function userlogin($username, $password, $questionid, $answer, $loginfield = 'username') { $return = array(); if ($loginfield == 'uid') { $isuid = 1; } elseif ($loginfield == 'email') { $isuid = 2; } elseif ($loginfield == 'auto') { $isuid = 3; } else { $isuid = 0; } if (!function_exists('uc_user_login')) { loaducenter(); } if ($isuid == 3) { if (preg_match('/^[1-9]\\d*$/', $username)) { $return['ucresult'] = uc_user_login($username, $password, 1, 1, $questionid, $answer); } elseif (isemail($username)) { $return['ucresult'] = uc_user_login($username, $password, 2, 1, $questionid, $answer); } if ($return['ucresult'][0] <= 0) { $return['ucresult'] = uc_user_login($username, $password, 0, 1, $questionid, $answer); } } else { $return['ucresult'] = uc_user_login($username, $password, $isuid, 1, $questionid, $answer); } $tmp = array(); $duplicate = ''; list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($return['ucresult'], 1); $return['ucresult'] = $tmp; if ($duplicate && $return['ucresult']['uid'] > 0) { if ($olduid = DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'ucresult']['username']) . "'")) { require_once libfile('function/membermerge'); if ($olduid != $return['ucresult']['uid']) { membermerge($olduid, $return['ucresult']['uid']); } uc_user_merge_remove($return['ucresult']['username']); } else { $return['status'] = 0; return $return; } } if ($return['ucresult']['uid'] <= 0) { $return['status'] = 0; return $return; } $member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $return['ucresult']['uid'] . "'"); if (!$member) { $return['status'] = -1; return $return; } $return['member'] = $member; $return['status'] = 1; if (addslashes($member['email']) != $return['ucresult']['email']) { DB::query("UPDATE " . DB::table('common_member') . " SET email='" . $return['ucresult']['email'] . "' WHERE uid='" . $return['ucresult']['uid'] . "'"); } return $return; }
function userlogin() { global $db, $tablepre, $_DCACHE, $ucresult, $username, $password, $questionid, $answer, $loginfield; require_once DISCUZ_ROOT . './uc_client/client.php'; if ($loginfield == 'uid') { $isuid = 1; } elseif ($loginfield == 'email') { $isuid = 2; } else { $isuid = 0; } $ucresult = uc_user_login($username, $password, $isuid, 1, $questionid, $answer); list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($ucresult, 1); $ucresult = $tmp; if ($duplicate && $ucresult['uid'] > 0) { if ($olduid = $db->result_first("SELECT uid FROM {$tablepre}members WHERE username='******'username']) . "'")) { require_once DISCUZ_ROOT . './include/membermerge.func.php'; membermerge($olduid, $ucresult['uid']); uc_user_merge_remove($ucresult['username']); } else { return 0; } } if ($ucresult['uid'] <= 0) { return 0; } $member = $db->fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,\r\n\t\tm.email, m.adminid, m.groupid, m.styleid, m.lastvisit, m.lastpost, u.allowinvisible\r\n\t\tFROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid)\r\n\t\tWHERE m.uid='{$ucresult['uid']}'"); if (!$member) { return -1; } $member['discuz_userss'] = $member['discuz_user']; $member['discuz_user'] = addslashes($member['discuz_user']); foreach ($member as $var => $value) { $GLOBALS[$var] = $value; } if (addslashes($member['email']) != $ucresult['email']) { $db->query("UPDATE {$tablepre}members SET email='{$ucresult['email']}' WHERE uid='{$ucresult['uid']}'"); } if ($questionid > 0 && empty($member['discuz_secques'])) { $GLOBALS['discuz_secques'] = random(8); $db->query("UPDATE {$tablepre}members SET secques='{$GLOBALS['discuz_secques']}' WHERE uid='{$ucresult['uid']}'"); } $GLOBALS['styleid'] = $member['styleid'] ? $member['styleid'] : $_DCACHE['settings']['styleid']; $cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : 0); dsetcookie('cookietime', $cookietime, 31536000); dsetcookie('auth', authcode("{$member['discuz_pw']}\t{$member['discuz_secques']}\t{$member['discuz_uid']}", 'ENCODE'), $cookietime, 1, true); dsetcookie('loginuser'); dsetcookie('activationauth'); dsetcookie('pmnum'); $GLOBALS['sessionexists'] = 0; if ($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') { $GLOBALS['extrahead'] .= '<script>if(top != self) {parent.leftmenu.location.reload();}</script>'; } return 1; }
if ($seccodecheck) { $seccode = random(6, 1) + $seccode[0] * 1000000; } $username = !empty($_DCOOKIE['loginuser']) ? htmlspecialchars($_DCOOKIE['loginuser']) : ''; include template('login'); } else { if (isset($loginauth)) { list($username, $password) = daddslashes(explode("\t", authcode($loginauth, 'DECODE')), 1); } $ucresult = uc_user_login($username, $password, $loginfield == 'uid', 1, $questionid, $answer); list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($ucresult, 1); $ucresult = $tmp; if ($duplicate && $ucresult['uid'] > 0) { if ($olduid = $db->result_first("SELECT uid FROM {$tablepre}members WHERE username='******'username']) . "'")) { require_once DISCUZ_ROOT . './include/membermerge.func.php'; membermerge($olduid, $ucresult['uid']); uc_user_merge_remove($ucresult['username']); } else { $ucresult['uid'] = -1; } } $discuz_uid = 0; $discuz_user = $discuz_pw = $discuz_secques = ''; $member = array(); if ($ucresult['uid'] > 0) { $member = $db->fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,\r\n\t\t\t\tm.email, m.adminid, m.groupid, m.styleid AS styleidmem, m.lastvisit, m.lastpost, u.allowinvisible\r\n\t\t\t\tFROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid)\r\n\t\t\t\tWHERE m.uid='{$ucresult['uid']}'"); if (!$member) { $ucresult['username'] = addslashes($ucresult['username']); $auth = authcode("{$ucresult['username']}\t" . FORMHASH, 'ENCODE'); if ($inajax) { $message = 2;