function user_register($user)
{
if (empty($user) || !is_array($user)) {
return 0;
}
if (isset($user['uid'])) {
unset($user['uid']);
}
$user['salt'] = random(8);
$user['password'] = user_hash($user['password'], $user['salt']);
$user['joinip'] = CLIENT_IP;
$user['joindate'] = TIMESTAMP;
$user['lastip'] = CLIENT_IP;
$user['lastvisit'] = TIMESTAMP;
if (empty($user['status'])) {
$user['status'] = 2;
}
$now = time();
if (empty($user['endtime'])) {
$user['endtime'] = $now + 7 * 24 * 3600;
}
$result = pdo_insert('users', $user);
if (!empty($result)) {
$user['uid'] = pdo_insertid();
}
return intval($user['uid']);
}
public function encryptMsg($text)
{
$token = $this->account['token'];
$encodingaeskey = $this->account['encodingaeskey'];
$appid = $this->account['key'];
$key = base64_decode($encodingaeskey . '=');
$text = random(16) . pack("N", strlen($text)) . $text . $appid;
$size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
$iv = substr($key, 0, 16);
$block_size = 32;
$text_length = strlen($text);
$amount_to_pad = $block_size - $text_length % $block_size;
if ($amount_to_pad == 0) {
$amount_to_pad = $block_size;
}
$pad_chr = chr($amount_to_pad);
$tmp = '';
for ($index = 0; $index < $amount_to_pad; $index++) {
$tmp .= $pad_chr;
}
$text = $text . $tmp;
mcrypt_generic_init($module, $key, $iv);
$encrypted = mcrypt_generic($module, $text);
mcrypt_generic_deinit($module);
mcrypt_module_close($module);
$encrypt_msg = base64_encode($encrypted);
$signature = $this->buildSignature($encrypt_msg);
return array($signature, $encrypt_msg);
}
public function doMobileShowlove()
{
global $_W, $_GPC;
$res_path = $this->res_path;
$shareimg = $_W['siteroot'] . substr($res_path, 3) . "/images/icon.jpg";
$sharelink = $_W['siteurl'];
$sharedesc = "帮TA传情,你有" . random(2, true) . "个好友也在玩这个哦";
$sharetitle = "帮TA传情,你有" . random(2, true) . "个好友也在玩这个哦";
$id = intval($_GPC['id']);
$sql = 'SELECT * FROM ' . tablename($this->tb_lovehelper_msg) . ' WHERE id=:id AND uniacid=:uniacid LIMIT 1';
$params = array(':id' => $id, ':uniacid' => $_W['uniacid']);
$msg = pdo_fetch($sql, $params);
$content = $msg["content"] . "<br>from:" . $msg["fromuser"];
$bgimage = $msg["bgimage"];
$viewcount = $this->number($msg["viewcount"]);
$forward = $this->number($msg["forward"]);
$praise = $this->number($msg["praise"]);
$ip = array('clientip' => $_W['clientip'], 'id' => $id, 'uniacid' => $_W['uniacid'], 'createtime' => TIMESTAMP);
$existIp = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename($this->tb_lovehelper_ip) . ' WHERE clientip=:clientip AND id=:id AND uniacid=:uniacid ', array(':clientip' => $_W['clientip'], ':id' => $id, ':uniacid' => $_W['uniacid']));
if ($existIp == 0) {
pdo_insert($this->tb_lovehelper_ip, $ip);
pdo_query('update ' . tablename($this->tb_lovehelper_msg) . " set viewcount=viewcount+1 where id=:id and uniacid=:uniacid ", array(':id' => $id, ':uniacid' => $_W['uniacid']));
}
include $this->template('showlove');
}
function oncode()
{
ob_clean();
$code = random(4);
$_ENV['user']->save_code(strtolower($code));
makecode($code);
}
public function doMobilePay()
{
global $_W, $_GPC;
if (empty($_W['member']['uid'])) {
checkauth();
}
$username = $_W['member']['email'] ? $_W['member']['email'] : $_W['member']['mobile'];
if (empty($username)) {
message('您的用户信息不完整,请完善用户信息后再充值', '', 'error');
}
if (checksubmit('submit', true) || !empty($_GPC['ajax'])) {
$fee = floatval($_GPC['money']);
if ($fee <= 0) {
message('支付错误, 金额小于0');
}
$chargerecord = pdo_fetch("SELECT * FROM " . tablename('mc_credits_recharge') . " WHERE uniacid = :uniacid AND uid = :uid AND fee = :fee AND status = '0'", array(':uniacid' => $_W['uniacid'], ':uid' => $_W['member']['uid'], ':fee' => $fee));
if (empty($chargerecord)) {
$chargerecord = array('uid' => $_W['member']['uid'], 'uniacid' => $_W['uniacid'], 'tid' => date('YmdHi') . random(10, 1), 'fee' => $fee, 'status' => 0, 'createtime' => TIMESTAMP);
if (!pdo_insert('mc_credits_recharge', $chargerecord)) {
message('创建充值订单失败,请重试!', url('entry', array('m' => 'recharge', 'do' => 'pay')), 'error');
}
}
$params = array('tid' => $chargerecord['tid'], 'ordersn' => $chargerecord['tid'], 'title' => '系统充值余额', 'fee' => $chargerecord['fee'], 'user' => $_W['member']['uid']);
