fields['email']) ) { ShowMsg('你的邮箱格式有错误!', '-1'); exit(); } if($cfg_ml->fields['spacesta'] != -10) { ShowMsg('你的帐号不在邮g验证状态,本操作无效!', '-1'); exit(); } $userhash = md5($cfg_cookie_encode.'--'.$cfg_ml->fields['mid'].'--'.$cfg_ml->fields['email']); $url = $cfg_basehost.(empty($cfg_cmspath) ? '/' : $cfg_cmspath)."/member/index_do.php?fmdo=checkMail&mid={$cfg_ml->fields['mid']}&userhash={$userhash}&do=1"; $url = preg_replace("#http:\/\/#i", '', $url); $url = 'http://'.preg_replace("#\/\/#i", '/', $url); $mailtitle = "{$cfg_webname}--会员邮g验证通知"; $mailbody = ''; $mailbody .= "敬的用户[{$cfg_ml->fields['uname']}]Q您好:\r\n"; $mailbody .= "Ƣ迎注册成ؓ[{$cfg_webname}]的会员。\r\n"; $mailbody .= "要通过注册Q还必须q行最后一步操作,LL复制下面链接到地址栏访问这地址Q\r\n\r\n"; $mailbody .= "{$url}\r\n\r\n"; $mailbody .= "Power by http://www.dedecms.com l梦内容理pȝQ\r\n"; $headers = "From: ".$cfg_adminemail."\r\nReply-To: ".$cfg_adminemail; if($cfg_sendmail_bysmtp == 'Y' && !empty($cfg_smtp_server)) { $mailtype = 'TXT'; require_once(DEDEINC.'/mail.class.php'); $smtp = new smtp($cfg_smtp_server,$cfg_smtp_port,true,$cfg_smtp_usermail,$cfg_smtp_password); $smtp->debug = false; $smtp->sendmail($cfg_ml->fields['email'],$cfg_webname ,$cfg_smtp_usermail, $mailtitle, $mailbody, $mailtype); } else { @mail($cfg_ml->fields['email'], $mailtitle, $mailbody, $headers); } ShowMsg('成功发送邮ӞL后登录你的邮p行接Ӟ', '/member'); exit(); } else if($fmdo=='checkMail') { $mid = intval($mid); if(empty($mid)) { ShowMsg('你的效验串不合法Q?, '-1'); exit(); } $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='{$mid}' "); $needUserhash = md5($cfg_cookie_encode.'--'.$mid.'--'.$row['email']); if($needUserhash != $userhash) { ShowMsg('你的效验串不合法Q?, '-1'); exit(); } if($row['spacesta'] != -10) { ShowMsg('你的帐号不在邮g验证状态,本操作无效!', '-1'); exit(); } $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET spacesta=0 WHERE mid='{$mid}' "); // 清除会员~存 $cfg_ml->DelCache($mid); ShowMsg('操作成功Q请重新dpȝQ?, 'login.php'); exit(); } /********************* function Case_user() *******************/ else if($fmdo=='user') { //查用户名是否存在 if($dopost=="checkuser") { AjaxHead(); $msg = ''; $uid = trim($uid); if($cktype==0) { $msgtitle='用户W名'; } else { #api{{ if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php') { $ucresult = uc_user_checkname($uid); if($ucresult > 0) { echo "√用户名可用"; } elseif($ucresult == -1) { echo "×用户名不合法"; } elseif($ucresult == -2) { echo "×包含要允许注册的词语"; } elseif($ucresult == -3) { echo "×用户名已l存?/b>"; } exit(); } #/aip}} $msgtitle='用户?; } if($cktype!=0 || $cfg_mb_wnameone=='N') { $msg = CheckUserID($uid, $msgtitle); } else { $msg = CheckUserID($uid, $msgtitle, false); } if($msg=='ok') { $msg = "√{$msgtitle}可以使用"; } else { $msg = "×{$msg}"; } echo $msg; exit(); } //查email是否存在 else if($dopost=="checkmail") { AjaxHead(); #api{{ if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php') { $ucresult = uc_user_checkemail($email); if($ucresult > 0) { echo "√可以?/b>"; } elseif($ucresult == -4) { echo "×Email 格式有误Q?/b>"; } elseif($ucresult == -5) { echo "×Email 不允许注册!"; } elseif($ucresult == -6) { echo "×?Email 已经被注册!"; } exit(); } #/aip}} if($cfg_md_mailtest=='N') { $msg = "√可以?