$upload = new discuz_upload(); foreach ($_FILES as $key => $file) { if (!isset($_G['cache']['profilesetting'][$key])) { continue; } if (!empty($file) && $file['error'] == 0 || !empty($space[$key]) && empty($_G['gp_deletefile'][$key])) { $value = '1'; } else { $value = ''; } if (profile_check($key, $value, $space)) { $upload->init($file, 'profile'); $attach = $upload->attach; if (!$upload->error()) { $upload->save(); if (!$upload->get_image_info($attach['target'])) { @unlink($attach['target']); continue; } $setarr[$key] = ''; $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment'])); if ($vid && $verifyconfig['available'] && isset($verifyconfig['field'][$key])) { if (isset($verifyinfo['field'][$key])) { @unlink(getglobal('setting/attachdir') . './profile/' . $verifyinfo['field'][$key]); $verifyarr[$key] = $attach['attachment']; } continue; } if (isset($setarr[$key]) && $_G['cache']['profilesetting'][$key]['needverify']) { @unlink(getglobal('setting/attachdir') . './profile/' . $verifyinfo['field'][$key]); $verifyarr[$key] = $attach['attachment'];
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false) { global $_G, $space; if ($albumid < 0) { $albumid = 0; } $allowPicType = array('jpg', 'jpeg', 'gif', 'png'); if (!in_array($fileext, $allowPicType)) { return -3; } $setarr = array(); $upload = new discuz_upload(); $filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext; $newfilename = $_G['setting']['attachdir'] . './album/' . $filepath; if ($handle = fopen($newfilename, 'wb')) { if (fwrite($handle, $strdata) !== FALSE) { fclose($handle); $size = filesize($newfilename); if (empty($space)) { $_G['member'] = $space = getuserbyuid($_G['uid']); $_G['username'] = $space['username']; } $_G['member'] = $space; loadcache('usergroup_' . $space['groupid']); $_G['group'] = $_G['cache']['usergroup_' . $space['groupid']]; $maxspacesize = checkperm('maxspacesize'); if ($maxspacesize) { space_merge($space, 'count'); space_merge($space, 'field_home'); if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize'] * 1024 * 1024) { @unlink($newfilename); return -1; } } if (!$upload->get_image_info($newfilename)) { @unlink($newfilename); return -2; } require_once libfile('class/image'); $image = new image(); $result = $image->Thumb($newfilename, NULL, 140, 140, 1); $thumb = empty($result) ? 0 : 1; $image->Watermark($newfilename); $pic_remote = 0; $album_picflag = 1; if (getglobal('setting/ftp/on')) { $ftpresult_thumb = 0; $ftpresult = ftpcmd('upload', 'album/' . $filepath); if ($ftpresult) { @unlink($_G['setting']['attachdir'] . 'album/' . $filepath); if ($thumb) { $thumbpath = getimgthumbname($filepath); ftpcmd('upload', 'album/' . $thumbpath); @unlink($_G['setting']['attachdir'] . 'album/' . $thumbpath); } $pic_remote = 1; $album_picflag = 2; } else { if (getglobal('setting/ftp/mirror')) { @unlink($newfilename); @unlink(getimgthumbname($newfilename)); return -3; } } } $filename = $name ? $name : substr(strrchr($filepath, '/'), 1); $title = getstr($title, 200); $title = censor($title); if (censormod($title) || $_G['group']['allowuploadmod']) { $pic_status = 1; } else { $pic_status = 0; } if ($albumid) { $albumid = album_creat_by_id($albumid); } else { $albumid = 0; } $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote, 'status' => $pic_status); $setarr['picid'] = C::t('home_pic')->insert($setarr, 1); C::t('common_member_count')->increase($_G['uid'], array('attachsize' => $size)); include_once libfile('function/stat'); updatestat('pic'); return $setarr; } else { fclose($handle); } } return -3; }
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false) { global $_G, $space; if ($albumid < 0) { $albumid = 0; } $setarr = array(); require_once libfile('class/upload'); $upload = new discuz_upload(); $filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext; $newfilename = $_G['setting']['attachdir'] . './album/' . $filepath; if ($handle = fopen($newfilename, 'wb')) { if (fwrite($handle, $strdata) !== FALSE) { fclose($handle); $size = filesize($newfilename); if (empty($space)) { $_G['member'] = $space = getspace($_G['uid']); $_G['username'] = addslashes($space['username']); } $_G['member'] = $space; $maxspacesize = checkperm('maxspacesize'); $maxspacesize = $maxspacesize * 1024 * 1024; if ($maxspacesize) { space_merge($space, 'common_member_count'); space_merge($space, 'common_member_field_home'); if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize']) { @unlink($newfilename); return -1; } } if (!$upload->get_image_info($newfilename)) { @unlink($newfilename); return -2; } require_once libfile('class/image'); $image = new image(); $result = $image->Thumb($newfilename, NULL, 140, 140, 1); $thumb = empty($result) ? 0 : 1; $image->Watermark($newfilename); $pic_remote = 0; $album_picflag = 1; if (getglobal('setting/ftp/on')) { $ftpresult_thumb = 0; $ftpresult = ftpupload('album/' . $filepath); if ($ftpresult) { if ($thumb) { ftpupload('album/' . $filepath . '.thumb.jpg'); } $pic_remote = 1; $album_picflag = 2; } else { if (getglobal('setting/ftp/mirror')) { @unlink($newfilename); @unlink($newfilename . '.thumb.jpg'); return -3; } } } $filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1)); $title = getstr($title, 200, 1, 1, 1); if ($albumid) { $albumid = album_creat_by_id($albumid); } else { $albumid = 0; } $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote); $setarr['picid'] = DB::insert('home_pic', $setarr, 1); DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$size} WHERE uid='{$_G['uid']}'"); include_once libfile('function/stat'); updatestat('pic'); return $setarr; } else { fclose($handle); } } return -3; }