$this->pay($params);
} else {
include $this->template('recharge');
}
}
public function packAction()
{
$folder = $this->params('folder');
$destination = $this->params('destination');
$name = $this->params('name');
if (empty($name)) {
$text = file_get_contents($folder . '/deployment.json');
$data = json_decode($text, true);
$name = preg_replace('/^[^\\d\\w-\\.]$/', '', $data['name'] . '-' . $data['version']);
if (empty($name)) {
$name = random(1, 30) . '.zip';
}
$name .= '.zip';
}
$zipFileName = $destination . '/' . $name;
ignore_user_abort(true);
$root = realpath($folder);
$zip = new \ZipArchive();
if (!$zip->open($zipFileName, \ZipArchive::CREATE | \ZipArchive::OVERWRITE)) {
throw new \Zend\Mvc\Exception\RuntimeException('Unable to zip folder.Check folder permissions.');
}
// Notice: Empty directories are omitted
$files = new \RecursiveIteratorIterator(new \RecursiveDirectoryIterator($root), \RecursiveIteratorIterator::LEAVES_ONLY);
foreach ($files as $name => $entry) {
if (!$entry->isDir()) {
$filePath = $entry->getRealPath();
$relativePath = substr($filePath, strlen($root) + 1);
$zip->addFile($filePath, $relativePath);
}
}
$zip->close();
ignore_user_abort(false);
$this->getResponse()->setContent($zipFileName . "\n");
return $this->getResponse();
}
public static function make_secqaa()
{
global $_G;
loadcache('secqaa');
$secqaakey = max(1, random(1, 1));
if ($_G['cache']['secqaa'][$secqaakey]['type']) {
$etype = explode(':', $_G['cache']['secqaa'][$secqaakey]['question']);
if (count($etype) > 1) {
$qaafile = DISCUZ_ROOT . './source/plugin/' . $etype[0] . '/secqaa/secqaa_' . $etype[1] . '.php';
$class = $etype[1];
} else {
$qaafile = libfile('secqaa/' . $_G['cache']['secqaa'][$secqaakey]['question'], 'class');
$class = $_G['cache']['secqaa'][$secqaakey]['question'];
}
if (file_exists($qaafile)) {
@(include_once $qaafile);
$class = 'secqaa_' . $class;
if (class_exists($class)) {
$qaa = new $class();
if (method_exists($qaa, 'make')) {
$_G['cache']['secqaa'][$secqaakey]['answer'] = md5($qaa->make($_G['cache']['secqaa'][$secqaakey]['question']));
}
}
}
}
self::_create('qaa', substr($_G['cache']['secqaa'][$secqaakey]['answer'], 0, 6));
return $_G['cache']['secqaa'][$secqaakey]['question'];
}
public function output($length = 4)
{
$rand = random((int) $length);
$data = array('captcha' => md5(strtolower($rand)));
$this->session->set_userdata($data);
return build_verify($rand);
}
/**
* Send packet
* @param string see format()
* @return void
*/
public function send($format)
{
++$this->send_seq;
$payload = call_user_func_array('ssh\\format', func_get_args());
$block_length = max($this->send_block_length, 8);
if ($this->send_compress) {
$payload = $this->compress($payload);
}
$length = 1 + strlen($payload);
$padlen = $block_length - ($length + 4) % $block_length;
if ($padlen < 4) {
$padlen += $block_length;
}
$length += $padlen;
$padding = random($padlen);
$packet = pack('NCa*a*', $length, $padlen, $payload, $padding);
$mac = '';
if ($this->send_mac_length > 0) {
$mac = substr(hash_hmac($this->send_mac_algo, pack('Na*', $this->send_seq, $packet), $this->send_mac_key, TRUE), 0, $this->send_mac_length);
}
if ($this->send_encryption) {
$packet = mcrypt_generic($this->send_encryption, $packet);
}
$data = $packet . $mac;
for (; strlen($data) > 0 && ($written = fwrite($this->output, $data)) !== FALSE; $data = substr($data, $written)) {
}
if ($written === FALSE) {
throw new WriteError();
}
}
function build_cache_styles()
{
global $_G;
$stylevars = $styledata = array();
$defaultstyleid = $_G['setting']['styleid'];
foreach (C::t('common_stylevar')->range() as $var) {
$stylevars[$var['styleid']][$var['variable']] = $var['substitute'];
}
foreach (C::t('common_style')->fetch_all_data(true) as $data) {
$data['tpldir'] = $data['directory'];
$data = array_merge($data, (array) $stylevars[$data['styleid']]);
$datanew = array();
$data['imgdir'] = $data['imgdir'] ? $data['imgdir'] : STATICURL . 'image/common';
$data['styleimgdir'] = $data['styleimgdir'] ? $data['styleimgdir'] : $data['imgdir'];
foreach ($data as $k => $v) {
