📄 user.php
字号:
if(strstr($_SERVER['HTTP_REFERER'],"e/member/iframe"))
{
$gotourl=$public_r['newsurl']."e/member/iframe";
}
$gotourl=DoingReturnUrl($gotourl,$_GET['ecmsfrom']);
printerror("ExitSuccess",$gotourl,$dopr);
}
//-----------------------------------清空COOKIE
function EmptyEcmsCookie(){
$set1=esetcookie("mlusername","",0);
$set2=esetcookie("mluserid","",0);
$set3=esetcookie("mlgroupid","",0);
$set4=esetcookie("mlrnd","",0);
}
//----------------------------------------登陆
function login1($username,$password,$lifetime,$key,$location){
global $empire,$user_tablename,$user_userid,$user_username,$user_password,$user_dopass,$user_group,$user_groupid,$user_rnd,$public_r,$user_salt,$user_saltnum,$dbtbpre,$eloginurl,$user_checked;
if($eloginurl)
{
Header("Location:$eloginurl");
exit();
}
$dopr=1;
if($_POST['prtype'])
{
$dopr=9;
}
if(!trim($username)||!trim($password))
{printerror("EmptyLogin","history.go(-1)",$dopr);}
//验证码
if($public_r['loginkey_ok'])
{
$checkplkey=getcvar('checkplkey');
if($key<>$checkplkey||empty($checkplkey))
{printerror("FailKey","history.go(-1)",$dopr);}
}
$username=RepPostVar($username);
$password=RepPostVar($password);
//编码转换
$utfusername=doUtfAndGbk($username,0);
$password=doUtfAndGbk($password,0);
//密码
if(empty($user_dopass))//单重md5
{
$password=md5($password);
}
if($user_dopass==3)//16位md5
{
$password=substr(md5($password),8,16);
}
//双重md5
$num=0;
if($user_dopass==2)
{
$ur=$empire->fetch1("select ".$user_userid.",".$user_salt.",".$user_password." from ".$user_tablename." where ".$user_username."='$utfusername'");
$password=md5(md5($password).$ur[$user_salt]);
$num=0;
if($password==$ur[$user_password])
{$num=1;}
if(empty($ur[$user_userid]))
{$num=0;}
}
else
{
$num=$empire->gettotal("select count(*) as total from ".$user_tablename." where ".$user_username."='$utfusername' and ".$user_password."='".$password."' limit 1");
}
if(!$num)
{
printerror("FailPassword","history.go(-1)",$dopr);
}
$r=$empire->fetch1("select * from ".$user_tablename." where ".$user_username."='$utfusername' limit 1");
if($r[$user_checked]==0)
{
printerror("NotCheckedUser",'',1);
}
$time=date("Y-m-d H:i:s");
$rnd=make_password(12);//取得随机密码
//默认会员组
if(empty($r[$user_group]))
{$r[$user_group]=$user_groupid;}
$r[$user_group]=(int)$r[$user_group];
$usql=$empire->query("update ".$user_tablename." set ".$user_rnd."='$rnd',".$user_group."=".$r[$user_group]." where ".$user_userid."='$r[$user_userid]'");
//设置cookie
$logincookie=0;
if($lifetime)
{
$logincookie=time()+$lifetime;
}
$set1=esetcookie("mlusername",$username,$logincookie);
$set2=esetcookie("mluserid",$r[$user_userid],$logincookie);
$set3=esetcookie("mlgroupid",$r[$user_group],$logincookie);
$set4=esetcookie("mlrnd",$rnd,$logincookie);
//登录附加cookie
AddLoginCookie($r);
$location="../../";
$returnurl=getcvar('returnurl');
if($returnurl)
{
$location=$returnurl;
}
if(strstr($_SERVER['HTTP_REFERER'],"e/member/iframe"))
{$location="../member/iframe";}
$set5=esetcookie("checkplkey","");
$set6=esetcookie("returnurl","");
if($set1&&$set2)
{
$location=DoingReturnUrl($location,$_POST['ecmsfrom']);
