📄 login.inc.php
字号:
<?php
function checkmember( )
{
global $msql;
global $fsql;
global $tbl_member;
global $tbl_member_type;
global $tbl_member_rights;
global $fm;
global $CentUpdate;
global $SiteUrl;
global $strLoginNotice1;
global $strLoginNotice2;
global $strLoginNotice3;
global $strLoginNotice4;
global $CONF;
$muser = $_POST['muser'];
$mpass = $_POST['mpass'];
$logintype = $_POST['logintype'];
$fm = $_POST['fm'];
$ImgCode = $_POST['ImgCode'];
if ( $muser == "" || $mpass == "" )
{
$PageMain = err( $strLoginNotice1, "", "" );
return $PageMain;
}
else
{
$mdpass = md5( $mpass );
$msql->query( "select * from {$tbl_member} where user='{$muser}' and password='{$mdpass}'" );
if ( $msql->next_record( ) )
{
$checked = $msql->f( "checked" );
$exptime = $msql->f( "exptime" );
$memberid = $msql->f( "memberid" );
$membertypeid = $msql->f( "membertypeid" );
$name = $msql->f( "name" );
$email = $msql->f( "email" );
$cent = $msql->f( "cent" );
$nowtime = time( );
if ( $checked != "1" )
{
$PageMain = err( $strLoginNotice2, "", "" );
return $PageMain;
}
else if ( $exptime != 0 && $exptime < $nowtime )
{
$PageMain = err( $strLoginNotice3, "", "" );
return $PageMain;
}
else
{
$ip = $_SERVER['REMOTE_ADDR'];
$fsql->query( "update {$tbl_member} set logincount=logincount+1,logintime='{$nowtime}',loginip='{$ip}' where memberid='{$memberid}'" );
$fsql->query( "select membertype from {$tbl_member_type} where membertypeid='{$membertypeid}'" );
if ( $fsql->next_record( ) )
{
$membertype = $fsql->f( "membertype" );
}
$fsql->query( "select * from {$tbl_member_rights} where memberid='{$memberid}' and securetype='con'" );
if ( $fsql->next_record( ) )
{
$consecure = $fsql->f( "secureset" );
}
$fsql->query( "select * from {$tbl_member_rights} where memberid='{$memberid}' and securetype='menu'" );
if ( $fsql->next_record( ) )
{
$menusecure = $fsql->f( "secureset" );
}
$md5 = md5( $muser."76|01|14".$memberid.$membertype.$consecure.$menusecure );
setcookie( "MUSER", $muser );
setcookie( "MEMBERNAME", $name );
setcookie( "MEMBERID", $memberid );
setcookie( "MEMBERTYPE", $membertype );
setcookie( "MEMBERTYPEID", $membertypeid );
setcookie( "ZC", $md5 );
setcookie( "SE", $consecure );
setcookie( "SM", $menusecure );
$discuzopen = $CONF['DiscuzOpen'];
if ( $discuzopen == "1" )
{
$discuzurl = $CONF['DiscuzUrl'];
$discuzcode = $CONF['DiscuzCode'];
if ( $fm == "yes" && $_COOKIE['FMTO'] != "" )
{
$toward = $SiteUrl.$_COOKIE['FMTO'];
}
else
{
$toward = $SiteUrl."member.php";
}
$memberarr = array(
"cookietime" => 31536000,
"time" => time( ),
"username" => $muser,
"password" => $mdpass,
"email" => $email
);
$auth = passport_encrypt( passport_encode( $memberarr ), $discuzcode );
$verify = md5( "login".$auth.$toward.$discuzcode );
header( "Location: ".$discuzurl."/api/passport.php?action=login&auth=".rawurlencode( $auth )."&forward=".rawurlencode( $toward )."&verify=".$verify );
}
else if ( $fm == "yes" && $_COOKIE['FMTO'] != "" )
{
echo "<script>window.location='".$_COOKIE['FMTO']."';</script>";
}
else
{
echo "<script>window.location='member.php';</script>";
}
}
}
else
{
$PageMain = err( $strLoginNotice4, "", "" );
return $PageMain;
}
}
}
function lostpass( )
{
global $msql;
global $tbl_member;
global $SiteUrl;
global $SiteName;
global $SiteHttp;
global $SiteEmail;
global $MenuInfo;
global $strLostpassNtc1;
global $strLostpassNtc2;
global $strLostpassNtc3;
global $strLostpassNtc4;
global $strLostpassNtc5;
global $strLostpassNtc6;
global $strLostpassNtc7;
global $strLostpassNtc8;
global $strLostpassNtc9;
$step = $_REQUEST['step'];
if ( $step == "checkmail" )
{
$codestr = $_GET['codestr'];
$username = $_GET['username'];
$tm = $_GET['tm'];
if ( !isset( $_COOKIE['NEWPASSWD'] ) || $_COOKIE['NEWPASSWD'] == "" )