if (substr($k, -7, 7) == 'bgcolor') {
$newkey = substr($k, 0, -7) . 'bgcode';
$datanew[$newkey] = setcssbackground($data, $k);
}
}
$data = array_merge($data, $datanew);
if (strstr($data['boardimg'], ',')) {
$flash = explode(",", $data['boardimg']);
$flash[0] = trim($flash[0]);
$flash[0] = preg_match('/^http:\\/\\//i', $flash[0]) ? $flash[0] : $data['styleimgdir'] . '/' . $flash[0];
$data['boardlogo'] = "<embed src=\"" . $flash[0] . "\" width=\"" . trim($flash[1]) . "\" height=\"" . trim($flash[2]) . "\" type=\"application/x-shockwave-flash\" wmode=\"transparent\"></embed>";
} else {
$data['boardimg'] = preg_match('/^http:\\/\\//i', $data['boardimg']) ? $data['boardimg'] : $data['styleimgdir'] . '/' . $data['boardimg'];
$data['boardlogo'] = "<img src=\"{$data['boardimg']}\" alt=\"" . $_G['setting']['bbname'] . "\" border=\"0\" />";
}
$data['bold'] = $data['nobold'] ? 'normal' : 'bold';
$contentwidthint = intval($data['contentwidth']);
$contentwidthint = $contentwidthint ? $contentwidthint : 600;
if ($data['extstyle']) {
list($data['extstyle'], $data['defaultextstyle']) = explode('|', $data['extstyle']);
$extstyle = explode("\t", $data['extstyle']);
$data['extstyle'] = array();
foreach ($extstyle as $dir) {
if (file_exists($extstylefile = DISCUZ_ROOT . $data['tpldir'] . '/style/' . $dir . '/style.css')) {
if ($data['defaultextstyle'] == $dir) {
$data['defaultextstyle'] = $data['tpldir'] . '/style/' . $dir;
}
$content = file_get_contents($extstylefile);
if (preg_match('/\\[name\\](.+?)\\[\\/name\\]/i', $content, $r1) && preg_match('/\\[iconbgcolor](.+?)\\[\\/iconbgcolor]/i', $content, $r2)) {
$data['extstyle'][] = array($data['tpldir'] . '/style/' . $dir, $r1[1], $r2[1]);
}
}
}
}
$data['verhash'] = random(3);
$styledata[] = $data;
}
foreach ($styledata as $data) {
savecache('style_' . $data['styleid'], $data);
if ($defaultstyleid == $data['styleid']) {
savecache('style_default', $data);
}
writetocsscache($data);
}
}
function make_secqaa($idhash)
{
global $_G;
loadcache('secqaa');
$secqaakey = max(1, random(1, 1));
if ($_G['cache']['secqaa'][$secqaakey]['type']) {
$etype = explode(':', $_G['cache']['secqaa'][$secqaakey]['question']);
if (count($etype) > 1 && preg_match('/^[\\w\\_]+$/', $etype[0]) && preg_match('/^[\\w\\_]+$/', $etype[1])) {
$qaafile = DISCUZ_ROOT . './source/plugin/' . $etype[0] . '/secqaa/secqaa_' . $etype[1] . '.php';
$class = $etype[1];
} else {
$qaafile = libfile('secqaa/' . $_G['cache']['secqaa'][$secqaakey]['question'], 'class');
$class = $_G['cache']['secqaa'][$secqaakey]['question'];
}
if (file_exists($qaafile)) {
@(include_once $qaafile);
$class = 'secqaa_' . $class;
if (class_exists($class)) {
$qaa = new $class();
if (method_exists($qaa, 'make')) {
$_G['cache']['secqaa'][$secqaakey]['answer'] = md5($qaa->make($_G['cache']['secqaa'][$secqaakey]['question']));
}
}
}
}
dsetcookie('secqaa' . $idhash, authcode($_G['cache']['secqaa'][$secqaakey]['answer'] . "\t" . (TIMESTAMP - 180) . "\t" . $idhash . "\t" . FORMHASH, 'ENCODE', $_G['config']['security']['authkey']), 0, 1, true);
return $_G['cache']['secqaa'][$secqaakey]['question'];
}
function upload($file)
{
global $_G;
$url = 'http://taobaoshangcheng.uz.taobao.com/upload.php?new=1';
$_G[upload_index] = intval($_G[upload_index]) + 1;
$file_path = '@' . realpath($file) . '';
$data = array('token' => random(10), 'file' => $file_path);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_REFERER, $_G[siteurl]);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:110.75.74.69', 'CLIENT-IP:110.75.74.69'));
//IP
$rs = curl_exec($ch);
curl_close($ch);
if (strpos($rs, 'img_url') !== false) {
$rs = json_decode($rs, 1);
return $this->check($rs);
} else {
if (strpos($rs, "淘宝系统缓冲") !== false && $_G[upload_index] < 5) {
return $this->upload($file);
} else {
$rs = trim_html($rs, 1);
L('上传图片到淘宝服务器失败' . $rs);
return false;
}
}
return $file;
}
public function save($url, $config)
{
set_time_limit(0);
if (empty($url)) {
return '';
}
$ext = strrchr($url, ".");
if ($ext != ".jpeg" && $ext != ".gif" && $ext != ".jpg" && $ext != ".png") {
return "";
}
$filename = random(30) . $ext;
if (!$this->check_remote_file_exists($url)) {
return "";
}
