if ($p == "") {
ReDirect(SYSTEM_URL . 'index.php?pub_plugin=dl_zhmm&error_msg=' . urlencode('错误:未能在本站找到持有该邮箱的用户!'));
}
$pw = sha1(md5(EncodePwd($p['pw'] . date('Ymd') . SYSTEM_NAME . SYSTEM_VER . SYSTEM_URL)));
if ($pw != $key) {
ReDirect(SYSTEM_URL . 'index.php?pub_plugin=dl_zhmm&error_msg=' . urlencode('错误:该链接失效或者不归您所拥有,修改密码失败!'));
die;
} else {
$m->query("UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "users` SET `pw` = '" . $newpw . "' WHERE email = '{$email}'");
ReDirect(SYSTEM_URL . 'index.php?mod=login&error_msg=' . urlencode('由于你的密码已修改,无法再使用旧密码登录,请重新登录'));
}
}
global $m;
if (isset($_REQUEST['page']) && $_REQUEST['page'] == 'yjqr') {
$emailcc = !empty($_REQUEST['email']) ? base64_decode($_REQUEST['email']) : msg('警告:邮件地址无效');
$email = checkMail($emailcc) ? sqladds($emailcc) : msg('警告:非法操作');
$key = $_REQUEST['key'];
$cx = $m->query("SELECT * FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE email = '{$email}' LIMIT 1");
$p = $m->fetch_array($cx);
if ($p == "") {
ReDirect(SYSTEM_URL . 'index.php?pub_plugin=dl_zhmm&error_msg=' . urlencode('错误:未能在本站找到持有该邮箱的用户!'));
}
$pw = sha1(md5(EncodePwd($p['pw'] . date('Ymd') . SYSTEM_NAME . SYSTEM_VER . SYSTEM_URL)));
if ($pw != $key) {
ReDirect(SYSTEM_URL . 'index.php?pub_plugin=dl_zhmm&error_msg=' . urlencode('错误:该链接失效或者不归您所拥有,修改密码失败!'));
} else {
echo '<div class="panel panel-success" style="margin:5% 15% 5% 15%;">
<div class="panel-heading">
<h3 class="panel-title">设置新密码</h3>
</div>
<div style="margin:0% 5% 5% 5%;">
/**
* 添加一个用户的设置
* 添加时会自动检查有关设置是否已存在
* @param $name 设置项名称
* @param $value 值
* @param $uid 用户UID,默认当前用户的UID
*/
public static function uadd($name, $value, $uid = '')
{
global $m, $i;
if (empty($uid)) {
$uid = $i['user']['uid'];
}
$name = sqladds($name);
$value = sqladds($value);
if ($m->once_fetch_array("SELECT uid `" . DB_PREFIX . "users_options` WHERE `uid` = '{$uid}' AND `name` = '{$name}'") === false) {
if ($m->query("INSERT INTO `" . DB_PREFIX . "users_options` (`uid`, `name`, `value`) VALUES ({$uid}, '{$name}', '{$value}');")) {
if ($uid == $i['user']['uid']) {
$i['user']['opt'][$name] = $value;
}
return true;
} else {
return false;
}
}
}
/**
* 使用反斜线引用字符串或数组以便于SQL查询
* 只引用'和\
* @param string|array $s 需要转义的
* @return string|array 转义结果
*/
function sqladds($s)
{
if (is_array($s)) {
$r = array();
foreach ($s as $key => $value) {
$k = str_replace('\'', '\\\'', str_replace('\\', '\\\\', $value));
if (!is_array($value)) {
$r[$k] = str_replace('\'', '\\\'', str_replace('\\', '\\\\', $value));
} else {
$r[$k] = sqladds($value);
}
}
return $r;
} else {
return str_replace('\'', '\\\'', str_replace('\\', '\\\\', $s));
}
}
}
}
doAction('admin_login_2');
} elseif (SYSTEM_PAGE == 'admin:reg') {
if (defined('ROLE')) {
ReDirect('index.php');
}
define('ROLE', 'visitor');
doAction('admin_reg_1');
if (option::get('enable_reg') != '1') {
msg('注册失败:该站点已关闭注册');
}
$name = isset($_POST['user']) ? sqladds($_POST['user']) : '';
$mail = isset($_POST['mail']) ? sqladds($_POST['mail']) : '';
$pw = isset($_POST['pw']) ? sqladds($_POST['pw']) : '';
$yr = isset($_POST['yr']) ? sqladds($_POST['yr']) : '';
if (empty($name) || empty($mail) || empty($pw)) {
msg('注册失败:请正确填写账户、密码或邮箱');
}
if ($_POST['pw'] != $_POST['rpw']) {
msg('注册失败:两次输入的密码不一致,请重新输入');
}
$x = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE `name` = '{$name}' OR `email` = '{$mail}' LIMIT 1");
$y = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users`");
if ($x['total'] > 0) {