function on_register() { global $_G; $_GET['username'] = $_GET['' . $this->setting['reginput']['username']]; $_GET['password'] = $_GET['' . $this->setting['reginput']['password']]; $_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']]; $_GET['email'] = $_GET['' . $this->setting['reginput']['email']]; if ($_G['uid']) { $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; $url_forward = dreferer(); if (strpos($url_forward, $this->setting['regname']) !== false) { $url_forward = 'forum.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin)); } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) { if ($_GET['action'] == 'activation' || $_GET['activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { if ($this->setting['regconnect']) { dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple'); } showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; if ($this->setting['regverify']) { if ($this->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $this->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $this->setting['regverify'] = 0; break; } } } } $invitestatus = false; if ($this->setting['regstatus'] == 2) { if ($this->setting['inviteconfig']['inviteareawhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $invitestatus = true; } } } if ($this->setting['inviteconfig']['inviteipwhite']) { foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $invitestatus = true; break; } } } } $groupinfo = array(); if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = $this->setting['secqaa']['status'] & 1; $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0; $username = isset($_GET['username']) ? $_GET['username'] : ''; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_GET['auth']; if (!$invitestatus) { $invite = getinvite(); } $sendurl = $this->setting['sendregisterurl'] ? true : false; if ($sendurl) { if (!empty($_GET['hash'])) { $_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']); $hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey'])); if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) { $sendurl = false; } } } if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) { if ($_GET['action'] == 'activation') { $auth = explode("\t", authcode($auth, 'DECODE')); if (FORMHASH != $auth[1]) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $username = $auth[0]; $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE'); $sendurl = false; } if (!$sendurl) { if ($fromuid) { $member = getuserbyuid($fromuid); if (!empty($member)) { $fromuser = dhtmlspecialchars($member['username']); } else { dsetcookie('promotion'); } } if ($_GET['action'] == 'activation') { $auth = dhtmlspecialchars($auth); } if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); $dreferer = dreferer(); include template($this->template); } else { $activationauth = array(); if (isset($_GET['activationauth']) && $_GET['activationauth']) { $activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE')); if ($activationauth[1] != FORMHASH) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $sendurl = false; } if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) { checkemail($_GET['email']); } if ($sendurl) { $hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey'])); $registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&hash={$hashstr}&email={$_GET[email]}"; $email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl)); if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) { runlog('sendmail', "{$_GET['email']} sendmail failed."); } showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10)); } $emailstatus = 0; if ($this->setting['sendregisterurl'] && !$sendurl) { $_GET['email'] = strtolower($hash[0]); $this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify']; if (!$this->setting['regverify']) { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $emailstatus = 1; } if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } $activation = array(); if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) { if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } } if (!$activation) { $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } elseif ($usernamelen > 15) { showmessage('profile_username_toolong'); } if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) { if ($_G['inajax']) { showmessage('profile_username_duplicate'); } else { showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username)); } } if ($this->setting['pwlength']) { if (strlen($_GET['password']) < $this->setting['pwlength']) { showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength'])); } } if ($this->setting['strongpw']) { $strongpw_str = array(); if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_1'); } if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_2'); } if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_3'); } if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) { $strongpw_str[] = lang('member/template', 'strongpw_4'); } if ($strongpw_str) { showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str)); } } $email = strtolower(trim($_GET['email'])); if (empty($email) && $_G['setting']['forgeemail']) { $_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST']; } if (empty($this->setting['ignorepassword'])) { if ($_GET['password'] !