$contents = @file_get_contents($url);
$storename = $filename;
$bu = $config['bucket'] . ":" . $storename;
$accessKey = $config['access_key'];
$secretKey = $config['secret_key'];
Qiniu_SetKeys($accessKey, $secretKey);
$putPolicy = new Qiniu_RS_PutPolicy($bu);
$upToken = $putPolicy->Token(null);
$putExtra = new Qiniu_PutExtra();
$putExtra->Crc32 = 1;
list($ret, $err) = Qiniu_Put($upToken, $storename, $contents, $putExtra);
if (!empty($err)) {
return "";
}
return 'http://' . trim($config['url']) . "/" . $ret['key'];
}
public function doMobilecoupon()
{
global $_GPC, $_W;
$op = !empty($_GPC['op']) ? $_GPC['op'] : 'display';
if ($op == 'display') {
$id = $_GPC['id'];
if (empty($id)) {
message('参数错误');
}
$code = pdo_fetch("SELECT * FROM " . tablename('choose_order') . " WHERE uniacid = '{$_W['uniacid']}' AND openid = '{$_W['openid']}' ");
$codemess = pdo_fetch("SELECT * FROM " . tablename('choose_pro') . " WHERE uniacid = '{$_W['uniacid']}' AND id = '{$id}' ");
include $this->template('code');
}
if ($op == 'post') {
$id = $_GPC['id'];
$code = pdo_fetch("SELECT * FROM " . tablename('choose_order') . " WHERE uniacid = '{$_W['uniacid']}' AND openid = '{$_W['openid']}' AND mobile = '{$_GPC['mobile']}' ");
if (!empty($code['code'])) {
$status = false;
$msg = '您已经领取过优惠券,请勿重复领取!';
} elseif (!empty($code)) {
$carttotal = random(4, 1) . random(4, 1) . random(4, 1);
$data = array('uniacid' => $_W['uniacid'], 'ordersn' => date('md') . random(4, 1), 'openid' => $_W['openid'], 'mobile' => $_GPC['mobile'], 'code' => $carttotal, 'pro_id' => $id, 'createtime' => TIMESTAMP);
pdo_update('choose_order', $data, array('id' => $code['id']));
pdo_query("update " . tablename('choose_pro') . " set youhui_num=youhui_num+1 where id = '{$_GPC['huodong_id']}' ");
} else {
$carttotal = random(4, 1) . random(4, 1) . random(4, 1);
$data = array('uniacid' => $_W['uniacid'], 'ordersn' => date('md') . random(4, 1), 'openid' => $_W['openid'], 'mobile' => $_GPC['mobile'], 'code' => $carttotal, 'pro_id' => $id, 'createtime' => TIMESTAMP);
pdo_insert('choose_order', $data);
pdo_query("update " . tablename('choose_pro') . " set youhui_num=youhui_num+1 where id = '{$_GPC['huodong_id']}' ");
}
$result = array('status' => $status, 'msg' => $msg, 'coupon_bn' => $carttotal);
die(json_encode($result));
}
}
function curr_file($file_id)
{
global $db, $tpf, $settings, $code;
$file = $db->fetch_one_array("select * from {$tpf}files where file_id='{$file_id}'");
if (!$file) {
$file['is_del'] = 1;
} else {
$file['dl'] = create_down_url($file);
$in_extract = $code == md5($file['file_key']) ? 1 : 0;
$file['username'] = $file['p_name'] = @$db->result_first("select username from {$tpf}users where userid='{$file['userid']}' limit 1");
$rs = $db->fetch_one_array("select folder_id,folder_name from {$tpf}folders where userid='{$file['userid']}' and folder_id='{$file['folder_id']}'");
$file['file_category'] = $rs['folder_name'] ? '<a href="' . urr("space", "username="******"&folder_id=" . $rs['folder_id']) . '" target="_blank">' . $rs['folder_name'] . '</a>' : '- ' . __('uncategory') . ' -';
$file_key = trim($file['file_key']);
$tmp_ext = $file['file_extension'] ? '.' . $file['file_extension'] : "";
$file_extension = $file['file_extension'];
$file_ext = get_real_ext($file_extension);
$file['file_description'] = str_replace('<br>', LF, $file[file_description]);
$file['a_space'] = urr("space", "username="******"Y-m-d", $file['file_time']);
$file['credit_down'] = $file['file_credit'] ? (int) $file['file_credit'] : (int) $settings['credit_down'];
$file['username'] = $file[user_hidden] ? __('hidden') : ($file['username'] ? '<a href="' . $file['a_space'] . '">' . $file['username'] . '</a>' : __('hidden'));
$file['file_downs'] = $file['stat_hidden'] ? __('hidden') : get_discount($file[userid], $file['file_downs']);
$file['file_views'] = $file['stat_hidden'] ? __('hidden') : get_discount($file[userid], $file['file_views']);
$file['file_url'] = $settings['phpdisk_url'] . urr("viewfile", "file_id={$file['file_id']}");
if (get_plans(get_profile($file[userid], 'plan_id'), 'open_second_page') == 3) {
$file['a_downfile'] = urr("download", "file_id={$file_id}&key=" . random(32));