msg('注册失败:用户名或邮箱已经被注册');
}
if (!checkMail($mail)) {
msg('注册失败:邮箱格式不正确');
}
$yr_reg = option::get('yr_reg');
/**
* 使用反斜线引用字符串或数组以便于SQL查询
* 只引用'和\
* @param string|array $s 需要转义的
* @return string|array 转义结果
*/
function sqladds($s)
{
if (is_array($s)) {
if (version_compare(phpversion(), '5.3') == -1) {
$r = array();
foreach ($s as $key => $value) {
$k = str_replace('\'', '\\\'', str_replace('\\', '\\\\', $value));
if (!is_array($value)) {
$r[$k] = str_replace('\'', '\\\'', str_replace('\\', '\\\\', $value));
} else {
$r[$k] = sqladds($value);
}
}
return $r;
} else {
return array_map(function ($a) {
return str_replace('\'', '\\\'', str_replace('\\', '\\\\', $a));
}, $s);
}
} else {
return str_replace('\'', '\\\'', str_replace('\\', '\\\\', $s));
}
}
$c->close();
$i['post']['face_url'] = stripslashes(textMiddle($data, '<img class=portrait-img src=\\x22', '\\x22>'));
}
/*
受信任的设置项,如果插件要使用系统的API去储存设置,必须通过set_save1或set_save2挂载点挂载设置名
具体挂载方法为:
global $PostArray;
$PostArray[] = '设置名';
为了兼容旧版本,可以global以后检查一下是不是空变量,为空则为旧版本
*/
$PostArray = array('face_img', 'face_baiduid', 'face_url');
doAction('set_save1');
//更改邮箱
if ($_POST['mail'] != $i['user']['email'] && !empty($_POST['mail'])) {
if (checkMail($_POST['mail'])) {
$mail = sqladds($_POST['mail']);
$z = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE email='{$mail}'");
if ($z['total'] > 0) {
msg('修改失败:邮箱已经存在');
}
$m->query("UPDATE `" . DB_PREFIX . "users` SET `email` = '{$mail}' WHERE `id` = '" . UID . "';");
} else {
msg('邮箱格式有误,请检查');
}
}
$set = array();
foreach ($PostArray as $value) {
if (!isset($i['post'][$value])) {
$i['post'][$value] = '';
}
@option::uset($value, $i['post'][$value]);
}
$check = option::get('xy_import_check') == 1 ? true : false;
$import_str = preg_replace('/[\\r\\n]+/', PHP_EOL, $import_str);
$arr = explode(PHP_EOL, $import_str);
$total = count($arr);
$refresh = option::get('xy_import_refresh');
$hs = $cf = $ok = $err = $up = $sx = $re_a = $re_b = 0;
for ($i = 0; $i < $total; $i++) {
preg_match('/' . getgs($gs, true) . '/', $arr[$i], $re);
if (!empty($re[$re_b])) {
$hs++;
$x = $m->once_fetch_array("SELECT COUNT(*) AS bduss FROM `" . DB_NAME . "`.`" . DB_PREFIX . "baiduid` where `bduss` = '" . $re[$re_b] . "';");
if ($x['bduss'] > 0) {
$cf++;
} else {
$baidu_name = $check ? sqladds(getBaiduId($re[$re_b])) : sqladds($re[$re_a]);
if (empty($baidu_name)) {
$sx++;
} else {
$z = $m->once_fetch_array("SELECT COUNT(*) AS bdname FROM `" . DB_NAME . "`.`" . DB_PREFIX . "baiduid` where `name` = '" . $baidu_name . "';");
if ($z['bdname'] > 0) {
$sql = "UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "baiduid` SET `uid`='" . UID . "', `bduss`='" . $re[$re_b] . "' where `name`='" . $baidu_name . "';";
$m->query($sql) ? $up++ : $err++;
} else {
$sql = "INSERT INTO `" . DB_NAME . "`.`" . DB_PREFIX . "baiduid` (`uid`, `bduss`, `name`) VALUES ('" . UID . "', '" . $re[$re_b] . "', '" . $baidu_name . "');";
$m->query($sql) ? $ok++ : $err++;
}
}
}
}
}
function fyy_errorlog_take2($code, $message, $file, $line, $trace)
{
global $m;
$file = sqladds($file);
$m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'fyy_errorlog` (`error`,`time`,`type`,`file`,`line`) VALUES ("' . $message . '","' . date("Y-m-d H:m:s") . '","致命","' . $file . '","' . $line . '")');
}
function xy_invite_verify()
{
global $m;
if (option::get('enable_reg') != '1') {
msg('注册失败:该站点已关闭注册');
}
$name = isset($_POST['user']) ? sqladds($_POST['user']) : '';
$mail = isset($_POST['mail']) ? sqladds($_POST['mail']) : '';