printerror("LoginSuccess",$location,$dopr);
}
else
{
printerror("NotCookie","history.go(-1)",$dopr);
}
}
//----------------------------------批量赠送点数
function GetFen_all($cardfen,$userid,$username){
global $empire,$user_tablename,$user_userfen;
$cardfen=(int)$cardfen;
if(!$cardfen)
{printerror("EmptyGetFen","history.go(-1)");}
//验证权限
CheckLevel($userid,$username,$classid,"card");
$sql=$empire->query("update ".$user_tablename." set ".$user_userfen."=".$user_userfen."+$cardfen");
if($sql)
{
//操作日志
insert_dolog("cardfen=$cardfen");
printerror("GetFenSuccess","GetFen.php");
}
else
{printerror("DbError","history.go(-1)");}
}
//----------------------------------增加点数
function AddInfoFen($cardfen,$userid){
global $empire,$user_tablename,$user_userfen,$user_userid;
$cardfen=(int)$cardfen;
$sql=$empire->query("update ".$user_tablename." set ".$user_userfen."=".$user_userfen."+".$cardfen." where ".$user_userid."='$userid'");
}
//转向会员组
function OutTimeZGroup($userid,$zgroupid){
global $empire,$user_tablename,$user_group,$user_zgroup,$user_userdate,$user_userid;
if($zgroupid)
{
$sql=$empire->query("update ".$user_tablename." set ".$user_group."='".$zgroupid."',".$user_userdate."=0 where ".$user_userid."='$userid'");
}
else
{
$sql=$empire->query("update ".$user_tablename." set ".$user_userdate."=0 where ".$user_userid."='$userid'");
}
}
//处理注册字段值
function DoMemberFValue($val){
$val=htmlspecialchars($val);
return $val;
}
//删除会员字段附件
function DelYMemberTranFile($file,$tf){
global $empire,$dbtbpre;
if(empty($file)){
return "";
}
$r=explode("/",$file);
$count=count($r);
$filename=$r[$count-1];
$fr=$empire->fetch1("select filename,path,fileid,fpath,classid from {$dbtbpre}enewsfile where no='Member[".$tf."]' and filename='$filename' limit 1");
if($fr['fileid'])
{
$sql=$empire->query("delete from {$dbtbpre}enewsfile where fileid='$fr[fileid]'");
DoDelFile($fr);
}
}
//返回会员字段
function ReturnDoMemberF($fid,$add,$mr,$ecms=0,$username=''){
global $empire,$dbtbpre,$tranpicturetype,$public_r;
$pr=$empire->fetch1("select openmembertranimg,memberimgsize,memberimgtype,openmembertranfile,memberfilesize,memberfiletype from {$dbtbpre}enewspublic limit 1");
$formr=$empire->fetch1("select fid,enter,mustenter,filef,imgf from {$dbtbpre}enewsmemberform where fid='$fid'");
//检测必填字段
$mustr=explode(",",$formr['mustenter']);
$mustcount=count($mustr);
for($i=1;$i<$mustcount-1;$i++)
{
$mf=$mustr[$i];
if(strstr($formr['filef'],",".$mf.",")||strstr($formr['imgf'],",".$mf.","))//附件
{
$mfilef=$mf."file";
//上传文件
if($_FILES[$mfilef]['name'])
{
if(strstr($formr['imgf'],",".$mf.","))//图片
{
if(!$pr['openmembertranimg'])
{
printerror("CloseQTranPic","",1);
}
}
else//附件
{
if(!$pr['openmembertranfile'])
{
printerror("CloseQTranFile","",1);
}
}
}
elseif(!trim($add[$mf])&&!$mr[$mf])
{
printerror("EmptyQMustF","",1);
}
}
else
{
if(!trim($add[$mf]))
{
printerror("EmptyQMustF","",1);
}
}
}
//字段处理
$dh="";
$tranf="";
$record="<!--record-->";
$field="<!--field--->";
$fr=explode($record,$formr['enter']);
$count=count($fr);
for($i=0;$i<$count-1;$i++)
{
$fr1=explode($field,$fr[$i]);
$f=$fr1[1];
//附件