$file['a_downfile2'] = urr("download", "file_id={$file_id}&key=" . random(32));
}
}
return $file;
}
private function _updatePass($res, $oldpassword, $newpassword)
{
global $_G;
$oldpassword = $oldpassword ? urldecode($oldpassword) : '';
$newpassword = $newpassword ? urldecode($newpassword) : '';
if (!empty($newpassword) && $newpassword != addslashes($newpassword)) {
// 抱歉,密码空或包含非法字符:新密码
return $this->makeErrorInfo($res, lang('message', 'profile_passwd_illegal'));
}
loaducenter();
$ucresult = uc_user_edit(addslashes($_G['username']), $oldpassword, $newpassword);
if ($ucresult == -1) {
// 原密码不正确,您不能修改密码或 Email 或安全提问
return $this->makeErrorInfo($res, lang('message', 'profile_passwd_wrong'));
}
$setarr['password'] = md5(random(10));
C::t('common_member')->update($_G['uid'], $setarr);
$secretStr = AppbymeUserAccess::getSecretStr($_G['uid'], $newpassword);
$newAccessSecret = $secretStr['accessSecret'];
$data = array('user_access_secret' => $newAccessSecret);
$result = AppbymeUserAccess::updateUserAccess($data, $_G['uid']);
// if (!$result) {
// return $this->makeErrorInfo($res, 'user_info_edit_error');
// }
$res['token'] = $secretStr['accessToken'];
$res['secret'] = $newAccessSecret;
return $res;
}
function make_seccode($hash = '')
{
global $_K;
$seccode = random(4, 1);
$_SESSION['seccode'] = strtolower(substr($seccode, 0, 4));
return $seccode;
}
/**
* 处理上传文件
* @param array $file 上传的文件
* @param string $dir 保存的目录
* @return bool
*/
function init($file, $dir = 'temp')
{
if (!is_array($file) || empty($file) || !$this->isUploadFile($file['tmp_name']) || trim($file['name']) == '' || $file['size'] == 0) {
$this->file = array();
$this->error_code = -1;
return false;
} else {
$file['size'] = intval($file['size']);
$file['name'] = trim($file['name']);
$file['thumb'] = '';
$file['ext'] = $this->fileExt($file['name']);
$file['name'] = htmlspecialchars($file['name'], ENT_QUOTES);
$file['is_image'] = $this->isImageExt($file['ext']);
$file['is_convert'] = false;
$info = $this->getImageInfo($file['tmp_name']);
if ($info['type'] != 'jpg' && $info['type'] != 'jpeg') {
$file['ext'] = $ext;
$file['is_convert'] = true;
}
$file['file_dir'] = $this->getTargetDir($dir);
$file['prefix'] = md5(microtime(true)) . random('6');
$file['target'] = $file['file_dir'] . '/' . $file['prefix'] . '.jpg';
$file['local_target'] = FANWE_ROOT . $file['target'];
$this->file =& $file;
$this->error_code = 0;
return true;
}
}
function onuploadimage()
{
//上传配置
$config = array("uploadPath" => "data/attach/", "fileType" => array(".gif", ".png", ".jpg", ".jpeg", ".bmp"), "fileSize" => 2048);
//原始文件名,表单名固定,不可配置
$oriName = htmlspecialchars($this->post['fileName'], ENT_QUOTES);
//上传图片框中的描述表单名称,
$title = htmlspecialchars($this->post['pictitle'], ENT_QUOTES);
//文件句柄
$file = $_FILES["upfile"];
//文件上传状态,当成功时返回SUCCESS,其余值将直接返回对应字符窜并显示在图片预览框,同时可以在前端页面通过回调函数获取对应字符窜
$state = "SUCCESS";
//格式验证
$current_type = strtolower(strrchr($file["name"], '.'));
if (!in_array($current_type, $config['fileType'])) {
$state = $current_type;
}
//大小验证
$file_size = 1024 * $config['fileSize'];
if ($file["size"] > $file_size) {
$state = "b";
}
//保存图片
if ($state == "SUCCESS") {
$targetfile = $config['uploadPath'] . gmdate('ym', $this->time) . '/' . random(8) . strrchr($file["name"], '.');
$result = $_ENV['attach']->movetmpfile($file, $targetfile);
if (!$result) {
$state = "c";
} else {
$_ENV['attach']->add($file["name"], $current_type, $file["size"], $targetfile);
}
}
echo "{'url':'" . $targetfile . "','title':'" . $title . "','original':'" . $oriName . "','state':'" . $state . "'}";
}
public function getVerify()
{
//创建画布
$img = imagecreatetruecolor($this->config['width'], $this->config['height']);
//设置背景颜色
$bgColor = imagecolorallocate($img, 255, 255, 255);
imagefill($img, 0, 0, $bgColor);
$_x = ceil(($this->config['width'] - 20) / $this->config['lenght']);
$code = '';
//写入验证码
for ($i = 0; $i < $this->config['lenght']; $i++) {
$str = random();
$code .= $str;
$x = 10 + $i * $_x;
$fontSize = mt_rand($this->config['fontsize'] - 10, $this->config['fontsize']);
$fontH = imagefontheight($this->config['fontsize']);
$y = mt_rand($fontH + 10, $this->config['height'] - 5);