$pw = isset($_POST['pw']) ? sqladds($_POST['pw']) : '';
$yr = isset($_POST['yr']) ? sqladds($_POST['yr']) : '';
if (empty($name) || empty($mail) || empty($pw)) {
msg('注册失败:请正确填写账户、密码或邮箱');
}
if ($_POST['pw'] != $_POST['rpw']) {
msg('注册失败:两次输入的密码不一致,请重新输入');
}
if (!checkMail($mail)) {
msg('注册失败:邮箱格式不正确');
}
$x = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE `name` = '{$name}' OR `email` = '{$mail}' LIMIT 1");
if ($x['total'] > 0) {
msg('注册失败:用户名或邮箱已经被注册');
}
$yr_reg = option::get('yr_reg');
if (!empty($yr_reg)) {
if (empty($yr)) {
msg('注册失败:请输入邀请码');
} else {
$z = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite`");
if ($z['total'] <= 0) {
msg('系统错误:邀请码不足,请联系管理员添加!');
} else {
$s = $m->query("SELECT * FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` WHERE `code`='{$yr}'");
if ($s->num_rows <= 0) {
msg('注册失败:邀请码错误!');
} else {
$r = $s->fetch_array();
$r_num = (int) $r['num'];
if ($r_num == 1) {
$m->query("DELETE FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` WHERE `id` = " . $r['id']);
} else {
if ($r_num > 1) {
$m->query("UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` SET `num`=num-1 WHERE `id`='" . $r['id'] . "';");
}
}
}
}
}
}
$y = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users`");
if ($y['total'] <= 0) {
$role = 'admin';
} else {
$role = 'user';
}
doAction('admin_reg_2');
$m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'users` (`id`, `name`, `pw`, `email`, `role`, `t`) VALUES (NULL, \'' . $name . '\', \'' . EncodePwd($pw) . '\', \'' . $mail . '\', \'' . $role . '\', \'' . getfreetable() . '\');');
doAction('admin_reg_3');
ReDirect('index.php?mod=login&msg=' . urlencode('成功注册,请输入账号信息登录本站 [ 账号为用户名或邮箱地址 ]'));
die;
}
global $m, $today, $i;
ignore_user_abort(true);
set_time_limit(0);
$cron_pw = option::get('cron_pw');
$cmd_pw = function_exists('getopt') ? getopt('', array('pw::')) : false;
if (!empty($cron_pw)) {
if ((empty($_REQUEST['pw']) || $_REQUEST['pw'] != $cron_pw) && (empty($cmd_pw) || $cmd_pw['pw'] != $cron_pw)) {
msg('计划任务执行失败:密码错误<br/><br/>你需要通过访问 <b>do.php?pw=密码</b> 才能执行计划任务', false);
}
}
if (isset($_GET['in_thread'])) {
define('SYSTEM_CRON_THREAD', true);
}
doAction('cron_1');
if (SYSTEM_PAGE == 'runcron') {
$cron = isset($_GET['cron']) ? sqladds(strip_tags($_GET['cron'])) : msg('运行失败:计划任务未指定');
$cpw = option::get('cron_pw');
$x = $m->once_fetch_array("SELECT * FROM `" . DB_PREFIX . "cron` WHERE `name` = '{$cron}';");
if (empty($x['id'])) {
msg('运行失败:此计划任务不存在');
}
$log = cron::run($x['file'], $x['name']);
if ($x['freq'] == '-1') {
cron::del($x['name']);
} else {
cron::aset($x['name'], array('lastdo' => time(), 'log' => $log));
}
} else {
$sign_multith = option::get('sign_multith');
if (!isset($_GET['donnot_sign_multith']) && !empty($sign_multith) && function_exists('fsockopen')) {
for ($ii = 0; $ii < $sign_multith; $ii++) {
<?php
if (!defined('SYSTEM_ROOT')) {
die('Insufficient Permissions');
}
loadhead();
global $m;
global $i;
if (isset($_GET['username'])) {
$user = sqladds($_REQUEST['username']);
if (empty($_REQUEST['username'])) {
die('参数错误!');
}
$token = $_REQUEST['token'];
$userinfo = $m->fetch_array($m->query('select * from `' . DB_NAME . '`.`' . DB_PREFIX . 'users` where `name` = "' . $user . '"'));
if (empty($userinfo['email'])) {
die('嗯哼,你是哪位? 系统不认识你,一边玩蛋去吧 ~');
}
$system_token = md5(md5(md5(md5($userinfo['name'] . $userinfo['pw'] . date('Y-m-d')))));
if ($token != $system_token) {
