</body>
</html>
<?php
} else {
if ($_POST['newid'] == '' or $_POST['newpwd'] == '' or $_POST['newname'] == '' or $_POST['newemail'] == '' or $_POST['newaddress'] == '') {
c_error('One or more required fields were left blank.\\n' . 'Please fill them in and try again.');
}
// here begin sanitize and password strengh
$_POST['newid'] = sanitize($_POST['newid'], "id not valid");
$_POST['newname'] = sanitize($_POST['newid'], "name not valid");
$_POST['newaddress'] = sanitize($_POST['newaddress'], "address not valid");
if ($_POST['newnotes'] != '') {
$_POST['newnotes'] = sanitize($_POST['newnotes'], "note not valid");
}
$_POST['newemail'] = sanitize($_POST['newemail'], "email not valid");
if (!filter_var($_POST['newemail'], FILTER_SANITIZE_EMAIL)) {
c_error_reporting(-1);
c_error("email not valid");
}
password_strength($_POST['newpwd']);
// here everything have been check
$success = signUp($_POST['newid'], $_POST['newpwd'], $_POST['newname'], $_POST['newemail'], $_POST['newaddress'], $_POST['newnotes']);
if ($success == TRUE) {
echo "<h4>Signed up!</h4>";
header("Refresh: 3; url=index.php?signed_up=1");
die;
}
}
function is_user($type, $username = '', $password = '', $repassword = '', $oldpassword = '')
{
global $path;
$user['userid'] = isset($_COOKIE['userid']) ? AuthCode($_COOKIE['userid'], 'DECODE') : '';
//id
$user['username'] = isset($_COOKIE['username']) ? AuthCode($_COOKIE['username'], 'DECODE') : '';
//会员用户名
$user['lastlogintime'] = isset($_COOKIE['lastlogintime']) ? AuthCode($_COOKIE['lastlogintime'], 'DECODE') : '';
//登陆时间
$user['lastloginip'] = isset($_COOKIE['lastloginip']) ? AuthCode($_COOKIE['lastloginip'], 'DECODE') : '';
//登陆ip
//用户登录
if ($type == 'center') {
$user = MysqlOneSelect('lgsc_member', '*', "username='******'");
//echo $user;
if ($user == '-1') {
return '-1';
exit;
}
if (md5(md5($password)) !== $user['password']) {
return '-2';
exit;
}
//生成登陆认证
$rnd = makecode(6);
//生成COOkie
$cookie_time = time() + 3600;
setcookie('userid', AuthCode($user['id'], $rnd), $cookie_time, '/');
setcookie('username', AuthCode($user['username'], $rnd), $cookie_time, '/');
setcookie('lastlogintime', AuthCode($user['regtime'], $rnd), $cookie_time, '/');
setcookie('lastloginip', AuthCode(GetIP(), $rnd), $cookie_time, '/');
setcookie("qtrnd", $rnd, $cookie_time, '/');
//更新最后登陆时间 和 登陆认证 登录IP
mysql_query("update lgsc_member set logintime =" . time() . " , loginip=" . GetIP() . " where userid = " . $user['id']);
//登录成功
return true;
}
//判断是否登陆
if ($type == 'islogin') {
if (!isset($_COOKIE['userid']) && $user['userid'] == "") {
return false;
}
return true;
}
//限制只能一个账号登陆
if ($type == 'onlyone') {
$OneRow = MysqlOneSelect('phome_enewsmember', 'rnd', "userid={$user['0']}");
//print_r($OneRow);
if ($_COOKIE["qtrnd"] == '' || $_COOKIE["qtrnd"] != $OneRow['rnd']) {
//注销Cookie
setcookie('userid', "", time() - 3600 * 10, '/');
setcookie('username', "", time() - 3600 * 10, '/');
setcookie('lastlogintime', "", time() - 3600 * 10, '/');
setcookie('lastloginip', "", time() - 3600 * 10, '/');
setcookie('qtrnd', "", time() - 3600 * 10, '/');
//跳转登陆
return true;
}
return false;
}
//退出登陆
if ($type == "exit") {
//注销Cookie
setcookie('userid', "", time() - 3600 * 10, '/');
setcookie('username', "", time() - 3600 * 10, '/');
setcookie('lastlogintime', "", time() - 3600 * 10, '/');
setcookie('lastloginip', "", time() - 3600 * 10, '/');
setcookie('qtrand', "", time() - 3600 * 10, '/');
//跳转登陆
return true;
}
//修改密码
if ($type == "password") {
$one_user = MysqlOneSelect("lgsc_member", "*", "username = '******'");
//echo "select * from lgsc_member where username = '******' limit 1";
//判断是否存在该用户
if ($one_user == '-1') {
return -1;
exit;
}
//对比密码是否正确
if ($oldpassword !== "") {
if ($one_user['password'] !== md5(md5($oldpassword))) {
return -2;
exit;
}
}
//获取密码强度
$password_strength = password_strength($password);
//密码修改
if ($password != '') {
//两次密码不一致请从新输入
if ($password !== $repassword) {
return false;
} else {
$newpassword = md5(md5($password));
$sql_password = "******" . $one_user['id'];
$rest_password = mysql_query($sql_password);
if (!$rest_password) {
return false;
}
}
}
return true;
}
//获取参数
if ($type == 'par') {
return $user;
}
}