== $_GET['password2']) { showmessage('profile_passwd_notmatch'); } if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) { showmessage('profile_passwd_illegal'); } $password = $_GET['password']; } else { $password = md5(random(10)); } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i'; if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) { showmessage('profile_username_protect'); } if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) { showmessage('profile_required_info_invalid'); } if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $this->setting['regctrl'] = $this->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($this->setting['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) { showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl'])); } } $setregip = null; if ($this->setting['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $this->setting['regfloodctrl']) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl'])); } else { $setregip = 1; } } else { $setregip = 2; } } $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { if (defined('IN_MOBILE')) { break; } $field_key = $field['fieldid']; $field_val = $_GET['' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } if (!$activation) { $uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } } else { list($uid, $username, $email) = $activation; } $_G['username'] = $username; if (getuserbyuid($uid, 1)) { if (!$activation) { uc_user_delete($uid); } showmessage('profile_uid_duplicate', '', array('uid' => $uid)); } $password = md5(random(10)); $secques = $questionid > 0 ? random(8) : ''; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { $upload = new discuz_upload(); foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { $upload->init($file, 'profile'); $attach = $upload->attach; if (!$upload->error()) { $upload->save(); if (!$upload->get_image_info($attach['target'])) { @unlink($attach['target']); continue; } $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment'])); if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attach['attachment']; } else { $profile[$key] = $attach['attachment']; } } } } } if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } if ($invite && $this->setting['inviteconfig']['invitegroupid']) { $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid']; } $init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus); C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr); if ($emailstatus) { updatecreditbyaction('realemail', $uid); } if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP); C::t('common_member_verify_info')->insert($setverify); C::t('common_member_verify')->insert(array('uid' => $uid)); } require_once libfile('cache/userstats', 'function'); build_cache_userstats(); if ($this->extrafile && file_exists($this->extrafile)) { require_once $this->extrafile; } if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600); if ($this->setting['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } $regmessage = dhtmlspecialchars($_GET['regmessage']); if ($this->setting['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); updatestat('register'); if ($invite['id']) { $result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid); if (!$result) { C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2)); updatestat('invite'); } else { $invite = array(); } } if ($invite['uid']) { if ($this->setting['inviteconfig']['inviteaddcredit']) { updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit'])); } if ($this->setting['inviteconfig']['invitedaddcredit']) { updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit'])); } require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1); space_merge($invite, 'field_home'); if (!empty($invite['privacy']['feed']['invite'])) { require_once libfile('function/feed'); $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>'); feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']); } if ($invite['appid']) { updatestat('appinvite'); } } if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = replacesitevar($welcomemsgtitle); $welcomemsgtxt = replacesitevar($welcomemsgtxt); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1); } } if ($fromuid) { updatecreditbyaction('promotion_register', $fromuid); dsetcookie('promotion', ''); } dsetcookie('loginuser', ''); dsetcookie('activationauth', ''); dsetcookie('invite_auth', ''); $url_forward = dreferer(); $refreshtime = 3000; switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr)); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) { runlog('sendmail', "{$email} sendmail failed."); } $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $refreshtime = 10000; break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; break; } $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'forum.php'; } $href = str_replace("'", "\\'", $url_forward); $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false); showmessage($message, $url_forward, $param, $extra); } }