{
$PageMain = err( $strLostpassNtc7, "lostpass.php", "" );
return $PageMain;
}
$md5 = md5( $username."Z(o)C~LoSbZ8Tj7MvBAs(8)!nn^Lp^12345^Pm".$_COOKIE['NEWPASSWD'].$tm );
if ( $md5 == $codestr )
{
$mdpass = md5( $_COOKIE['NEWPASSWD'] );
$msql->query( "update {$tbl_member} set password='{$mdpass}' where user='{$username}'" );
$PageMain = sayok( $strLostpassNtc8, "login.php", "" );
return $PageMain;
}
else
{
$PageMain = err( $strLostpassNtc9, "lostpass.php", "" );
return $PageMain;
}
}
else if ( $step == "2" )
{
$username = $_POST['username'];
$newpass = $_POST['newpass'];
if ( !isset( $username ) || $username == "" || $newpass == "" )
{
$str = err( $strLostpassNtc1, "", "" );
return $str;
}
else
{
$msql->query( "select email from {$tbl_member} where user='{$username}'" );
if ( $msql->next_record( ) )
{
$email = $msql->f( "email" );
$tm = time( );
setcookie( "NEWPASSWD", $newpass, time( ) + 7200 );
$md5 = md5( $username."Z(o)C~LoSbZ8Tj7MvBAs(8)!nn^Lp^12345^Pm".$newpass.$tm );
$link = $SiteUrl."lostpass.php?step=checkmail&username=".$username."&codestr=".$md5."&tm=".$tm;
$message = $username.$strLostpassNtc2."\r\n \r\n".$strLostpassNtc3."\r\n \r\n".$link."\r\n \r\n".$SiteName."\r\n".$SiteHttp;
include( ROOTPATH."includes/func/ebmail.inc.php" );
ebmail( $email, $SiteEmail, $strLostpassNtc4, $message );
$str = sayok( $strLostpassNtc5."<br><br>".$email, "", "" );
return $str;
}
else
{
$str = err( $strLostpassNtc6, "", "" );
return $str;
}
}
}
else
{
$PageMain .= loadtemp( ROOTPATH."templates/".$MenuInfo['skin']."/tpl_lostpass.htm" );
return $PageMain;
}
}
function readbiglogin( )
{
global $PageMain;
global $fm;
$PageMain = "<br><br>".loadbiglogintemp( $fm )."<br><br>";
}
function updatemembertype( $memberid, $membertypeid, $cent )
{
global $fsql;
global $tsql;
global $tbl_member;
global $tbl_member_rights;
global $tbl_default_rights;
global $tbl_member_type;
$fsql->query( "select * from {$tbl_member_type} where membertypeid='{$membertypeid}' and startcent<={$cent} and endcent>={$cent}" );
if ( $fsql->next_record( ) )
{
return 0;
}
else
{
$tsql->query( "select membertypeid from {$tbl_member_type} where startcent<={$cent} and endcent>={$cent}" );
if ( $tsql->next_record( ) )
{
$ifneed = 1;
$changetypeid = $tsql->f( "membertypeid" );
}
else
{
return 0;
}
}
if ( $ifneed == "1" )
{
$fsql->query( "delete from {$tbl_member_rights} where memberid='{$memberid}'" );
$fsql->query( "select * from {$tbl_default_rights} where membertypeid='{$changetypeid}'" );
while ( $fsql->next_record( ) )
{
$secureid = $fsql->f( "secureid" );
$securetype = $fsql->f( "securetype" );
$secureset = $fsql->f( "secureset" );
$tsql->query( "insert into {$tbl_member_rights} values(\r\n\t\t\t0,\r\n\t\t '{$memberid}',\r\n\t\t '{$secureid}',\r\n\t\t '{$securetype}',\r\n\t\t '{$secureset}'\r\n\t\t\t)" );
}
$fsql->query( "update {$tbl_member} set membertypeid='{$changetypeid}' where memberid='{$memberid}'" );
return $changetypeid;
}
}
function checkagent( )
{
global $msql;
global $fsql;
global $tbl_agent;
global $PageMain;
global $REMOTE_ADDR;
global $SiteUrl;
$muser = $_POST['muser'];
$mpass = $_POST['mpass'];
if ( $muser == "" || $mpass == "" )
{
$PageMain = err( "请填写用户名和密码!", "", "" );
}
else
{
$msql->query( "select * from {$tbl_agent} where user='{$muser}' and password=PASSWORD('{$mpass}')" );
if ( $msql->next_record( ) )
{
$agentid = $msql->f( "agentid" );
$md5 = md5( $muser."76|YYY|18".$agentid );
setcookie( "AUSER", $muser );
setcookie( "AID", $agentid );
setcookie( "AZC", $md5 );
echo "<script>window.location='agent_main.php';</script>";
}
else
{
$PageMain = err( "用户名或密码错误,请重新登录!", "", "" );
}
}
}
?>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -