login.php

在传统CMS文章内容管理功能基础上

<?php
/*
[BBWPS!] (C)2006-2010 小蜜蜂版权所有.
This is NOT a freeware, use is subject to license terms
*/
error_reporting(0);
require_once("./class/template_class.php");
require_once("./class/mysql_class.php");
require_once("./function/function.php");
require_once("./config.php");
require_once("./function/checkBaseSession.php");
require_once("./config/baseCheckCode.php");
include_once("./$adminDir/data/userconfig.php");
include_once("./data/webconfig.php");
include_once("./class/tagParse_class.php");
include_once("./class/ParseOut_class.php");
include_once("./lang/$configlang");
//------------------------------------------------------
//获得$_SESSION变量,用于验证码
//------------------------------------------------------
$action  = $_GET['action'];
if($action=="reg"){
	$userName = $_POST['post_bbwps_user'];
	$pass     = md5($_POST['post_bbwps_pwd']);
	$cookie   = $_POST['cookietime'];
	if(!$userName||!$pass){                //判断是用户信息是否为空
		Meta(0,"login.php");
	}
	//用户输入验证码较验
	if($logincard==1){
		$_SESSION=getBBWPSSession("./$session/");
		if($_SESSION['bbwps_yz_code']!=md5($_POST['post_bbwps_yz'])){
			MsgError($langUserRegisterArray["reg_uncheckcode"]);
		}
	}

	//END用户输入验证码较验
	//////////////////////////////////////////////////////////////////////////////////////////
	//////////////////////////////////////////////////////////////////////////////////////////
	//判断用户是否被禁用或不存在
	$db= new DB($hostname,$username,$password,$database); //建立数据库对像
	$availableSql  = "SELECT * FROM ".$database.".".$prefix."members where username='$_POST[post_bbwps_user]'";
	$availableObj = $db->get_one($availableSql);
	if(!$availableObj){
		MsgError($langUserRegisterArray["log_username_unexist"]);
	}
	if($availableObj->available==0){
		if($availableObj->reason){
			MsgError("{$_POST[post_bbwps_user]}:{$availableObj->reason}");
		}
		else{
			MsgError("{$_POST[post_bbwps_user]}:{$langUserRegisterArray["log_unstate"]}");
		}
	}
	////////////////////////////////////////////////////////END判断用户是否被禁用
	$onlineip = foundIp();//获得IP
	$timestamp = time();                                         //最后一次登陆时间
	//判断IP是否被禁止
	$ipSql  = "SELECT * FROM ".$prefix."forbidip";
	$ipRes = $db->query($ipSql,true);
	while($ipObj=$db->fetch_object($ipRes)){
		if($ipObj->forbid==0){
			if($ipObj->overtime>time()){
				if(strpos($ipObj->forbidip,"*") === false){
					if($ipObj->forbidip==$onlineip){
						MsgError($langUserRegisterArray["log_ip_lock"]);
					}
				}else{
					$ipForbidLow  = ch(str_replace("*","000",$ipObj->forbidip));
					$ipForbidHigh = ch(str_replace("*","255",$ipObj->forbidip));
					if(ch($onlineip)<=$ipForbidHigh&&ch($onlineip)>=$ipForbidLow){
						MsgError($langUserRegisterArray["log_ip_lock"]);
					}
				}
			}
		}
	}

	$row = $availableObj;              //执行查询操作
	if($row->password==$pass){         //登陆成功
		$credits=$row->credits;
		//--------------------------------------------
		//查出该用户在虚拟组
		//--------------------------------------------
		$vipSql = "select * from ".$prefix."permitgroup WHERE pgid='$row->vipnum' and popen=1 limit 0,1";
		$vipObj = $db->get_one($vipSql);
		if($row->vipwait){
			$module=$vipObj->module;
		}
		else{
			$module=serialize(array());
		}
		intval($cookie)>0?$cookie=time()+$cookie:$cookie=0;
		if(count($domain)<1||!$domain[0]){
			setcookie("bbwps_user",$userName,$cookie,"/");
			setcookie("bbwps_uid",$row->uid,$cookie,"/");
			setcookie("bbwps_pwd",$pass,$cookie,"/");
			setcookie("bbwps_regctrl",$row->regctrl,$cookie,"/");
			//------------------------------------------
			//以下为BBWPS2.0新增加的COOKIE变量
			//------------------------------------------
			setcookie("bbwps_ip",$onlineip,$cookie,"/");
			setcookie("bbwps_check",encode($pass,$baseCheckCode),$cookie,"/");
			setcookie("bbwps_permit",base64_encode($vipObj->permit),$cookie,"/");
			//------------------------------------------
			//以下为BBWPS2.1新增加的COOKIE变量
			//------------------------------------------
			setcookie("bbwps_pgid",$row->vipnum,$cookie,"/");
			setcookie("bbwps_module",base64_encode($module),$cookie,"/");
		}else {
			foreach ($domain as $value){
				setcookie("bbwps_user",$userName,$cookie,"/",$value);
				setcookie("bbwps_uid",$row->uid,$cookie,"/");
				setcookie("bbwps_pwd",$pass,$cookie,"/",$value);
				setcookie("bbwps_regctrl",$row->regctrl,$cookie,"/",$value);
				//------------------------------------------
				//以下为BBWPS2.0新增加的COOKIE变量
				//------------------------------------------
				setcookie("bbwps_ip",$onlineip,time()+$cookie,"/",$value);
				setcookie("bbwps_check",encode($pass,$baseCheckCode),$cookie,"/",$value);
				setcookie("bbwps_permit",base64_encode($vipObj->permit),$cookie,"/",$value);
				//------------------------------------------
				//以下为BBWPS2.1新增加的COOKIE变量
				//------------------------------------------
				setcookie("bbwps_pgid",$row->vipnum,$cookie,"/",$value);
				setcookie("bbwps_module",base64_encode($module),$cookie,"/",$value);
			}
		}

		unset($vipObj);
		$oltime = $row->oltime+1;                                    //登陆次数
		$updateSql = "update ".$prefix."members set lastvisit='".$timestamp."', lastip='".$onlineip."', oltime='".$oltime."' where username='$userName'";
		$db->update($updateSql);
		//////////////////////////////////////////////////////////////////////////////
		//discuz 论坛整合
		if($isdiscuz==1){
			include_once("./function/func_dz.php");
			$forward = ($_POST['forward'])?$_POST['forward']:$_COOKIE['bbwps_path'];
			$member = array(
			'cookietime'	=> $cookie,
			'time'		=> time(),
			'username'	=> $userName,
			'password'	=> $pass,
			'email'		=> $row->email,
			);
			$action = "login";
			$auth = passport_encrypt(passport_encode($member), $passport_key);
			$verify = md5($action.$auth.$forward.$passport_key);
			header('Location: '.$discuzpath.'api/passport.php?action='.$action.'&auth='.rawurlencode($auth).'&forward='.rawurlencode($forward).'&verify='.$verify);
		}
		//end discuz 论坛整合
		//////////////////////////////////////////////////////////////////////////////
		else {
			if(file_exists("./$adminDir/data/phpwind.php")){
				include_once("./$adminDir/data/phpwind.php");
				if($isphpwind){
					$forward = ($_POST['forward'])?$_POST['forward']:$_COOKIE['bbwps_path'];
					$member = array(
					'cktime'	    => $cookie,
					'username'	=> $userName,
					'password'	=> $pass,
					'email'		=> $row->email,
					'time'       => time()
					);
					if($pwArray["pw_field"]!="none"&&$pwArray["pw_field"]){
						$member[$pwArray["pw_field"]]=$credits*$pw_proportion;
					}
					$action = "login";
					$userdb=passport_encode($member);
					$userdb=StrCode($userdb);
					$verify=md5($action.$userdb.$forward.$pw_key);
					header('Location: '.$pw_path.'/passport_client.php?action='.$action.'&userdb='.rawurlencode($userdb).'&forward='.rawurlencode($forward).'&verify='.$verify);
					exit("PHPWINDOK");
				}
				else{
					if($_GET["indexFlag"]){
						header('Location: '.$installPath."/user/");
					}
					else{
						header('Location: '.$_COOKIE['bbwps_path']);
					}
				}
			}
			if($_GET["indexFlag"]){
				header('Location: '.$installPath."/user/");
			}
			else{
				header('Location: '.$_COOKIE['bbwps_path']);
			}
		}
		$db->__DB();
		unset($user,$pass,$db,$sql);
		exit();
	}else{      //登陆失败
		$db->close();
		unset($user,$pass,$db,$sql,$row,$onlineip,$timestamp);
		print ("<script language=javascript>window.history.back();</script>");
		exit();
	}
}else {
	$p=new Template("./template/index");
	include_once("./data/module.php");
	$p->set_file("handle_module","index_module.html");
	foreach ($moduleArray as $module){
		if($module["isstart"]=="1"&&$module["cbaseid"]==0){
			$p->set_var("module_name",$module["name"]);
			$p->set_var("module_link",$module["dns"]);
			$p->parse("module","handle_module",true);
		}
	}
	foreach ($cbaseArrayConfig as $node){
		if($node["pcbaseid"]==0){
			$p->set_var("module_name",$node["cbasename"]);
			if($node["nodeurl"]!='0'){
				$p->set_var("module_link",$node["nodeurl"]);
			}
			else{
				$p->set_var("module_link","./front/?node-{$node["cbaseid"]}.html");
			}
			$p->parse("module","handle_module",true);
		}
	}

	$p->set_file("handle","login.html");

	//-----------------------------------------
	//调用tagParse_class类解析模块通讯
	//-----------------------------------------
	$t = new tagParse($p,"./template/index/login.html",$baseCheckCode);
	$t->setInstallPath($installPath);
	$t->setModuleArray($moduleArray);
	//-----------------------------------------
	//开通缓存
	//-----------------------------------------
	$web['web_isbasecash']?$t->setOpenCash(TRUE):$t->setOpenCash(FALSE);
	$web_cashtime = intval($web['web_cashtime']);
	$t->setCashTime($web_cashtime*60,$web_cashtime*60);
	$t->setCashDir("./cache");
	$p = $t->parse();

	if($logincard==1){                     //是否开启验证码
		$p->set_var("display","block");
	}else {
		$p->set_var("display","none");
	}
	($ischinese==0)?$p->set_var("styleischinese","style=\"ime-mode:disabled\""):null;
	$p->set_var("forward",$_GET['forward']);
	$p->set_var($web);
	$p->parse("out","handle");
	$p->p("out");
	unset($p);
}
?>