function on_register() { global $_G; $_G['gp_username'] = $_G['gp_' . $this->setting['reginput']['username']]; $_G['gp_password'] = $_G['gp_' . $this->setting['reginput']['password']]; $_G['gp_password2'] = $_G['gp_' . $this->setting['reginput']['password2']]; $_G['gp_email'] = $_G['gp_' . $this->setting['reginput']['email']]; if ($_G['uid']) { $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : ''; $url_forward = dreferer(); if (strpos($url_forward, $this->setting['regname']) !== false) { $url_forward = 'forum.php'; } showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin)); } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) { if ($_G['gp_action'] == 'activation' || $this->setting['gp_activationauth']) { if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) { showmessage('register_disable_activation'); } } elseif (!$this->setting['regstatus']) { showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage'])); } } $bbrules =& $this->setting['bbrules']; $bbrulesforce =& $this->setting['bbrulesforce']; $bbrulestxt =& $this->setting['bbrulestxt']; $welcomemsg =& $this->setting['welcomemsg']; $welcomemsgtitle =& $this->setting['welcomemsgtitle']; $welcomemsgtxt =& $this->setting['welcomemsgtxt']; $regname = $this->setting['regname']; if ($this->setting['regverify']) { if ($this->setting['areaverifywhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $this->setting['regverify'] = 0; } } } if ($_G['cache']['ipctrl']['ipverifywhite']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $this->setting['regverify'] = 0; break; } } } } $invitestatus = false; if ($this->setting['regstatus'] == 2) { if ($this->setting['inviteconfig']['inviteareawhite']) { $location = $whitearea = ''; $location = trim(convertip($_G['clientip'], "./")); if ($location) { $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/'); $whitearea = str_replace(array("\\*"), array('.*'), $whitearea); $whitearea = '.*' . $whitearea . '.*'; $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i'; if (@preg_match($whitearea, $location)) { $invitestatus = true; } } } if ($this->setting['inviteconfig']['inviteipwhite']) { foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $invitestatus = true; break; } } } } $groupinfo = array(); if ($this->setting['regverify']) { $groupinfo['groupid'] = 8; } else { $groupinfo['groupid'] = $this->setting['newusergroupid']; } $seccodecheck = $this->setting['seccodestatus'] & 1; $secqaacheck = $this->setting['secqaa']['status'] & 1; $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0; $username = isset($_G['gp_username']) ? $_G['gp_username'] : ''; $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : ''; $auth = $_G['gp_auth']; if (!$invitestatus) { $invite = getinvite(); } if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) { if ($_G['gp_action'] == 'activation') { $auth = explode("\t", authcode($auth, 'DECODE')); if (FORMHASH != $auth[1]) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } $username = $auth[0]; $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE'); } if ($fromuid) { $query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$fromuid}'"); if (DB::num_rows($query)) { $fromuser = dhtmlspecialchars(DB::result($query, 0)); } else { dsetcookie('promotion'); } } $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n"); if ($_G['gp_action'] == 'activation') { $auth = dhtmlspecialchars($auth); } if ($seccodecheck) { $seccode = random(6, 1); } $username = dhtmlspecialchars($username); $htmls = $settings = array(); foreach ($_G['cache']['fields_register'] as $field) { $fieldid = $field['fieldid']; $html = profile_setting($fieldid, array(), false, false, true); if ($html) { $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid]; $htmls[$fieldid] = $html; } } $navtitle = $this->setting['reglinkname']; if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) { require_once libfile('member/' . $this->extrafile, 'module'); } $dreferer = dreferer(); include template($this->template); } else { if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) { showmessage('not_open_registration_invite'); } if ($bbrules && $bbrulehash != $_POST['agreebbrule']) { showmessage('register_rules_agree'); } $activation = array(); if (isset($_G['gp_activationauth'])) { $activationauth = explode("\t", authcode($_G['gp_activationauth'], 'DECODE')); if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) { showmessage('register_activation_invalid', 'member.php?mod=logging&action=login'); } } if (!$activation) { $usernamelen = dstrlen($username); if ($usernamelen < 3) { showmessage('profile_username_tooshort'); } elseif ($usernamelen > 15) { showmessage('profile_username_toolong'); } $username = addslashes(trim(dstripslashes($username))); if (uc_get_user($username) && !DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'")) { if ($_G['inajax']) { showmessage('profile_username_duplicate'); } else { showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => stripslashes($username))); } } $email = trim($_G['gp_email']); if (empty($this->setting['ignorepassword'])) { if ($_G['gp_password'] !