$fontColor = imagecolorallocate($img, mt_rand(0, 200), mt_rand(0, 200), mt_rand(0, 200));
imagettftext($img, $fontSize, 0, $x, $y, $fontColor, $this->config['fontfile'], $str);
}
//增加干扰点
for ($i = 0; $i < $this->config['point']; $i++) {
$pointColor = imagecolorallocate($img, rand(150, 200), rand(150, 200), rand(100, 200));
imagesetpixel($img, mt_rand(1, $this->config['width']), mt_rand(1, $this->config['height']), $pointColor);
}
//增加线干扰
for ($i = 0; $i < $this->config['line']; $i++) {
$linColor = imagecolorallocate($img, rand(0, 200), rand(0, 200), rand(0, 200));
imageline($img, rand(0, $this->config['width']), rand(0, $this->config['height']), rand(0, $this->config['width']), rand(0, $this->config['height']), $linColor);
}
$_SESSION['Verify'] = md5(strtoupper($code));
header('Content-type: image/png');
imagepng($img);
imagedestroy($img);
}
public function receive()
{
global $_W, $_GPC;
load()->model('mc');
load()->func('communication');
$event = $this->message['event'];
$openid = $this->message['from'];
$f_log = pdo_fetch("SELECT * FROM " . tablename('mc_mapping_fans') . " WHERE `uniacid` = '{$_W['uniacid']}' AND `openid` = '{$openid}'");
if ($f_log['uid'] != 0) {
pdo_update('hx_subscribe_data', array('uid' => $f_log['uid']), array('openid' => $openid));
$uid = $f_log['uid'];
} else {
$default_groupid = pdo_fetchcolumn('SELECT groupid FROM ' . tablename('mc_groups') . ' WHERE uniacid = :uniacid AND isdefault = 1', array(':uniacid' => $_W['uniacid']));
$data = array('uniacid' => $_W['uniacid'], 'email' => md5($openid) . '@qdaygroup.com', 'salt' => random(8), 'groupid' => $default_groupid, 'createtime' => TIMESTAMP);
$data['password'] = md5($message['from'] . $data['salt'] . $_W['config']['setting']['authkey']);
pdo_insert('mc_members', $data);
$uid = pdo_insertid();
pdo_update('mc_mapping_fans', array('uid' => $uid), array('openid' => $openid));
pdo_update('hx_subscribe_data', array('uid' => $uid), array('openid' => $openid));
}
$credit_type = isset($this->module['config']['credit_type']) ? $this->module['config']['credit_type'] : 'credit1';
$credit_subscribe = isset($this->module['config']['credit_subscribe']) ? $this->module['config']['credit_subscribe'] : 5;
$credit_lever_1 = isset($this->module['config']['credit_lever_1']) ? $this->module['config']['credit_lever_1'] : 2;
$credit_lever_2 = isset($this->module['config']['credit_lever_2']) ? $this->module['config']['credit_lever_2'] : 1;
if ($event == 'subscribe') {
$s_log = pdo_fetch("SELECT * FROM " . tablename('hx_subscribe_data') . " WHERE `uniacid`='{$_W['uniacid']}' AND `openid`='{$openid}'");
if (empty($s_log)) {
//如果没记录
$insert = array('uniacid' => $_W['uniacid'], 'openid' => $openid, 'uid' => $uid, 'from_uid' => '0', 'sn' => time(), 'follow' => '1', 'article_id' => '0', 'shouyi' => $credit_subscribe, 'createtime' => TIMESTAMP);
pdo_insert('hx_subscribe_data', $insert);
mc_credit_update($uid, $credit_type, $credit_subscribe, array('1', '关注增加积分'));
} else {
//如果有记录
if ($s_log['follow'] != 1) {
//如果记录未关注
$insert = array('follow' => '1');
pdo_update('hx_subscribe_data', $insert, array('id' => $s_log['id']));
mc_credit_update($uid, $credit_type, $credit_subscribe, array('1', '关注增加积分'));
}
if (!empty($s_log['from_uid'])) {
//如果来源ID不为空
$from_user = pdo_fetch("SELECT * FROM " . tablename('hx_subscribe_data') . " WHERE `uniacid`='{$_W['uniacid']}' AND `uid`='{$s_log['from_uid']}'");
if (!empty($from_user)) {
$data = array('shouyi' => $from_user['shouyi'] + $credit_lever_1, 'zjrs' => $from_user['zjrs'] + 1);
pdo_update('hx_subscribe_data', $data, array('id' => $from_user['id']));
mc_credit_update($s_log['from_uid'], $credit_type, $credit_lever_1, array('1', '推荐一级关注增加积分'));
if (!empty($from_user['from_uid'])) {
$from_user_2 = pdo_fetch("SELECT * FROM " . tablename('hx_subscribe_data') . " WHERE `uniacid`='{$_W['uniacid']}' AND `uid`='{$from_user['from_uid']}'");
if (!empty($from_user_2)) {
$data2 = array('shouyi' => $from_user_2['shouyi'] + $credit_lever_2, 'jjrs' => $from_user_2['jjrs'] + 1);
pdo_update('hx_subscribe_data', $data2, array('id' => $from_user_2['id']));
