op.php

程序脚本为PHP+MYSQL

<?php 
/*
法律声明:本软件仅面对香港地区使用,若在大陆使用而引起的法律问题,程序开发者将不付任何法律责任,
由于软件开发难免会有缺陷,若由于程序缺陷而造成的任何损失程序开发者将不负任何责任!
特此声明!
声明内容请勿去除,它的存在并不影响程序的运行速度!
*/
set_time_limit(1800);
session_start();
include("inc/conn.php");
$sql_odate=mysql_query("select * from ptime where now_sign='1'",$conn);  //update open date
$open_time=mysql_result($sql_odate,0,"open_time");
$downdate=mysql_result($sql_odate,0,"dates");
$opendate=substr($open_time,0,10);
$utime=str_replace("-","",$opendate);
mysql_query("update ptime set open_date='$utime' where dates='$downdate'",$conn);
$_SESSION["downdate"]=$downdate;
$_SESSION["opendate"]=$opendate;
if(isset($_POST['login'])&&isset($_POST['pass'])&&isset($_POST['code']))
{ $user_account=chop($_POST['login']);
  $user=$user_account;
  $user_password=md5(chop($_POST['pass']));
  $yzcode=$_SESSION["yzcode"];
  char($user_account);
  char($user_password);
  char($yzcode);
  if(isset($yzcode)&&isset($_POST["code"]))
  { 
    if($_POST["code"]==$yzcode)
	{
	   checkuser($user_account,$user_password);
	   include("pro.php");
	}else  outscript("alert('验证码错误,请重新输入!');history.back(1);");
  }
}else
{
  outscript("alert('请输入完整的信息!');history.back(1);");
}
function checkuser($user_account,$user_password)
{ global $conn;
$sql=mysql_query("select * from member where user_account='$user_account'",$conn);
 if(mysql_num_rows($sql)==0)
 { 
  outscript("alert('该账号不存在!');history.back(1);"); 
 }else
 {
  $sqls=mysql_query("select * from member where user_account='$user_account' and user_password='$user_password'",$conn);
   if(mysql_num_rows($sqls)==0)
   {
     mysql_query("update member set login_err=login_err+1 where user_account='$user_account'",$conn);
    outscript("alert('密码错误,请重新输入!');history.back(1);"); 
   }else
   {
	 $deleted=mysql_result($sqls,0,"deleted");
	 if($deleted==1)
	 {
	   outscript("alert('您的账户已被停用!');history.back(1)"); 
	 }else
	 {
	   $names=mysql_result($sqls,0,"user_name");
	   $users=mysql_result($sqls,0,"user_account");
	   $_SESSION["name"]=$names;
	   $_SESSION["user"]=$users;
	   $_SESSION["type"]=mysql_result($sqls,0,"user_plate");
	   $_SESSION["plate"]=mysql_result($sqls,0,"user_plate");
	   $_SESSION["credit"]=mysql_result($sqls,0,"user_credit");
	   $_SESSION["used"]=mysql_result($sqls,0,"used_credit");
	   $_SESSION["agent"]=mysql_result($sqls,0,"agent");
	   $_SESSION["all_agent"]=mysql_result($sqls,0,"all_agent");
	   $_SESSION["super_agent"]=mysql_result($sqls,0,"super_agent");
	   mysql_query("update member set online='0' where user_account='$users'",$conn);
	   $sqlf=mysql_query("select * from online where user_account='$users'",$conn);
	   $have=mysql_num_rows($sqlf);
	   $ip=$_SERVER['REMOTE_ADDR'];
	   $tm=date(YmdHis);
	   mysql_query("update member set login_num=login_num+1,login_time='$tm',ip='$ip' where user_account='$user_account'",$conn);
	   if($have==0) mysql_query("insert into online(user_type,user_name,user_account,ip,login_time,active_time)values('1','$names','$users','$ip','$tm','$tm')",$conn);
	   if($have>0)
	   {
	     $_SESSION["onyes"]=1;
	     mysql_query("insert into onuser(user_account,sign)values('$users','1')",$conn);//别处登录
	   }
	 }
   }
 }
}
function char($arr)
{
 $ay="<,>,?,/,\,$,@,',*,!,#,%,^,&,(,),;,~,],[";
 $sa=split(",",$ay);
 for($i=1;$i<count($sa)-1;$i++)
 {
 if(strstr($arr,$sa[$i])) outscript("alert('请不要输入非法字符!');history.back(1);");
 }
}
function outscript($arr)
{
  echo "<script language='javascript'>".$arr."</script>";
}
?>