== $_G['gp_password2']) { showmessage('profile_passwd_notmatch'); } if (!$_G['gp_password'] || $_G['gp_password'] != addslashes($_G['gp_password'])) { showmessage('profile_passwd_illegal'); } $password = $_G['gp_password']; } else { $password = md5(random(10)); } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i'; if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) { showmessage('profile_username_protect'); } if ($this->setting['regverify'] == 2 && !trim($_G['gp_regmessage'])) { showmessage('profile_required_info_invalid'); } if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $this->setting['regctrl'] = $this->setting['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($this->setting['regctrl']) { $query = DB::query("SELECT ip FROM " . DB::table('common_regip') . " WHERE ip LIKE '{$ctrlip}' AND count='-1' AND dateline>{$_G['timestamp']}-'" . $this->setting['regctrl'] . "'*3600 LIMIT 1"); if (DB::num_rows($query)) { showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl'])); } } $regipsql = ''; if ($this->setting['regfloodctrl']) { if ($regattempts = DB::result_first("SELECT count FROM " . DB::table('common_regip') . " WHERE ip='{$_G['clientip']}' AND count>'0' AND dateline>'{$_G['timestamp']}'-86400")) { if ($regattempts >= $this->setting['regfloodctrl']) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl'])); } else { $regipsql = "UPDATE " . DB::table('common_regip') . " SET count=count+1 WHERE ip='{$_G['clientip']}' AND count>'0'"; } } else { $regipsql = "INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '1', '{$_G['timestamp']}')"; } } $profile = $verifyarr = array(); foreach ($_G['cache']['fields_register'] as $field) { if (defined('IN_MOBILE')) { break; } $field_key = $field['fieldid']; $field_val = $_G['gp_' . $field_key]; if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) { $field_val = true; } if (!profile_check($field_key, $field_val)) { $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday'; showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : ''))); } if ($field['needverify']) { $verifyarr[$field_key] = $field_val; } else { $profile[$field_key] = $field_val; } } if (!$activation) { $uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']); if ($uid <= 0) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } } else { list($uid, $username, $email) = $activation; } $_G['username'] = $username; if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) { if (!$activation) { uc_user_delete($uid); } showmessage('profile_uid_duplicate', '', array('uid' => $uid)); } $password = md5(random(10)); $secques = $questionid > 0 ? random(8) : ''; if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) { $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']); } if (isset($_POST['birthyear'])) { $profile['zodiac'] = get_zodiac($_POST['birthyear']); } if ($_FILES) { require_once libfile('class/upload'); $upload = new discuz_upload(); foreach ($_FILES as $key => $file) { $field_key = 'field_' . $key; if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') { $upload->init($file, 'profile'); $attach = $upload->attach; if (!$upload->error()) { $upload->save(); if (!$upload->get_image_info($attach['target'])) { @unlink($attach['target']); continue; } $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment'])); if ($_G['cache']['fields_register'][$field_key]['needverify']) { $verifyarr[$key] = $attach['attachment']; } else { $profile[$key] = $attach['attachment']; } } } } } if ($regipsql) { DB::query($regipsql); } if ($invite && $this->setting['inviteconfig']['invitegroupid']) { $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid']; } $init_arr = explode(',', $this->setting['initcredits']); $userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => TIMESTAMP, 'credits' => $init_arr[0], 'timeoffset' => 9999); $status_data = array('uid' => $uid, 'regip' => $_G['clientip'], 'lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP, 'lastpost' => 0, 'lastsendmail' => 0); $profile['uid'] = $uid; $field_forum['uid'] = $uid; $field_home['uid'] = $uid; if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) { require_once libfile('member/' . $this->extrafile, 'module'); } DB::insert('common_member', $userdata); DB::insert('common_member_status', $status_data); DB::insert('common_member_profile', $profile); DB::insert('common_member_field_forum', $field_forum); DB::insert('common_member_field_home', $field_home); if ($verifyarr) { $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => TIMESTAMP); DB::insert('common_member_verify_info', $setverify); DB::insert('common_member_verify', array('uid' => $uid)); } $count_data = array('uid' => $uid, 'extcredits1' => $init_arr[1], 'extcredits2' => $init_arr[2], 'extcredits3' => $init_arr[3], 'extcredits4' => $init_arr[4], 'extcredits5' => $init_arr[5], 'extcredits6' => $init_arr[6], 'extcredits7' => $init_arr[7], 'extcredits8' => $init_arr[8]); DB::insert('common_member_count', $count_data); DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true); manyoulog('user', $uid, 'add'); $totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member')); $userstats = array('totalmembers' => $totalmembers, 'newsetuser' => stripslashes($username)); save_syscache('userstats', $userstats); if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) { DB::query("DELETE FROM " . DB::table('common_regip') . " WHERE dateline<='{$_G['timestamp']}'-" . ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) . "*3600", 'UNBUFFERED'); if ($this->setting['regctrl']) { DB::query("INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '-1', '{$_G['timestamp']}')"); } } $regmessage = dhtmlspecialchars($_G['gp_regmessage']); if ($this->setting['regverify'] == 2) { DB::query("REPLACE INTO " . DB::table('common_member_validate') . " (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\t\t\tVALUES ('{$uid}', '{$_G['timestamp']}', '0', '', '1', '0', '{$regmessage}', '')"); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => dstripslashes($_G['username']), 'password' => $password, 'groupid' => $groupinfo['groupid']), 0); include_once libfile('function/stat'); updatestat('register'); if ($invite['id']) { $result = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_invite') . " WHERE uid='{$invite['uid']}' AND fuid='{$uid}'"); if (!$result) { DB::update("common_invite", array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2), array('id' => $invite['id'])); updatestat('invite'); } else { $invite = array(); } } if ($invite['uid']) { if ($this->setting['inviteconfig']['inviteaddcredit']) { updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit'])); } if ($this->setting['inviteconfig']['invitedaddcredit']) { updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit'])); } require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1); space_merge($invite, 'field_home'); if (!empty($invite['privacy']['feed']['invite'])) { require_once libfile('function/feed'); $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>'); feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']); } if ($invite['appid']) { updatestat('appinvite'); } } if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomemsgtitle = addslashes(replacesitevar($welcomemsgtitle)); $welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt)); if ($welcomemsg == 1) { $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array(), 1); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); } elseif ($welcomemsg == 3) { sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt); $welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt)); notification_add($uid, 'system', $welcomemsgtxt, array(), 1); } } if ($fromuid) { updatecreditbyaction('promotion_register', $fromuid); dsetcookie('promotion', ''); } dsetcookie('loginuser', ''); dsetcookie('activationauth', ''); dsetcookie('invite_auth', ''); loadcache('setting', true); $_G['setting']['lastmember'] = stripslashes($username); $settingnew = $_G['setting']; $settingnew['pluginhooks'] = array(); save_syscache('setting', $settingnew); switch ($this->setting['regverify']) { case 1: $idstring = random(6); $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : ''; DB::query("UPDATE " . DB::table('common_member_field_forum') . " SET authstr='{$authstr}' WHERE uid='{$_G['uid']}'"); $verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}"; $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl)); sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message); $message = 'register_email_verify'; $locationmessage = 'register_email_verify_location'; $url_forward = dreferer(); break; case 2: $message = 'register_manual_verify'; $locationmessage = 'register_manual_verify_location'; $url_forward = $_G['setting']['homestatus'] ? 'home.php?mod=space&do=home' : 'home.php?mod=spacecp'; break; default: $message = 'register_succeed'; $locationmessage = 'register_succeed_location'; $url_forward = dreferer(); break; } $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']); if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) { $url_forward = 'forum.php'; } $href = str_replace("'", "\\'", $url_forward); $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false); showmessage($message, $url_forward, $param, $extra); } }
function onVideoAuthAuth($uId, $picData, $picExt = 'jpg', $isReward = false) { global $_G; $res = $this->getUserSpace($uId); if (!$res) { return new ErrorResponse('1', "User({$uId}) Not Exists"); } $allowPicType = array('jpg', 'jpeg', 'gif', 'png'); if (in_array($picExt, $allowPicType)) { $pic = base64_decode($picData); if (!$pic || strlen($pic) == strlen($picData)) { $errCode = '200'; $errMessage = 'Error argument'; return new ErrorResponse($errCode, $errMessage); } $secret = md5($_G['timestamp'] . "\t" . $_G['uid']); $picDir = DISCUZ_ROOT . './data/avatar/' . substr($secret, 0, 1); if (!is_dir($picDir)) { if (!mkdir($picDir, 0777)) { $errCode = '300'; $errMessage = 'Cannot create directory'; return new ErrorResponse($errCode, $errMessage); } } $picDir .= '/' . substr($secret, 1, 1); if (!is_dir($picDir)) { if (!@mkdir($picDir, 0777)) { $errCode = '300'; $errMessage = 'Cannot create directory'; return new ErrorResponse($errCode, $errMessage); } } $picPath = $picDir . '/' . $secret . '.' . $picExt; $fp = @fopen($picPath, 'wb'); if ($fp) { if (fwrite($fp, $pic) !== FALSE) { fclose($fp); require_once libfile('class/upload'); $upload = new discuz_upload(); if (!$upload->get_image_info($picPath)) { @unlink($picPath); } else { DB::update('common_member', array('videophotostatus' => 1), array('uid' => $uId)); $count = DB::result(DB::query("SELECT COUNT(*) FROM " . DB::table('common_member_verify') . " WHERE uid='{$uId}'"), 0); if (!$count) { DB::insert('common_member_verify', array('uid' => $uId, 'verify7' => 1)); } else { DB::update('common_member_verify', array('verify7' => 1), array('uid' => $uId)); } $fields = array('videophoto' => $secret); DB::update('common_member_field_home', $fields, array('uid' => $uId)); $result = DB::affected_rows(); if ($isReward) { updatecreditbyaction('videophoto', $uId); } return $result; } } fclose($fp); } } $errCode = '300'; $errMessage = 'Video Auth Error'; return new ErrorResponse($errCode, $errMessage); }