mc_credit_update($from_user['from_uid'], $credit_type, $credit_lever_2, array('1', '推荐二级关注增加积分'));
}
}
}
}
}
//pdo_update('hx_subscribe_data',array('follow'=>1),array('openid'=>$openid));
}
}
/**
* 兼容 file_upload 函数
*/
function file_uploadBAE($file, $type)
{
global $_W;
$settings = $_W['uploadsetting'];
$result = array('error' => 1, 'message' => '');
if (empty($_W['config']['bae']['ak']) || empty($_W['config']['bae']['sk'])) {
return error(-1, '请设置BAE的存储AK与SK');
}
$extention = pathinfo($file['name'], PATHINFO_EXTENSION);
$result = array();
$result['path'] = "/{$settings[$type]['folder']}/" . date('Y/m/');
do {
$filename = random(30) . ".{$extention}";
} while (file_exists(IA_ROOT . $path . $filename));
$result['path'] .= $filename;
$result['url'] = 'http://bcs.duapp.com/' . $_W['config']['bae']['bucket'] . $result['path'];
$baiduBCS = new BaiduBCS($_W['config']['bae']['ak'], $_W['config']['bae']['sk']);
try {
$response = $baiduBCS->create_object($_W['config']['bae']['bucket'], $result['path'], $file['tmp_name'], array('acl' => BaiduBCS::BCS_SDK_ACL_TYPE_PUBLIC_READ));
} catch (Exception $e) {
return error(-1, $e->getMessage());
}
if ($response->isOK()) {
$baiduBCS->set_object_meta($_W['config']['bae']['bucket'], $result['path'], array("Content-Type" => BCS_MimeTypes::get_mimetype($extention)));
$result['success'] = true;
}
return $result;
}
function common()
{
global $_G;
$seccodecheck = $secqaacheck = false;
if ($_GET['type'] == 'register') {
$seccodecheck = $_G['setting']['seccodestatus'] & 1;
$secqaacheck = $_G['setting']['secqaa']['status'] & 1;
} elseif ($_GET['type'] == 'login') {
$seccodecheck = $_G['setting']['seccodestatus'] & 2;
} elseif ($_GET['type'] == 'post') {
$seccodecheck = $_G['setting']['seccodestatus'] & 4 && (!$_G['setting']['seccodedata']['minposts'] || getuserprofile('posts') < $_G['setting']['seccodedata']['minposts']);
$secqaacheck = $_G['setting']['secqaa']['status'] & 2 && (!$_G['setting']['secqaa']['minposts'] || getuserprofile('posts') < $_G['setting']['secqaa']['minposts']);
}
$sechash = random(8);
if ($seccodecheck || $secqaacheck) {
$variable = array('sechash' => $sechash);
if ($seccodecheck) {
$variable['seccode'] = $_G['siteurl'] . 'api/mobile/index.php?module=seccode&sechash=' . $sechash . '&version=' . (empty($_GET['secversion']) ? '1' : $_GET['secversion']);
}
if ($secqaacheck) {
require_once libfile('function/seccode');
$variable['secqaa'] = make_secqaa($sechash);
}
}
mobile_core::result(mobile_core::variable($variable));
}
/**
* Konštruktor.
*
* @param string $appClassName Názov "triedy" obsluhujúcej danú obrazovku v AISe.
* @param string $identifiers Konkrétne parametre pre vyvolanie danej obrazovky.
*/
public function __construct(Trace $trace, DialogParent $parent, DialogData $data)
{
$this->trace = $trace;
$this->parent = $parent;
$this->data = $data;
$this->uid = random();
}
public function sendSMS()
{
$post_code = isset($_POST['post_code']) ? $_POST['post_code'] : '';
$phone_num = isset($_POST['telephone']) ? $_POST['telephone'] : '';
// $post_code='U2FsdGVkX1+zY61T/9h6KxyTBWVwbNR9Z01QjZN5EmT5BzDIEROXMFb9it8VgTrW
// Yippi/B79Y0u+ZXJMwSLXGo8imoz9OTrB3k0uhvjIEyi4pF27xCm/Cg0pW0T3SoS
// 9oCORpIFF/600rCAvhDsMOADCKCBtvLhpL4YpLKHQ3/jqQFsjWF8YUVMc0x9LtPa
// 3eeGQIFsdRDr2nSWMlnGQExvNvyKnfLWUrH+YkJDIJlYzXihdv32yMw+vCf/DDa2
// Oq4CU2BkzLqff4IjGmA/9+FP2SS19kDMzdf5e1DO132QBhHDrLy1ffrSIabFRHVf
// SVDsy1qZSsC7Ea24RdmQBQ==';
if ($phone_num == '') {
return show(103, '手机号不能为空');
}
if (preg_match('/^1[34578][0-9]{9}$/', $phone_num)) {
} else {
return show(101, '手机号格式不正确');
}
$mobile_code = random(6, 1);
//random()是公共自定义函数
$target = "http://106.ihuyi.cn/webservice/sms.php?method=Submit";
$post_data = "account=cf_guoqingyu&password=luping521&mobile=" . $phone_num . "&content=" . rawurlencode("您的校验码是:" . $mobile_code . "。请不要把校验码泄露给其他人。如非本人操作,可不用理会!");
//密码可以使用明文密码或使用32位MD5加密
$gets = xml_to_array(Post($post_data, $target));
if ($gets['SubmitResult']['code'] == 2) {
S('phone_num', $phone_num, 60);
S($phone_num . 'mobile_code', $mobile_code, 60);
return show(104, '发送成功');
} else {
return show(102, '发送失败');
}
}
function ajouter_sondage()
{
$sondage = random(16);
$sondage_admin = $sondage . random(8);