/b>"; } else { if(!CheckEmail($email)) { $msg = "×Email格式有误"; } else { $row = $dsql->GetOne("SELECT mid FROM `#@__member` WHERE email LIKE '$email' LIMIT 1"); if(!is_array($row)) { $msg = "√可以?/b>"; } else { $msg = "×Email已经被另一个帐号占用!"; } } } echo $msg; exit(); } //引入注册面 else if($dopost=="regnew") { $step = empty($step)? 1 : intval(preg_replace("/[^\d]/",'', $step)); require_once(dirname(__FILE__)."/reg_new.php"); exit(); } /*************************** //U分换金? function money2s() { } ***************************/ else if($dopost=="money2s") { CheckRank(0,0); if($cfg_money_scores==0) { ShowMsg('pȝ用了积分与金币兑换功能Q?, '-1'); exit(); } $money = empty($money) ? "" : abs(intval($money)); if(empty($money)) { ShowMsg('您没指定要兑换多金币!', '-1'); exit(); } $needscores = $money * $cfg_money_scores; if($cfg_ml->fields['scores'] < $needscores ) { ShowMsg('您积分不I不能换取q么多的金币Q?, '-1'); exit(); } $litmitscores = $cfg_ml->fields['scores'] - $needscores; //保存记录 $mtime = time(); $inquery = "INSERT INTO `#@__member_operation`(`buyid` , `pname` , `product` , `money` , `mtime` , `pid` , `mid` , `sta` ,`oldinfo`) VALUES ('ScoresToMoney', 'U分换金币操?, 'stc' , '0' , '$mtime' , '0' , '{$cfg_ml->M_ID}' , '0' , '?{$needscores} U分兑了换金币:{$money} ?); "; $dsql->ExecuteNoneQuery($inquery); //修改U分与金币? $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET `scores`=$litmitscores, money= money + $money WHERE mid='".$cfg_ml->M_ID."' "); // 清除会员~存 $cfg_ml->DelCache($cfg_ml->M_ID); ShowMsg('成功兑换指定量的金币Q?, 'operation.php'); exit(); } } /********************* function login() *******************/ else if($fmdo=='login') { //用户d if($dopost=="login") { if(!isset($vdcode)) { $vdcode = ''; } $svali = GetCkVdValue(); if(preg_match("/2/",$safe_gdopen)){ if(strtolower($vdcode)!=$svali || $svali=='') { ResetVdValue(); ShowMsg('验证码错误!', 'index.php'); exit(); } } if(CheckUserID($userid,'',false)!='ok') { ResetVdValue(); ShowMsg("你输入的用户?{$userid} 不合法!","index.php"); exit(); } if($pwd=='') { ResetVdValue(); ShowMsg("密码不能为空Q?,"-1",0,2000); exit(); } //查帐? $rs = $cfg_ml->CheckUser($userid,$pwd); #api{{ if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php') { //查帐? list($uid, $username, $password, $email) = uc_user_login($userid, $pwd); if($uid > 0) { $password = md5($password); //当UC存在用户,而CMS不存在时,注册一? if(!$rs) { //会员的默认金? $row = $dsql->GetOne("SELECT `money`,`scores` FROM `#@__arcrank` WHERE `rank`='10' "); $scores = is_array($row) ? $row['scores'] : 0; $money = is_array($row) ? $row['money'] : 0; $logintime = $jointime = time(); $loginip = $joinip = GetIP(); $res = $dsql->ExecuteNoneQuery("INSERT INTO #@__member SET `mtype`='个h',`userid`='$username',`pwd`='$password',`uname`='$username',`sex`='? ,`rank`='10',`money`='$money', `email`='$email', `scores`='$scores', `matt`='0', `face`='',`safequestion`='0',`safeanswer`='', `jointime`='$jointime',`joinip`='$joinip',`logintime`='$logintime',`loginip`='$loginip';"); if($res) { $mid = $dsql->GetLastID(); $data = array ( 0 => "INSERT INTO `#@__member_person` SET `mid`='$mid', `onlynet`='1', `sex`='?, `uname`='$username', `qq`='', `msn`='', `tel`='', `mobile`='', `place`='', `oldplace`='0' , `birthday`='1980-01-01', `star`='1', `income`='0', `education`='0', `height`='160', `bodytype`='0', `blood`='0', `vocation`='0', `smoke`='0', `marital`='0', `house`='0', `drink`='0', `datingtype`='0', `language`='', `nature`='', `lovemsg`='', `address`='',`uptime`='0';", 1 => "INSERT INTO `#@__member_tj` SET `mid`='$mid',`article`='0',`album`='0',`archives`='0',`homecount`='0',`pagecount`='0',`feedback`='0',`friend`='0',`stow`='0';", 2 => "INSERT INTO `#@__member_space` SET `mid`='$mid',`pagesize`='10',`matt`='0',`spacename`='{$uname}的空?,`spacelogo`='',`spacestyle`='person', `sign`='',`spacenews`='';", 3 => "INSERT INTO `#@__member_flink` SET `mid`='$mid', `title`='l梦内容理pȝ', `url`='http://www.dedecms.com';" ); foreach($data as $val) $dsql->ExecuteNoneQuery($val); } } $rs = 1; $row = $dsql->GetOne("SELECT `mid`, `pwd` FROM #@__member WHERE `userid`='$username'"); if(isset($row['mid'])) { $cfg_ml->PutLoginInfo($row['mid']); if($password!=$row['pwd']) $dsql->ExecuteNoneQuery("UPDATE #@__member SET `pwd`='$password' WHERE mid='$row[mid]'"); } //生成同步d的代? $ucsynlogin = uc_user_synlogin($uid); } else if($uid == -1) { //当UC不存在该用而CMS存在,注册一? if($rs) { $row = $dsql->GetOne("SELECT `email` FROM #@__member WHERE userid='$userid'"); $uid = uc_user_register($userid, $pwd, $row['email']); if($uid > 0) $ucsynlogin = uc_user_synlogin($uid); } else { $rs = -1; } } else { $rs = -1; } } #/aip}} if($rs==0) { ResetVdValue(); ShowMsg("用户名不存在Q?, "index.php", 0, 2000); exit(); } else if($rs==-1) { ResetVdValue(); ShowMsg("密码错误Q?, "index.php", 0, 2000); exit(); } else if($rs==-2) { ResetVdValue(); ShowMsg("理员帐号不允许从前台登录!", "index.php", 0, 2000); exit(); } else { // 清除会员~存 $cfg_ml->DelCache($cfg_ml->M_ID); if(empty($gourl) || preg_match("#action|_do#i", $gourl)) { ShowMsg("成功dQ?U钟后{向系l主?..","index.php",0,2000); } else { $gourl = str_replace('^','&',$gourl); ShowMsg("成功dQ现在{向指定页?..",$gourl,0,2000); } exit(); } } //退出登? else if($dopost=="exit") { $cfg_ml->ExitCookie(); #api{{ if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php') { $ucsynlogin = uc_user_synlogout(); } #/aip}} ShowMsg("成功退出登录!","index.php",0,2000); exit(); } } /********************* function moodmsg() *******************/ else if($fmdo=='moodmsg') { //用户d if($dopost=="sendmsg") { if(!empty($content)) { $ip = GetIP(); $dtime = time(); $ischeck = ($cfg_mb_msgischeck == 'Y')? 0 : 1; if($cfg_soft_lang == 'gb2312') { $content = utf82gb(nl2br($content)); } $content = cn_substrR(HtmlReplace($content,1),360); //对表情进行解? $content = addslashes(preg_replace("/\[face:(\d{1,2})\]/is","",$content)); $content = RemoveXSS($content); $inquery = "INSERT INTO `#@__member_msg`(`mid`,`userid`,`ip`,`ischeck`,`dtime`, `msg`) VALUES ('{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','$ip','$ischeck','$dtime', '$content'); "; $rs = $dsql->ExecuteNoneQuery($inquery); if(!$rs) { $output['type'] = 'error'; $output['data'] = '更新p|,请重?'; exit(); } $output['type'] = 'success'; if($cfg_soft_lang == 'gb2312') { $content = utf82gb(nl2br($content)); } $output['data'] = stripslashes($content); exit(json_encode($output)); } } } else { ShowMsg("本页面禁止返?","index.php"); } ߹ۿȫ ŷƴɫ 99Ʒ
ۺͼƬ12p Ƶ ֱӿĻɫ ҹŮڵˮƵ Ҫձ