpassword'] != addslashes($_GET['newpassword'])) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'password illegal'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password illegal')))); } if (!empty($_GET['newpassword']) && $_GET['newpassword'] != $_GET['newpassword2']) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'password notmatch'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password notmatch')))); die(0); } loaducenter(); //检测email,可以省略 if (false && $emailnew != $_G['member']['email']) { include_once libfile('function/member'); checkemail($emailnew); } $ucresult = uc_user_edit(addslashes($_G['username']), $_GET['oldpassword'], $_GET['newpassword'], '', $ignorepassword, $_GET['questionidnew'], $_GET['answernew']); if ($ucresult == -1) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'password wrong'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'password wrong')))); die(0); } elseif ($ucresult == -4) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'email illegal'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email illegal')))); die(0); } elseif ($ucresult == -5) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'email domain illegal'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email domain illegal')))); die(0); } elseif ($ucresult == -6) { echo BIGAPPJSON::encode(array('error_code' => 2, 'error_msg' => lang('plugin/bigapp', 'email duplicate'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => 'for comaptible', 'messagestr' => lang('plugin/bigapp', 'email duplicate')))); die(0); } if (!empty($_GET['newpassword']) || $secquesnew) { $setarr['password'] = md5(random(10)); } $authstr = false; if (false && $emailnew != $_G['member']['email']) { $authstr = true; emailcheck_send($space['uid'], $emailnew); dsetcookie('newemail', "{$space['uid']}\t{$emailnew}\t{$_G['timestamp']}", 31536000); } if ($setarr) { if ($_G['member']['freeze'] == 1) { $setarr['freeze'] = 0; } C::t('common_member')->update($_G['uid'], $setarr); } if ($_G['member']['freeze'] == 2) { C::t('common_member_validate')->update($_G['uid'], array('message' => dhtmlspecialchars($_G['gp_freezereson']))); } echo BIGAPPJSON::encode(array('error_code' => 0, 'error_msg' => lang('plugin/bigapp', 'succ'), 'Variables' => array('auth' => null), 'Message' => array('messageval' => '', 'messagestr' => lang('plugin/bigapp', 'succ')))); die(0); }
function space_open($uid, $username, $gid = 0, $email = '') { global $_SGLOBAL, $_SCONFIG; if (empty($uid) || empty($username)) { return array(); } //验证 space 是否被管理员 delete $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spacelog') . " WHERE uid='{$uid}' AND flag='-1'"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { showmessage('the_space_has_been_closed'); } $space = array('uid' => $uid, 'username' => $username, 'dateline' => $_SGLOBAL['timestamp'], 'groupid' => $gid, 'regip' => getonlineip()); // Bonus Points $reward = getreward('register', 0, $uid); if ($reward['credit']) { $space['credit'] = $reward['credit']; } if ($reward['experience']) { $space['experience'] = $reward['experience']; } inserttable('space', $space, 0, true); inserttable('spacefield', array('uid' => $uid, 'email' => $email), 0, true); //发送PM if ($_SGLOBAL['supe_uid'] && $_SGLOBAL['supe_uid'] != $uid) { include_once S_ROOT . './uc_client/client.php'; uc_pm_send($_SGLOBAL['supe_uid'], $uid, cplang('space_open_subject'), cplang('space_open_message', array(getsiteurl())), 1, 0, 0); } //发送邮箱验证邮件 include_once S_ROOT . './source/function_cp.php'; emailcheck_send($uid, $email); //产生feed $_uid = $_SGLOBAL['supe_uid']; $_username = $_SGLOBAL['supe_username']; $_SGLOBAL['supe_uid'] = $uid; $_SGLOBAL['supe_username'] = addslashes($username); if (ckprivacy('spaceopen', 1)) { feed_add('profile', cplang('feed_space_open')); } // update 最新会员 if ($_SCONFIG['newspacenum'] > 0) { $newspacelist = array(); $wherearr = array('1'); if ($_SCONFIG['newspaceavatar']) { $wherearr[] = "avatar='1'"; } if ($_SCONFIG['newspacerealname']) { $wherearr[] = "namestatus='1'"; } if ($_SCONFIG['newspacevideophoto']) { $wherearr[] = "videostatus='1'"; } $query = $_SGLOBAL['db']->query("SELECT uid,username,name,namestatus,videostatus,dateline FROM " . tname('space') . " WHERE " . implode(' AND ', $wherearr) . " ORDER BY uid DESC LIMIT 0,{$_SCONFIG['newspacenum']}"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $newspacelist[] = $value; } data_set('newspacelist', $newspacelist); } //Statistics update include_once S_ROOT . './source/function_cp.php'; updatestat('register'); $_SGLOBAL['supe_uid'] = $_uid; $_SGLOBAL['supe_username'] = $_username; return $space; }
//验证密保问题 if ($_POST['question_email'] == NULL or $_POST['answer_email'] == NULL) { showmessage('密保问题或答案未填写!', 'cp.php?ac=protect&op=email'); } if ($protect_info["answer{$_POST['question_email']}"] != $_POST['answer_email']) { showmessage('密保答案错误', 'cp.php?ac=protect&op=email'); } if ($_POST['email'] != $_POST['email_1']) { showmessage('验证邮箱有误!', 'cp.php?ac=protect&op=email'); } if (!isemail($_POST['email'])) { showmessage('邮箱错误!', 'cp.php?ac=protect&op=email'); } //检查邮箱唯一性 if ($_SCONFIG['uniqueemail']) { if (getcount('spacefield', array('email' => $_POST['email'], 'emailcheck' => 1))) { showmessage('uniqueemail_check'); } } $setarr = array(); if ($space_field['emailcheck']) { $setarr['newemail'] = $_POST['email']; } else { $setarr['email'] = $_POST['email']; } updatetable('spacefield', $setarr, array('uid' => $_SGLOBAL['supe_uid'])); $url = emailcheck_send($_SGLOBAL['supe_uid'], $_POST['email']); showmessage('protect_email_send', 'cp.php?ac=protect&op=email', 10, array($_POST['email'])); } } include template("cp_protect");