public function onVideoAuthAuth($uId, $picData, $picExt = 'jpg', $isReward = false) { global $_G; $res = $this->getUserSpace($uId); if (!$res) { return new Cloud_Service_Server_ErrorResponse('1', "User({$uId}) Not Exists"); } $allowPicType = array('jpg', 'jpeg', 'gif', 'png'); if (in_array($picExt, $allowPicType)) { $pic = base64_decode($picData); if (!$pic || strlen($pic) == strlen($picData)) { $errCode = '200'; $errMessage = 'Error argument'; return new Cloud_Service_Server_ErrorResponse($errCode, $errMessage); } $secret = md5($_G['timestamp'] . "\t" . $_G['uid']); $picDir = DISCUZ_ROOT . './data/avatar/' . substr($secret, 0, 1); if (!is_dir($picDir)) { if (!mkdir($picDir, 0777)) { $errCode = '300'; $errMessage = 'Cannot create directory'; return new Cloud_Service_Server_ErrorResponse($errCode, $errMessage); } } $picDir .= '/' . substr($secret, 1, 1); if (!is_dir($picDir)) { if (!@mkdir($picDir, 0777)) { $errCode = '300'; $errMessage = 'Cannot create directory'; return new Cloud_Service_Server_ErrorResponse($errCode, $errMessage); } } $picPath = $picDir . '/' . $secret . '.' . $picExt; $fp = @fopen($picPath, 'wb'); if ($fp) { if (fwrite($fp, $pic) !== FALSE) { fclose($fp); $upload = new discuz_upload(); if (!$upload->get_image_info($picPath)) { @unlink($picPath); } else { C::t('common_member')->update($uId, array('videophotostatus' => 1)); $memberVerify = C::t('common_member_verify')->fetch($uId); if (!$memberVerify) { C::t('common_member_verify')->insert(array('uid' => $uId, 'verify7' => 1)); } else { C::t('common_member_verify')->update($uId, array('verify7' => 1)); } $fields = array('videophoto' => $secret); $result = C::t('common_member_field_home')->update($uId, $fields); if ($isReward) { updatecreditbyaction('videophoto', $uId); } return $result; } } fclose($fp); } } $errCode = '300'; $errMessage = 'Video Auth Error'; return new Cloud_Service_Server_ErrorResponse($errCode, $errMessage); }
function forum_downremotefile($arr, $old_arr) { global $_G; $evo_img_no = $_G['cache']['evn_milu_pick']['evo_img_no']; $config = get_pick_set(); $get_file_ext_arr = $config['get_file_ext'] ? explode('|', $config['get_file_ext']) : array(); $arr['is_download_file'] = $arr['is_download_file'] ? $arr['is_download_file'] : $arr['p_arr']['is_download_file']; $arr['message'] = dstripslashes($arr['content']); //print_r($arr); //$arr['message'] = str_replace(array("\r", "\n"), array($_GET['wysiwyg'] ? '<br />' : '', "\\n"), $arr['message']); preg_match_all("/\\[img\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]|\\[img=\\d{1,4}[x|\\,]\\d{1,4}\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/is", $arr['message'], $image1, PREG_SET_ORDER); //preg_match_all("/\<img.+src=('|\"|)?(.*)(\\1)([\s].*)?\>/ismUe", $arr['message'], $image2, PREG_SET_ORDER); preg_match_all("/\\<img.+src=('|\"|)?(.*)(\\1)(.*)?\\>/isU", $arr['message'], $image2, PREG_SET_ORDER); $temp = $aids = $existentimg = $attach_arr = array(); if (is_array($image1) && !empty($image1)) { foreach ($image1 as $value) { $v = trim(!empty($value[1]) ? $value[1] : $value[2]); $no_remote = 0; if (!filter_something($v, $evo_img_no)) { //存在 $no_remote = 1; } if ($no_remote == 0) { $temp[] = array('0' => $value[0], '1' => $v); } } } if (is_array($image2) && !empty($image2)) { foreach ($image2 as $v) { $no_remote = 0; $v[2] = trim(strip_tags($v[2])); if (!filter_something($v[2], $evo_img_no)) { //存在 $no_remote = 1; } if ($no_remote == 0) { $temp[] = array('0' => $v[0], '1' => $v[2]); } } } if ($arr['is_download_file'] == 1) { $attach_arr = get_attach_data($arr['page_url'], $arr['message']); } $attach_arr = $attach_arr ? $attach_arr : array(); $temp = $temp ? $temp : array(); $temp = array_merge($temp, $attach_arr); //if(VIP) $arr['message'] = post($arr['message'], array('cookie' => $arr['cookie'], 'page_url' => $arr['page_url'], 'cid' => $arr['cid'])); $del_a = 0; if ($arr['content_filter_html'][0] == 0 && $arr['content_filter_html']) { $del_a = 1; } //print_r($arr['message']);exit(); require_once libfile('class/image'); if (is_array($temp) && !empty($temp)) { if (file_exists(libfile('class/upload'))) { require_once libfile('class/upload'); } else { require_once libfile('discuz/upload', 'class'); } $upload = new discuz_upload(); $attachaids = array(); $threadimage_flag = 0; $content_md5_arr = array(); foreach ($temp as $key => $value) { $snoopy_args['cookie'] = $arr['cookie']; $snoop_obj = get_snoopy_obj($snoopy_args); $imageurl = $value[1]; $hash = md5($imageurl); if (strlen($imageurl)) { $imagereplace['oldimageurl'][] = $value[0]; if (!isset($existentimg[$hash])) { $existentimg[$hash] = $imageurl; $attach['ext'] = $upload->fileext($imageurl); if ($upload->is_image_ext($attach['ext']) == 1 && $arr['is_download_img'] != 1) { $imagereplace['newimageurl'][] = $value[0]; continue; } if (!