public function submit()
 {
     $ip_false = M('option')->where("meta_key='ip_false' AND type='user'")->getField('meta_value', true);
     if ($ip_false && in_array(mc_user_ip(), $ip_false)) {
         $this->error('您的IP被永久禁止登陆!');
     } else {
         $user_name = mc_magic_in(mc_remove_html($_POST['user_name'], 'all'));
         if ($user_name == '') {
             $this->error('账号必须填写!');
         } else {
             $user_login = M('meta')->where("meta_key='user_name' AND type ='user'")->getField('meta_value', true);
             if (in_array(strip_tags($_POST['user_name']), $user_login)) {
                 $this->error('账号已存在!');
             }
         }
         $user_email = mc_magic_in(mc_remove_html($_POST['user_email'], 'all'));
         if (empty($user_email)) {
             $this->error('邮箱必须填写!');
         } else {
             $user_email = M('meta')->where("meta_key='user_email' AND type ='user'")->getField('meta_value', true);
             if (in_array(strip_tags($_POST['user_email']), $user_email)) {
                 $this->error('邮箱已存在!');
             }
         }
         if (empty($_POST['user_pass'])) {
             $this->error('密码必须填写!');
         }
         if ($_POST['user_pass'] != $_POST['user_pass2']) {
             $this->error('两次密码必须一致!');
         }
         $user['title'] = I('param.user_name');
         $user['content'] = '';
         $user['type'] = 'user';
         $user['date'] = strtotime("now");
         $result = M("page")->data($user)->add();
         if ($result) {
             mc_add_meta($result, 'user_name', $user_name, 'user');
             $user_pass = md5(I('param.user_pass') . mc_option('site_key'));
             mc_add_meta($result, 'user_pass', $user_pass, 'user');
             mc_add_meta($result, 'user_email', $user_email, 'user');
             mc_add_meta($result, 'user_level', '1', 'user');
             cookie('user_name', I('param.user_name'), 36000000000);
             cookie('user_pass', $user_pass, 36000000000);
             $ip_array = M('action')->where("page_id='" . mc_user_id() . "' AND action_key='ip'")->getField('action_value', true);
             if ($ip_array && in_array(mc_user_ip(), $ip_array)) {
             } else {
                 if (!mc_is_admin()) {
                     mc_add_action(mc_user_id(), 'ip', mc_user_ip());
                 }
             }
             if ($_POST['comefrom']) {
                 $this->success('注册成功', $_POST['comefrom']);
             } else {
                 $this->success('注册成功', U('user/index/edit?id=' . mc_user_id()));
             }
         } else {
             $this->error('注册失败');
         }
     }
 }
 public function submit()
 {
     $ip_false = M('option')->where("meta_key='ip_false' AND type='user'")->getField('meta_value', true);
     if ($ip_false && in_array(mc_user_ip(), $ip_false)) {
         $this->error('您的IP被永久禁止登陆!');
     } else {
         $page_id = M('meta')->where("meta_key='user_name' AND meta_value='" . mc_magic_in(I('param.user_name')) . "' AND type='user'")->getField('page_id');
         $user_pass_true = mc_get_meta($page_id, 'user_pass', true, 'user');
         if ($_POST['user_name'] && $_POST['user_pass'] && md5($_POST['user_pass'] . mc_option('site_key')) == $user_pass_true) {
             $user_pass = md5(I('param.user_pass') . mc_option('site_key'));
             cookie('user_name', I('param.user_name'), 36000000000);
             cookie('user_pass', $user_pass, 36000000000);
             $ip_array = M('action')->where("page_id='" . mc_user_id() . "' AND action_key='ip'")->getField('action_value', true);
             if ($ip_array && in_array(mc_user_ip(), $ip_array)) {
             } else {
                 if (!mc_is_admin()) {
                     mc_add_action(mc_user_id(), 'ip', mc_user_ip());
                 }
             }
             if ($_POST['comefrom']) {
                 $this->success('登陆成功', $_POST['comefrom']);
             } else {
                 if (mc_is_mobile()) {
                     $this->success('登陆成功', U('user/index/pro?id=' . mc_user_id()));
                 } else {
                     $this->success('登陆成功', U('user/index/index?id=' . mc_user_id()));
                 }
             }
         } else {
             $this->error('用户名与密码不符!');
         }
     }
 }
 public function clink()
 {