if(strstr($formr['filef'],",".$f.",")||strstr($formr['imgf'],",".$f.","))
{
//上传附件
$filetf=$f."file";
if($_FILES[$filetf]['name'])
{
$filetype=GetFiletype($_FILES[$filetf]['name']);//取得文件类型
if($filetype==".php")
{
printerror("NotQTranFiletype","",1);
}
if(strstr($formr['imgf'],",".$f.","))//图片
{
if(!$pr['openmembertranimg'])
{
printerror("CloseQTranPic","",1);
}
if(!strstr($pr['memberimgtype'],"|".$filetype."|"))
{
printerror("NotQTranFiletype","",1);
}
if($_FILES[$filetf]['size']>$pr['memberimgsize']*1024)
{
printerror("TooBigQTranFile","",1);
}
if(!strstr($tranpicturetype,','.$filetype.','))
{
printerror("NotQTranFiletype","",1);
}
}
else//附件
{
if(!$pr['openmembertranfile'])
{
printerror("CloseQTranFile","",1);
}
if(!strstr($pr['memberfiletype'],"|".$filetype."|"))
{
printerror("NotQTranFiletype","",1);
}
if($_FILES[$filetf]['size']>$pr['memberfilesize']*1024)
{
printerror("TooBigQTranFile","",1);
}
}
$tranf.=$dh.$f;
$dh=",";
$fval="[!#@-".$f."-@!]";
}
else
{
$fval=$add[$f];
if($ecms==1&&$mr[$f]&&!trim($fval))
{
$fval=$mr[$f];
}
}
}
else
{
$fval=$add[$f];
}
$fval=DoMemberFValue($fval);
$fval=addslashes($fval);
if($ecms==0)//添加
{
$ret_r[0].=",`".$f."`";
$ret_r[1].=",'".$fval."'";
}
else//编辑
{
$ret_r[0].=",`".$f."`='".$fval."'";
}
}
//上传附件
if($tranf)
{
$infoid=0;
$filepass=0;
$classid=0;
$tranr=explode(",",$tranf);
$count=count($tranr);
for($i=0;$i<$count;$i++)
{
$tf=$tranr[$i];
$tffile=$tf."file";
$tfr=DoTranFile($_FILES[$tffile]['tmp_name'],$_FILES[$tffile]['name'],$_FILES[$tffile]['type'],$_FILES[$tffile]['size'],$classid);
if($tfr['tran'])
{
if(strstr($formr['imgf'],",".$tf.","))//图片
{
$type=1;
}
else//附件
{
$type=0;
}
//写入数据库
$filetime=date("Y-m-d H:i:s");
$filesize=(int)$_FILES[$tffile]['size'];
$sql=$empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,id,cjid,fpath) values('$tfr[filename]',$filesize,'[EditInfo]".$username."','$tfr[filepath]','$filetime',$classid,'Member[".$tf."]',$type,$infoid,$filepass,'$public_r[fpath]');");
//删除旧文件
if($ecms==1&&$mr[$tf])
{
DelYMemberTranFile($mr[$tf],$tf);
}
$repfval=$tfr['url'];
}
else
{
$repfval=$mr[$tf];
}
if($ecms==0)//添加
{
$ret_r[1]=str_replace("[!#@-".$tf."-@!]",$repfval,$ret_r[1]);
}
else//编辑
{
$ret_r[0]=str_replace("[!#@-".$tf."-@!]",$repfval,$ret_r[0]);
}
}
}
return $ret_r;
}
//删除会员附件
function DoDelMemberF($fid,$userid,$username){
global $empire,$dbtbpre;
$r=$empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='$userid'");
$sql=$empire->query("delete from {$dbtbpre}enewsmemberadd where userid='$userid'");
if(empty($r[userid]))
{
return '';
}
$formr=$empire->fetch1("select fid,filef,imgf from {$dbtbpre}enewsmemberform where fid='$fid'");
if(empty($formr['filef']))
{
$formr['filef']=',';
}
if(empty($formr['imgf']))
{
$formr['imgf']=',';
}
$fields=substr($formr['filef'],0,strlen($formr['filef'])-1).$formr['imgf'];
$fr=explode(',',$fields);
$count=count($fr);
for($i=1;$i<$count-1;$i++)
{
$f=$fr[$i];
if($r[$f])
{
DelYMemberTranFile($r[$f],$f);
}
}
}
if($utfdata&&!function_exists("iconv"))
{
@include_once("doiconv.php");
}
?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -