ecshop新注册会员登录审核插件

最新推荐文章于 2018-06-16 14:05:38 发布
最新推荐文章于 2018-06-16 14:05:38 发布
阅读量1.4k 收藏 1
点赞数
分类专栏: PHP 文章标签: ecshop 会员审核

1、进入 后台 》 数据库管理  》SQL查询,执行下面的SQL语句:

ALTER TABLE `ecs_users` ADD column `state` tinyint NOT NULL default '0';
注意:这里我使用的是默认数据库前缀ecs_,如果你的数据库前缀不是 ecs_  , 请修改之。

2、打开admin/users.php文件
(1)找到:(大约在206-249行左右)

/*------------------------------------------------------ */
//-- 编辑用户帐号
/*------------------------------------------------------ */

elseif ($_REQUEST['act'] == 'edit')
{
    /* 检查权限 */
    admin_priv('users_manage');

    $sql = "SELECT u.user_name, u.sex, u.birthday, u.pay_points, u.rank_points, u.user_rank , u.user_money, u.frozen_money, u.credit_line, u.parent_id, u2.user_name as parent_username, u.qq, u.msn, u.office_phone, u.home_phone, u.mobile_phone".
        " FROM " .$ecs->table('users'). " u LEFT JOIN " . $ecs->table('users') . " u2 ON u.parent_id = u2.user_id WHERE u.user_id='$_GET[id]'";

    $row = $db->GetRow($sql);
    $row['user_name'] = addslashes($row['user_name']);
    $users  =& init_users();
    $user   = $users->get_user_info($row['user_name']);

    $sql = "SELECT u.user_id, u.sex, u.birthday, u.pay_points, u.rank_points, u.user_rank , u.user_money, u.frozen_money, u.credit_line, u.parent_id, u2.user_name as parent_username, u.qq, u.msn,
    u.office_phone, u.home_phone, u.mobile_phone".
        " FROM " .$ecs->table('users'). " u LEFT JOIN " . $ecs->table('users') . " u2 ON u.parent_id = u2.user_id WHERE u.user_id='$_GET[id]'";

    $row = $db->GetRow($sql);

    if ($row)
    {
        $user['user_id']        = $row['user_id'];
        $user['sex']            = $row['sex'];
        $user['birthday']       = date($row['birthday']);
        $user['pay_points']     = $row['pay_points'];
        $user['rank_points']    = $row['rank_points'];
        $user['user_rank']      = $row['user_rank'];
        $user['user_money']     = $row['user_money'];
        $user['frozen_money']   = $row['frozen_money'];
        $user['credit_line']    = $row['credit_line'];
        $user['formated_user_money'] = price_format($row['user_money']);
        $user['formated_frozen_money'] = price_format($row['frozen_money']);
        $user['parent_id']      = $row['parent_id'];
        $user['parent_username']= $row['parent_username'];
        $user['qq']             = $row['qq'];
        $user['msn']            = $row['msn'];
        $user['office_phone']   = $row['office_phone'];
        $user['home_phone']     = $row['home_phone'];
        $user['mobile_phone']   = $row['mobile_phone'];
    }
将这段代码修改为: 

/*------------------------------------------------------ */
//-- 编辑用户帐号
/*------------------------------------------------------ */

elseif ($_REQUEST['act'] == 'edit')
{
    /* 检查权限 */
    admin_priv('users_manage');

    $sql = "SELECT u.user_name, u.sex, u.birthday, u.pay_points, u.rank_points, u.user_rank , u.user_money, u.frozen_money, u.credit_line, u.parent_id, u2.user_name as parent_username, u.qq, u.msn, u.office_phone, u.home_phone, u.mobile_phone, u.state". /* mod by www.53moban.com 新注册会员登录审核插件 */
        " FROM " .$ecs->table('users'). " u LEFT JOIN " . $ecs->table('users') . " u2 ON u.parent_id = u2.user_id WHERE u.user_id='$_GET[id]'";

    $row = $db->GetRow($sql);
    $row['user_name'] = addslashes($row['user_name']);
    $users  =& init_users();
    $user   = $users->get_user_info($row['user_name']);