     $id = M('meta')->where("page_id = '" . mc_magic_in($_GET['id']) . "' AND meta_key='user_pass_lost' AND meta_value='" . mc_magic_in($_GET['pass']) . "' AND type='user'")->getField('id');
     if ($id > 0) {
         mc_update_meta(mc_magic_in($_GET['id']), 'user_pass', mc_magic_in($_GET['pass']), 'user');
         $this->success('重置密码成功,请使用新密码登陆', U('user/login/index'));
     } else {
         $this->error('重置密码失败!');
     }
 }
 public function tag($tag, $page = 1)
 {
     if (is_numeric($page)) {
         $condition['type'] = 'article';
         $date = strtotime("now");
         $tag = addslashes($tag);
         $args_id = M('meta')->where("meta_key='tag' AND meta_value='" . mc_magic_in($tag) . "' AND type='basic'")->getField('page_id', true);
         $condition['id'] = array('in', $args_id);
         $this->page = M('page')->where($condition)->order('date desc')->page($page, mc_option('page_size'))->select();
         $count = M('page')->where($condition)->count();
         $this->assign('id', $id);
         $this->assign('count', $count);
         $this->assign('page_now', $page);
         $this->theme(mc_option('theme'))->display('Article/term');
     } else {
         $this->error('参数错误!');
     }
 }
 public function edit_term($id)
 {
     if (mc_is_admin() && is_numeric($id)) {
         if ($_POST['title']) {
             $page['title'] = mc_magic_in($_POST['title']);
             if ($_POST['paixu'] > 0) {
                 $page['date'] = strtotime("now");
             }
             M('page')->where("id='{$id}'")->save($page);
             $type = mc_get_page_field($id, 'type');
             if ($type == 'term_pro') {
                 if (is_numeric($_POST['parent'])) {
                     if ($_POST['parent'] == $id) {
                         $this->error('父分类不能为自己!');
                     } else {
                         if (mc_get_meta($id, 'parent', true, 'term')) {
                             mc_update_meta($id, 'parent', $_POST['parent'], 'term');
                         } else {
                             mc_add_meta($id, 'parent', $_POST['parent'], 'term');
                         }
                     }
                 } else {
                     mc_delete_meta($id, 'parent', 'term');
                 }
                 $type_name = 'pro';
             } elseif ($type == 'term_baobei') {
                 $type_name = 'baobei';
             }
             $this->success('编辑分类成功!');
         } else {
             $this->error('请填写分类名称');
         }
     } else {
         $this->error('哥们,你放弃治疗了吗?', U('home/index/index'));
     }
 }
 public function edit($id)
 {
     if (is_numeric($id)) {
         if (mc_user_id() == $id) {
             if ($_POST['title']) {
                 $title = M('page')->where("title='" . mc_magic_in($_POST['title']) . "' AND type ='user'")->getField('id');
                 if (is_numeric($title) && $title != $id) {
                     $this->error('昵称已存在!');
                 } else {
                     mc_update_page(mc_user_id(), mc_magic_in($_POST['title']), 'title');
                 }
                 if ($_POST['content']) {
                     mc_update_page(mc_user_id(), mc_magic_in($_POST['content']), 'content');
                 }
                 if ($_POST['user_avatar']) {
                     if (mc_get_meta(mc_user_id(), 'user_avatar', true, 'user')) {
                         mc_update_meta(mc_user_id(), 'user_avatar', mc_magic_in($_POST['user_avatar']), 'user');
                     } else {
                         mc_add_meta(mc_user_id(), 'user_avatar', mc_magic_in($_POST['user_avatar']), 'user');
                     }
                 }
                 if ($_POST['fmimg']) {
                     mc_delete_meta($id, 'fmimg', 'basic');
                     mc_add_meta($id, 'fmimg', mc_magic_in($_POST['fmimg']));
                 }
                 mc_delete_meta($id, 'buyer_name', 'user');
                 if ($_POST['buyer_name']) {
                     mc_add_meta($id, 'buyer_name', mc_magic_in($_POST['buyer_name']), 'user');
                 }
                 mc_delete_meta($id, 'buyer_province', 'user');
                 if ($_POST['buyer_province']) {
                     mc_add_meta($id, 'buyer_province', mc_magic_in($_POST['buyer_province']), 'user');
                 }
                 mc_delete_meta($id, 'buyer_city', 'user');
                 if ($_POST['buyer_city']) {
                     mc_add_meta($id, 'buyer_city', mc_magic_in($_POST['buyer_city']), 'user');
                 }
                 mc_delete_meta($id, 'buyer_address', 'user');
                 if ($_POST['buyer_address']) {
                     mc_add_meta($id, 'buyer_address', mc_magic_in($_POST['buyer_address']), 'user');
                 }
                 mc_delete_meta($id, 'buyer_phone', 'user');
                 if ($_POST['buyer_phone']) {
                     mc_add_meta($id, 'buyer_phone', mc_magic_in($_POST['buyer_phone']), 'user');
                 }
                 if ($_POST['user_email']) {
                     mc_update_meta(mc_user_id(), 'user_email', mc_magic_in($_POST['user_email']), 'user');
                 } else {
                     $this->error('邮箱必须填写!');
                 }
                 if (I('param.pass')) {
                     if (I('param.pass2') == I('param.pass')) {
                         mc_update_meta(mc_user_id(), 'user_pass', md5(I('param.pass') . mc_option('site_key')), 'user');
                         $this->success('修改密码成功,请使用新密码登陆', '?m=user&c=login');
                     } else {
                         $this->error('两次密码必须填写一致!');
                     }
                 } else {
                     $this->success('更新资料成功', U('User/index/edit?id=' . $id));
                 }
             } else {
                 $this->theme(mc_option('theme'))->display('User/edit');
             }
         } else {
             $this->error('禁止访问!');
         }
     } else {
         $this->error('参数错误!');
     }
 }
示例#7
0
function mc_user_id()
{
    $user_name = cookie('user_name');
    $page_id = M('meta')->where("meta_key='user_name' AND meta_value='" . mc_magic_in($user_name) . "' AND type='user'")->getField('page_id');
    $user_pass_true = mc_get_meta($page_id, 'user_pass', true, 'user');
    if (cookie('user_name') && cookie('user_pass') && cookie('user_pass') == $user_pass_true) {
        return $page_id;
    }
}
 public function callback_url()
 {
     $signature = $_GET["signature"];
     $timestamp = $_GET["timestamp"];
     $nonce = $_GET["nonce"];
     $echostr = $_GET["echostr"];
     $token = mc_option('weixin_token');
     $tmpArr = array($token, $timestamp, $nonce);
     // use SORT_STRING rule
     sort($tmpArr, SORT_STRING);
     $tmpStr = implode($tmpArr);
     $tmpStr = sha1($tmpStr);
     if ($tmpStr == $signature) {
         echo $echostr;
         $postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
         if (!empty($postStr)) {
             $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
             $fromUsername = $postObj->FromUserName;
             $toUsername = $postObj->ToUserName;
             $msgtype = $postObj->MsgType;
             $content = trim($postObj->Content);
             $date = strtotime("now");
             if ($content != '') {
                 $return_to = M('option')->where('type="wx_huifu" AND meta_key="' . mc_magic_in($content) . '"')->getField('meta_value');
                 if ($return_to != '') {
                     $return_to_user = $return_to;
                 } else {
                     $return_to_user = '我没有理解您的问题,请访问我们的网站:' . mc_site_url();
                 }
                 echo "<xml>\n<ToUserName>{$fromUsername}</ToUserName>\n<FromUserName>{$toUsername}</FromUserName>\n<CreateTime>{$date}</CreateTime>\n<MsgType>text</MsgType>\n<Content>{$return_to_user}</Content>\n</xml>";
             }
         }
     } else {
         $this->error('Callback页面不允许直接访问!', U('home/index/index'));
     }
 }
 public function shoucang($id = false)
 {
     if (!is_numeric($id)) {
         $id = mc_user_id();
     }
     if (is_numeric($id)) {
         $args_id = M('action')->where("user_id='{$id}' AND action_key='perform' AND action_value='shoucang'")->getField('page_id', true);
         if ($args_id) {
             $condition['id'] = array('in', $args_id);
             if ($_GET['type']) {
                 $condition['type'] = mc_magic_in($_GET['type']);
             }
             $this->page = M('page')->where($condition)->order('id desc')->select();
         }
         $this->theme(mc_option('theme'))->display('User/shoucang');
     } else {
         $this->error('参数错误!');
         $this->error('参数错误!');
     }
 }