$upload->is_image_ext($attach['ext'])) { $ext = 'no_get'; } if (preg_match('/^(http:\\/\\/|\\.)/i', $imageurl)) { if ($imageurl && snoop_obj) { $content_re = get_img_content($imageurl, $snoop_obj, $ext); } if (is_array($content_re)) { $content = $content_re['content']; $file_name = $attach['name'] = $content_re['file_name'] ? $content_re['file_name'] : ($value[2] ? _striptext($value[2]) : time() . '.' . $content_re['file_ext']); $attach['ext'] = $content_re['file_ext'] ? $content_re['file_ext'] : trim($upload->fileext($file_name)); $file_name = $attach['name'] = $file_name; } else { $content = $content_re; } if (in_array(md5($content), $content_md5_arr)) { $imagereplace['newimageurl'][] = ''; continue; } $content_md5_arr[] = md5($content); } elseif (preg_match('/^(' . preg_quote(getglobal('setting/attachurl'), '/') . ')/i', $imageurl)) { $imagereplace['newimageurl'][] = $value[0]; } if (empty($content)) { if ($value[4] == 1) { if ($del_a == 1) { $imagereplace['newimageurl'][] = $value[2]; } else { unset($imagereplace['oldimageurl'][$key]); } } else { $imagereplace['newimageurl'][] = ''; } continue; } if (!$attach['name']) { $patharr = explode('/', $imageurl); $attach['name'] = trim($patharr[count($patharr) - 1]); } $patharr = explode('/', $imageurl); if (!$attach['name']) { $attach['name'] = trim($patharr[count($patharr) - 1]); } $attach['thumb'] = ''; $attach['ext'] = trim($attach['ext']); //不加这个有些还真不行 $attach['isimage'] = $upload->is_image_ext($attach['ext']); if ($attach['isimage'] == 1 && $arr['is_download_img'] != 1) { $imagereplace['newimageurl'][] = $value[0]; continue; } $attach['extension'] = $upload->get_target_extension($attach['ext']); $attach['attachdir'] = $upload->get_target_dir('forum'); $attach['attachment'] = $attach['attachdir'] . $upload->get_target_filename('forum') . '.' . $attach['extension']; $attach['target'] = getglobal('setting/attachdir') . './forum/' . $attach['attachment']; if (!in_array($attach['ext'], $get_file_ext_arr) && $get_file_ext_arr && $attach['isimage'] == 0) { if ($value[4] == 1) { if ($del_a == 1) { $imagereplace['newimageurl'][] = $value[2]; } else { unset($imagereplace['oldimageurl'][$key]); } } else { $imagereplace['newimageurl'][] = ''; } continue; } if (!@($fp = fopen($attach['target'], 'wb'))) { continue; } else { flock($fp, 2); fwrite($fp, $content); fclose($fp); } if (!$upload->get_image_info($attach['target']) && $attach['isimage'] == 1) { @unlink($attach['target']); continue; } $attach['size'] = filesize($attach['target']); $upload->attach = $attach; $thumb = $width = 0; if ($upload->attach['isimage']) { if ($_G['setting']['thumbstatus']) { $image = new image(); $thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], $_G['setting']['thumbsource']) ? 1 : 0; $width = $image->imginfo['width']; } if ($_G['setting']['thumbsource'] || !$_G['setting']['thumbstatus']) { list($width) = @getimagesize($upload->attach['target']); } if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) && $arr['is_water_img'] == 1) { $image = new image(); $image->Watermark($attach['target'], '', 'forum'); } } $desc = $value[3]; $arr['public_time'] = $arr['public_time'] ? $arr['public_time'] : $arr['dateline']; $arr['public_time'] = $arr['public_time'] ? $arr['public_time'] : $_G['timestamp']; $remote = 0; $setarr = array('uid' => $arr['uid'], 'tid' => $arr['tid'], 'pid' => $arr['pid'], 'filename' => daddslashes($upload->attach['name']), 'attachment' => $upload->attach['attachment'], 'filesize' => $upload->attach['size'], 'thumb' => $thumb, 'remote' => $remote, 'picid' => $picid, 'isimage' => $attach['isimage'], 'description' => $desc, 'readperm' => 0, 'price' => 0, 'width' => $width, 'dateline' => $arr['public_time']); $setimg_arr = array('tid' => $arr['tid'], 'attachment' => $upload->attach['attachment'], 'remote' => $remote); $set_att = array('downloads' => rand(1, 15), 'tableid' => getattachtableid($arr['tid']), 'uid' => $arr['uid'], 'pid' => $arr['pid'], 'tid' => $arr['tid']); if ($threadimage_flag == 0 && !$arr['is_post'] && $attach['isimage'] == 1) { DB::insert('forum_threadimage', $setimg_arr, true); $threadimage_flag = 1; } $setarr['aid'] = $newaids[] = DB::insert('forum_attachment', $set_att, true); $at[] = $setarr['aid']; $attachnew_arr[$setarr['aid']] = array('description' => $setarr['description']); DB::insert(getattachtablebytid($arr['tid']), $setarr, true); $attachaids[$hash] = $imagereplace['newimageurl'][] = '[attach]' . $setarr['aid'] . '[/attach]'; } else { $imagereplace['newimageurl'][] = $attachaids[$hash]; } } } if ($_G['setting']['ftp']['on'] == 1) { require_once libfile('function/post'); ftpupload($newaids, $arr['uid']); } if (count($at) > 0) { $arr['attachment'] = 2; } $arr['message'] = str_replace($imagereplace['oldimageurl'], $imagereplace['newimageurl'], $arr['message']); if ($del_a == 1) { $arr['message'] = clear_html_script($arr['message'], array(0)); } forum_article_content($arr); } }