die('渣渣,就你这水平也想骗我?你也太嫩了点吧!');
}
$max = $m->fetch_array($m->query("select max(id) as id from `" . DB_NAME . "`.`" . DB_PREFIX . $userinfo['t'] . "` where `uid`=" . $userinfo['id']));
$min = $m->fetch_array($m->query("select min(id) as id from `" . DB_NAME . "`.`" . DB_PREFIX . $userinfo['t'] . "` where `uid`=" . $userinfo['id']));
$max = $max['id'];
$min = $min['id'];
if (empty($max) || empty($min)) {
die('抱歉,您没有关注任何贴吧,所以我们无法提供签到报告!');
}
if ($i['opt']['core_version'] >= 4.0) {
$zt = 'latest';
$emsg = '使用次数不能小于 -1, -1表示无限。';
} elseif ($ynum > 99999) {
$emsg = '使用次数不能大于99999!';
} elseif (empty($gs)) {
$emsg = '没有设置邀请码格式,请先设置邀请码生成格式!';
$page = 1;
} elseif (strlen(getdata_yqm($gs)) > 100) {
$emsg = '邀请码长度超出限制,请重新设置!请控制在100字符内!';
$page = 1;
}
if (!empty($emsg)) {
$page = !empty($page) ? $page : 3;
ReDirect(SYSTEM_URL . 'index.php?mod=admin:setplug&plug=xy_invite&page=' . $page . '&error_msg=' . $emsg);
}
for ($i = 0; $i < $snum; $i++) {
$yqm = sqladds(getdata_yqm($gs));
$sql = "INSERT INTO `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` (`code`, `num`) VALUES ('{$yqm}', '{$ynum}');";
$m->query($sql);
}
ReDirect(SYSTEM_URL . 'index.php?mod=admin:setplug&plug=xy_invite&page=2&msg=邀请码生成完毕。');
}
//清空所有邀请码
if (isset($_GET['delete'])) {
$m->query("truncate table `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite`");
ReDirect(SYSTEM_URL . 'index.php?mod=admin:setplug&plug=xy_invite&page=2&msg=邀请码已清空!');
}
//删除单个邀请码
if (isset($_GET['del']) && !empty($_GET['id'])) {
$id = (int) $_GET['id'];
$m->query("DELETE FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` WHERE `id` = {$id}");
ReDirect(SYSTEM_URL . 'index.php?mod=admin:setplug&plug=xy_invite&page=2&msg=已删除邀请码 NO.' . $id . '!');
}
$import_str = preg_replace('/[\\r\\n]+/', PHP_EOL, $import_str);
$arr = explode(PHP_EOL, $import_str);
$total = count($arr);
$gs = option::get('xy_import_gs');
$refresh = option::get('xy_import_refresh');
$hs = $cf = $ok = $err = $up = $sx = 0;
for ($i = 0; $i < $total; $i++) {
preg_match('/' . getgs($gs) . '/', $arr[$i], $re);
if (!empty($re[2])) {
$hs++;
$x = $m->once_fetch_array("SELECT COUNT(*) AS bduss FROM `" . DB_NAME . "`.`" . DB_PREFIX . "baiduid` where `bduss` = '" . $re[2] . "';");
if ($x['bduss'] > 0) {
$cf++;
} else {
$baidu_name = option::get('xy_import_check') == 1 ? sqladds(getBaiduId($re[2])) : sqladds($re[1]);
if (empty($baidu_name)) {
$sx++;
} else {
$z = $m->once_fetch_array("SELECT COUNT(*) AS bdname FROM `" . DB_NAME . "`.`" . DB_PREFIX . "baiduid` where `name` = '" . $baidu_name . "';");
if ($z['bdname'] > 0) {
$sql = "UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "baiduid` SET `uid`='" . UID . "', `bduss`='" . $re[2] . "' where `name`='" . $baidu_name . "';";
$m->query($sql) ? $up++ : $err++;
} else {
$sql = "INSERT INTO `" . DB_NAME . "`.`" . DB_PREFIX . "baiduid` (`uid`, `bduss`, `name`) VALUES ('" . UID . "', '" . $re[2] . "', '" . $baidu_name . "');";
$m->query($sql) ? $ok++ : $err++;
}
}
}
}
}
/**
* 直接添加插件的一条设置,已存在则跳过
* 注意:需要大量修改的请直接将设置保存到options表
* @param string $plug 插件标识符
* @param string $name 设置项名称
* @param string $value 值
*/
public static function xadd($plug, $name, $value)
{
global $m, $i;
$a = self::pget($plug);
if (!isset($a[$name])) {
$a[$name] = $value;
} else {
return;
}
if ($m->query("UPDATE `" . DB_PREFIX . "plugins` SET `options` = '" . sqladds(serialize($a)) . "' WHERE `name` = '{$plug}';")) {
$i['plugins']['info'][$plug]['options'] = $a;
return true;
} else {
return false;
}
}