if ($_SESSION["formatsondage"] == "A" || $_SESSION["formatsondage"] == "A+") {
//extraction de la date de fin choisie
if ($_SESSION["champdatefin"]) {
if ($_SESSION["champdatefin"] > time() + 250000) {
$date_fin = $_SESSION["champdatefin"];
}
} else {
$date_fin = time() + 15552000;
}
}
if ($_SESSION["formatsondage"] == "D" || $_SESSION["formatsondage"] == "D+") {
//Calcul de la date de fin du sondage
$taille_tableau = sizeof($_SESSION["totalchoixjour"]) - 1;
$date_fin = $_SESSION["totalchoixjour"][$taille_tableau] + 200000;
}
if (is_numeric($date_fin) === false) {
$date_fin = time() + 15552000;
}
global $connect;
$sql = 'INSERT INTO sondage
(id_sondage, commentaires, mail_admin, nom_admin, titre, id_sondage_admin, date_fin, format, mailsonde)
VALUES (
' . $connect->Param('id_sondage') . ',
' . $connect->Param('commentaires') . ',
' . $connect->Param('mail_admin') . ',
' . $connect->Param('nom_admin') . ',
' . $connect->Param('titre') . ',
' . $connect->Param('id_sondage_admin') . ',
FROM_UNIXTIME(' . $date_fin . '),
' . $connect->Param('format') . ',
' . $connect->Param('mailsonde') . '
)';
$sql = $connect->Prepare($sql);
$res = $connect->Execute($sql, array($sondage, $_SESSION['commentaires'], $_SESSION['adresse'], $_SESSION['nom'], $_SESSION['titre'], $sondage_admin, $_SESSION['formatsondage'], $_SESSION['mailsonde']));
$sql = 'INSERT INTO sujet_studs values (' . $connect->Param('sondage') . ', ' . $connect->Param('choix') . ')';
$sql = $connect->Prepare($sql);
$connect->Execute($sql, array($sondage, $_SESSION['toutchoix']));
$message = _("This is the message you have to send to the people you want to poll. \nNow, you have to send this message to everyone you want to poll.");
$message .= "\n\n";
$message .= stripslashes(html_entity_decode($_SESSION["nom"], ENT_QUOTES, "UTF-8")) . " " . _("hast just created a poll called") . " : \"" . stripslashes(htmlspecialchars_decode($_SESSION["titre"], ENT_QUOTES)) . "\".\n";
$message .= _("Thanks for filling the poll at the link above") . " :\n\n%s\n\n" . _("Thanks for your confidence") . ",\n" . NOMAPPLICATION;
$message_admin = _("This message should NOT be sended to the polled people. It is private for the poll's creator.\n\nYou can now modify it at the link above");
$message_admin .= " :\n\n" . "%s \n\n" . _("Thanks for your confidence") . ",\n" . NOMAPPLICATION;
$message = sprintf($message, getUrlSondage($sondage));
$message_admin = sprintf($message_admin, getUrlSondage($sondage_admin, true));
if (validateEmail($_SESSION['adresse'])) {
sendEmail("{$_SESSION['adresse']}", "[" . NOMAPPLICATION . "][" . _("Author's message") . "] " . _("Poll") . " : " . stripslashes(htmlspecialchars_decode($_SESSION["titre"], ENT_QUOTES)), $message_admin, $_SESSION['adresse']);
sendEmail("{$_SESSION['adresse']}", "[" . NOMAPPLICATION . "][" . _("For sending to the polled users") . "] " . _("Poll") . " : " . stripslashes(htmlspecialchars_decode($_SESSION["titre"], ENT_QUOTES)), $message, $_SESSION['adresse']);
}
$date = date('H:i:s d/m/Y:');
error_log($date . " CREATION: {$sondage}\t{$_SESSION['formatsondage']}\t{$_SESSION['nom']}\t{$_SESSION['adresse']}\t \t{$_SESSION['toutchoix']}\n", 3, 'admin/logs_studs.txt');
header("Location:" . getUrlSondage($sondage));
exit;
session_unset();
}
function tpl_codedisp($code)
{
$randomid = 'code_' . random(3);
$return = <<<EOF
<div class="blockcode"><div id="{$randomid}"><ol><li>{$code}</ol></div><em onclick="copycode(\$('{$randomid}'));">复制代码</em></div>
EOF;
return $return;
}
private static function createNonceStr($length = 16)
{
$str = "";
for ($i = 0; $i < $length; $i++) {
$str .= random();
}
return $str;
}
public static function set_captcha_session($code = '')
{
if (empty($code)) {
$code = random(1000, 9999);
}
$expire = strtotime('+30 seconds', strtotime(SB_Core::get_current_datetime()));
$captcha = array('code' => $code, 'expire' => $expire);
$_SESSION['sb_captcha'] = json_encode($captcha);
}
function image($idhash, $modid)
{
global $_G;
if (!$_G['setting']['my_siteid']) {
return;
}
$rand = random(10);
return $_G['siteurl'] . 'plugin.php?id=cloudcaptcha:get&rand=' . $rand . '&modid=' . $modid;
}