    $sql = "SELECT u.user_id, u.sex, u.birthday, u.pay_points, u.rank_points, u.user_rank , u.user_money, u.frozen_money, u.credit_line, u.parent_id, u2.user_name as parent_username, u.qq, u.msn,
    u.office_phone, u.home_phone, u.mobile_phone, u.state". /* 新注册会员登录审核插件 */
        " FROM " .$ecs->table('users'). " u LEFT JOIN " . $ecs->table('users') . " u2 ON u.parent_id = u2.user_id WHERE u.user_id='$_GET[id]'";

    $row = $db->GetRow($sql);

    if ($row)
    {
        $user['user_id']        = $row['user_id'];
        $user['sex']            = $row['sex'];
        $user['birthday']       = date($row['birthday']);
        $user['pay_points']     = $row['pay_points'];
        $user['rank_points']    = $row['rank_points'];
        $user['user_rank']      = $row['user_rank'];
        $user['user_money']     = $row['user_money'];
        $user['frozen_money']   = $row['frozen_money'];
        $user['credit_line']    = $row['credit_line'];
        $user['formated_user_money'] = price_format($row['user_money']);
        $user['formated_frozen_money'] = price_format($row['frozen_money']);
        $user['parent_id']      = $row['parent_id'];
        $user['parent_username']= $row['parent_username'];
        $user['qq']             = $row['qq'];
        $user['msn']            = $row['msn'];
        $user['office_phone']   = $row['office_phone'];
        $user['home_phone']     = $row['home_phone'];
        $user['mobile_phone']   = $row['mobile_phone'];
        $user['state'] = $row['state']; /* 新注册会员登录审核插件 */
    }
(如果这里做过二次开发的话,其实就是在, u.mobile_phone的后面添加, u.state )
(如果这里做过二次开发的话,其实就是在, u.mobile_phone的后面添加, u.state )
(如果这里做过二次开发的话,其实就是在$user['mobile_phone']   = $row['mobile_phone'];的下面添加$user['state'] = $row['state'];)

(2)找到:(大约在338-355行左右)

/*------------------------------------------------------ */
//-- 更新用户帐号
/*------------------------------------------------------ */

elseif ($_REQUEST['act'] == 'update')
{
    /* 检查权限 */
    admin_priv('users_manage');
    $username = empty($_POST['username']) ? '' : trim($_POST['username']);
    $password = empty($_POST['password']) ? '' : trim($_POST['password']);
    $email = empty($_POST['email']) ? '' : trim($_POST['email']);
    $sex = empty($_POST['sex']) ? 0 : intval($_POST['sex']);
    $sex = in_array($sex, array(0, 1, 2)) ? $sex : 0;
    $birthday = $_POST['birthdayYear'] . '-' .  $_POST['birthdayMonth'] . '-' . $_POST['birthdayDay'];
    $rank = empty($_POST['user_rank']) ? 0 : intval($_POST['user_rank']);
    $credit_line = empty($_POST['credit_line']) ? 0 : floatval($_POST['credit_line']);

    $users  =& init_users();
将这段代码修改为: 

/*------------------------------------------------------ */
//-- 更新用户帐号
/*------------------------------------------------------ */

elseif ($_REQUEST['act'] == 'update')
{
    /* 检查权限 */
    admin_priv('users_manage');
    $username = empty($_POST['username']) ? '' : trim($_POST['username']);
    $password = empty($_POST['password']) ? '' : trim($_POST['password']);
    $email = empty($_POST['email']) ? '' : trim($_POST['email']);
    $sex = empty($_POST['sex']) ? 0 : intval($_POST['sex']);
    $sex = in_array($sex, array(0, 1, 2)) ? $sex : 0;
    $birthday = $_POST['birthdayYear'] . '-' .  $_POST['birthdayMonth'] . '-' . $_POST['birthdayDay'];
    $rank = empty($_POST['user_rank']) ? 0 : intval($_POST['user_rank']);
    $credit_line = empty($_POST['credit_line']) ? 0 : floatval($_POST['credit_line']);
    $state = empty($_POST['state']) ? 0 : intval($_POST['state']); /* 新注册会员登录审核插件 */
    $users  =& init_users();
(如果这里做过二次开发的话,其实就是在$credit_line = empty($_POST['credit_line']) ? 0 : floatval($_POST['credit_line']);的下面添加$state = empty($_POST['state']) ? 0 : intval($_POST['state']);)

(3)找到:(大约在401-410行左右,在elseif ($_REQUEST['act'] == 'update')里面)

    /* 更新会员的其它信息 */
    $other =  array();
    $other['credit_line'] = $credit_line;
    $other['user_rank'] = $rank;

    $other['msn'] = isset($_POST['extend_field1']) ? htmlspecialchars(trim($_POST['extend_field1'])) : '';
    $other['qq'] = isset($_POST['extend_field2']) ? htmlspecialchars(trim($_POST['extend_field2'])) : '';
    $other['office_phone'] = isset($_POST['extend_field3']) ? htmlspecialchars(trim($_POST['extend_field3'])) : '';
    $other['home_phone'] = isset($_POST['extend_field4']) ? htmlspecialchars(trim($_POST['extend_field4'])) : '';
    $other['mobile_phone'] = isset($_POST['extend_field5']) ? htmlspecialchars(trim($_POST['extend_field5'])) : '';
将这段代码修改为: 

    /* 更新会员的其它信息 */
    $other =  array();
    $other['credit_line'] = $credit_line;
    $other['user_rank'] = $rank;
    $other['state'] = $state; /* 新注册会员登录审核插件 */
    $other['msn'] = isset($_POST['extend_field1']) ? htmlspecialchars(trim($_POST['extend_field1'])) : '';
    $other['qq'] = isset($_POST['extend_field2']) ? htmlspecialchars(trim($_POST['extend_field2'])) : '';
    $other['office_phone'] = isset($_POST['extend_field3']) ? htmlspecialchars(trim($_POST['extend_field3'])) : '';
    $other['home_phone'] = isset($_POST['extend_field4']) ? htmlspecialchars(trim($_POST['extend_field4'])) : '';
    $other['mobile_phone'] = isset($_POST['extend_field5']) ? htmlspecialchars(trim($_POST['extend_field5'])) : '';
(如果这里做过二次开发的话,其实就是在$other['user_rank'] = $rank;的下面添加$other['state'] = $state;)

(4)找到:(大约在665-749行左右)

/**
 *  返回用户列表数据
 *
 * @access  public
 * @param
 *
 * @return void
 */
function user_list()
{
    $result = get_filter();
    if ($result === false)
    {
        /* 过滤条件 */
        $filter['keywords'] = empty($_REQUEST['keywords']) ? '' : trim($_REQUEST['keywords']);
        if (isset($_REQUEST['is_ajax']) && $_REQUEST['is_ajax'] == 1)
        {
            $filter['keywords'] = json_str_iconv($filter['keywords']);
        }
        $filter['rank'] = empty($_REQUEST['rank']) ? 0 : intval($_REQUEST['rank']);
        $filter['pay_points_gt'] = empty($_REQUEST['pay_points_gt']) ? 0 : intval($_REQUEST['pay_points_gt']);
        $filter['pay_points_lt'] = empty($_REQUEST['pay_points_lt']) ? 0 : intval($_REQUEST['pay_points_lt']);

        $filter['sort_by']    = empty($_REQUEST['sort_by'])    ? 'user_id' : trim($_REQUEST['sort_by']);
        $filter['sort_order'] = empty($_REQUEST['sort_order']) ? 'DESC'     : trim($_REQUEST['sort_order']);

        $ex_where = ' WHERE 1 ';
        if ($filter['keywords'])
        {
            $ex_where .= " AND user_name LIKE '%" . mysql_like_quote($filter['keywords']) ."%'";
        }
        if ($filter['rank'])
        {
            $sql = "SELECT min_points, max_points, special_rank FROM ".$GLOBALS['ecs']->table('user_rank')." WHERE rank_id = '$filter[rank]'";
            $row = $GLOBALS['db']->getRow($sql);
            if ($row['special_rank'] > 0)
            {
                /* 特殊等级 */
                $ex_where .= " AND user_rank = '$filter[rank]' ";
            }
            else
            {
                $ex_where .= " AND rank_points >= " . intval($row['min_points']) . " AND rank_points < " . intval($row['max_points']);
            }
        }
        if ($filter['pay_points_gt'])
        {
             $ex_where .=" AND pay_points >= '$filter[pay_points_gt]' ";
        }
        if ($filter['pay_points_lt'])
        {
            $ex_where .=" AND pay_points < '$filter[pay_points_lt]' ";
        }

        $filter['record_count'] = $GLOBALS['db']->getOne("SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('users') . $ex_where);

        /* 分页大小 */
        $filter = page_and_size($filter);
        $sql = "SELECT user_id, user_name, email, is_validated, user_money, frozen_money, rank_points, pay_points, reg_time ".
                " FROM " . $GLOBALS['ecs']->table('users') . $ex_where .
                " ORDER by " . $filter['sort_by'] . ' ' . $filter['sort_order'] .
                " LIMIT " . $filter['start'] . ',' . $filter['page_size'];

        $filter['keywords'] = stripslashes($filter['keywords']);
        set_filter($filter, $sql);
    }
    else
    {
        $sql    = $result['sql'];
        $filter = $result['filter'];
    }

    $user_list = $GLOBALS['db']->getAll($sql);

    $count = count($user_list);
    for ($i=0; $i<$count; $i++)
    {
        $user_list[$i]['reg_time'] = local_date($GLOBALS['_CFG']['date_format'], $user_list[$i]['reg_time']);
    }

    $arr = array('user_list' => $user_list, 'filter' => $filter,
        'page_count' => $filter['page_count'], 'record_count' => $filter['record_count']);

    return $arr;
}
将这段代码修改为: 
/**
 *  返回用户列表数据
 *
 * @access  public
 * @param
 *
 * @return void
 */
function user_list()
{
    $result = get_filter();
    if ($result === false)
    {
        /* 过滤条件 */
        $filter['keywords'] = empty($_REQUEST['keywords']) ? '' : trim($_REQUEST['keywords']);
        if (isset($_REQUEST['is_ajax']) && $_REQUEST['is_ajax'] == 1)
        {
            $filter['keywords'] = json_str_iconv($filter['keywords']);
        }
        $filter['rank'] = empty($_REQUEST['rank']) ? 0 : intval($_REQUEST['rank']);
        $filter['pay_points_gt'] = empty($_REQUEST['pay_points_gt']) ? 0 : intval($_REQUEST['pay_points_gt']);
        $filter['pay_points_lt'] = empty($_REQUEST['pay_points_lt']) ? 0 : intval($_REQUEST['pay_points_lt']);

        $filter['sort_by']    = empty($_REQUEST['sort_by'])    ? 'user_id' : trim($_REQUEST['sort_by']);
        $filter['sort_order'] = empty($_REQUEST['sort_order']) ? 'DESC'     : trim($_REQUEST['sort_order']);

        $ex_where = ' WHERE 1 ';
        if ($filter['keywords'])
        {
            $ex_where .= " AND user_name LIKE '%" . mysql_like_quote($filter['keywords']) ."%'";
        }
        if ($filter['rank'])
        {
            $sql = "SELECT min_points, max_points, special_rank FROM ".$GLOBALS['ecs']->table('user_rank')." WHERE rank_id = '$filter[rank]'";
            $row = $GLOBALS['db']->getRow($sql);
            if ($row['special_rank'] > 0)
            {
                /* 特殊等级 */
                $ex_where .= " AND user_rank = '$filter[rank]' ";
            }
            else
            {
                $ex_where .= " AND rank_points >= " . intval($row['min_points']) . " AND rank_points < " . intval($row['max_points']);
            }
        }
        if ($filter['pay_points_gt'])
        {
             $ex_where .=" AND pay_points >= '$filter[pay_points_gt]' ";
        }
        if ($filter['pay_points_lt'])
        {
            $ex_where .=" AND pay_points < '$filter[pay_points_lt]' ";
        }

        $filter['record_count'] = $GLOBALS['db']->getOne("SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('users') . $ex_where);

        /* 分页大小 */
        $filter = page_and_size($filter);
        $sql = "SELECT user_id, user_name, email, is_validated, user_money, frozen_money, rank_points, pay_points, reg_time, state ". /* 新注册会员登录审核插件 */
                " FROM " . $GLOBALS['ecs']->table('users') . $ex_where .
                " ORDER by " . $filter['sort_by'] . ' ' . $filter['sort_order'] .
                " LIMIT " . $filter['start'] . ',' . $filter['page_size'];

        $filter['keywords'] = stripslashes($filter['keywords']);
        set_filter($filter, $sql);
    }
    else
    {
        $sql    = $result['sql'];
        $filter = $result['filter'];
    }

    $user_list = $GLOBALS['db']->getAll($sql);

    $count = count($user_list);
    for ($i=0; $i<$count; $i++)
    {
        $user_list[$i]['reg_time'] = local_date($GLOBALS['_CFG']['date_format'], $user_list[$i]['reg_time']);
    }

    $arr = array('user_list' => $user_list, 'filter' => $filter,
        'page_count' => $filter['page_count'], 'record_count' => $filter['record_count']);

    return $arr;
}
(如果这里做过二次开发的话,其实就是在, reg_time的后面添加, state)
3、打开admin/templates/user_info.htm文件
找到:(大约在6-9行左右) 
  <tr>
    <td class="label">{$lang.username}:</td>
    <td>{if $form_action eq "update"}{$user.user_name}<input type="hidden" name="username" value="{$user.user_name}" />{else}<input type="text" name="username" maxlength="60" value="{$user.user_name}" />{$lang.require_field}{/if}</td>
  </tr>
在这段代码的下面添加: 
  <!-- 新注册会员登录审核插件 begin -->
  <tr>
    <td class="label">审核:</td>
    <td><select name="state" id=""><option value="1" {if $user.state==1}selected{/if}>通过</option><option value="0" {if $user.state==0}selected{/if}>未审核</option></select></td>
  </tr>
  <!-- 新注册会员登录审核插件 end -->
4、打开admin/templates/users_list.htm文件
找到:(大约在20-29行左右) 
<!--用户列表部分-->
<table cellpadding="3" cellspacing="1">
  <tr>
    <th>
      <input οnclick='listTable.selectAll(this, "checkboxes")' type="checkbox">
      <a href="javascript:listTable.sort('user_id'); ">{$lang.record_id}</a>{$sort_user_id}
    </th>
    <th><a href="javascript:listTable.sort('user_name'); ">{$lang.username}</a>{$sort_user_name}</th>
    <th><a href="javascript:listTable.sort('email'); ">{$lang.email}</a>{$sort_email}</th>
    <th><a href="javascript:listTable.sort('is_validated'); ">{$lang.is_validated}</a>{$sort_is_validate}</th>
在这段代码的下面添加: 
    <!-- 新注册会员登录审核插件 begin -->
    <th>是否已审核</th>
    <!-- 新注册会员登录审核插件 end -->
(2)找到:(大约在39-42行左右) 
    <td><input type="checkbox" name="checkboxes[]" value="{$user.user_id}" notice="{if $user.user_money ne 0}1{else}0{/if}"/>{$user.user_id}</td>
    <td class="first-cell">{$user.user_name|escape}</td>
    <td><span οnclick="listTable.edit(this, 'edit_email', {$user.user_id})">{$user.email}</span></td>
    <td align="center">{if $user.is_validated} <img src="images/yes.gif"> {else} <img src="images/no.gif"> {/if}</td>
在这段代码的下面添加: 
    <!-- 新注册会员登录审核插件 begin -->
    <td align="center">{if $user.state} <img src="images/yes.gif"> {else} <img src="images/no.gif"> {/if}</td>
    <!-- 新注册会员登录审核插件 end -->
5、打开根目录下user.php文件
(1)找到:(大约在356-368行左右,在elseif ($action == 'act_login')里面) 
    if ($user->login($username, $password,isset($_POST['remember'])))
    {
        update_user_info();
        recalculate_price();

        $ucdata = isset($user->ucdata)? $user->ucdata : '';
        show_message($_LANG['login_success'] . $ucdata , array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act,'user.php'), 'info');
    }
    else
    {
        $_SESSION['login_fail'] ++ ;
        show_message($_LANG['login_failure'], $_LANG['relogin_lnk'], 'user.php', 'error');
    }
在这段代码的上面添加: 
    /* 新注册会员登录审核插件 begin */
    $sql = "SELECT user_name,state FROM ".$ecs->table('users')." WHERE user_name = '".$username."'";
    $count = $db->getRow($sql);
    if($count)
    {
        if(!$count['state'])
        {
            show_message("你的账号还未通过审核,暂无法登录网站");
        }
    }
    /* 新注册会员登录审核插件 end */
(2)找到:(大约在235-241行左右,在elseif ($action == 'act_register')里面) 
            /* 判断是否需要自动发送注册邮件 */
            if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email'])
            {
                send_regiter_hash($_SESSION['user_id']);
            }
            $ucdata = empty($user->ucdata)? "" : $user->ucdata;
            show_message(sprintf($_LANG['register_success'], $username . $ucdata), array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act, 'user.php'), 'info');
将这段代码修改为: 
            /* 判断是否需要自动发送注册邮件 */
            if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email'])
            {
                send_regiter_hash($_SESSION['user_id']);
            }
            $ucdata = empty($user->ucdata)? "" : $user->ucdata;
            /* 新注册会员登录审核插件 begin */
            $user->logout();
            show_message("您的会员已经注册成功但需要人工审核!","","index.php");
            /* 新注册会员登录审核插件 end */
            //show_message(sprintf($_LANG['register_success'], $username . $ucdata), array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act, 'user.php'), 'info');
(3)找到:(大约在250-268行左右) 
/* 验证用户注册邮件 */
elseif ($action == 'validate_email')
{
    $hash = empty($_GET['hash']) ? '' : trim($_GET['hash']);
    if ($hash)
    {
        include_once(ROOT_PATH . 'includes/lib_passport.php');
        $id = register_hash('decode', $hash);
        if ($id > 0)
        {
            $sql = "UPDATE " . $ecs->table('users') . " SET is_validated = 1 WHERE user_id='$id'";
            $db->query($sql);
            $sql = 'SELECT user_name, email FROM ' . $ecs->table('users') . " WHERE user_id = '$id'";
            $row = $db->getRow($sql);
            show_message(sprintf($_LANG['validate_ok'], $row['user_name'], $row['email']),$_LANG['profile_lnk'], 'user.php');
        }
    }
    show_message($_LANG['validate_fail']);
}
将这段代码修改为: 
/* 验证用户注册邮件 */
elseif ($action == 'validate_email')
{
    $hash = empty($_GET['hash']) ? '' : trim($_GET['hash']);
    if ($hash)
    {
        include_once(ROOT_PATH . 'includes/lib_passport.php');
        $id = register_hash('decode', $hash);
        if ($id > 0)
        {
            $sql = "UPDATE " . $ecs->table('users') . " SET is_validated = 1 WHERE user_id='$id'";
            $db->query($sql);
            $sql = 'SELECT user_name, email FROM ' . $ecs->table('users') . " WHERE user_id = '$id' and state=1"; /* 新注册会员登录审核插件 */
            $row = $db->getRow($sql);
            show_message(sprintf($_LANG['validate_ok'], $row['user_name'], $row['email']),$_LANG['profile_lnk'], 'user.php');
        }
    }
    show_message($_LANG['validate_fail']);
}
(如果这里做过二次开发的话,其实也就是在user_id = '$id'的后面添加 and state=1)
6、打开includes/modules/integrates/ecshop.php文件
找到:(大约在79-177行左右) 
    /**
     *  检查指定用户是否存在及密码是否正确(重载基类check_user函数,支持zc加密方法)
     *
     * @access  public
     * @param   string  $username   用户名
     *
     * @return  int
     */
    function check_user($username, $password = null)
    {
        if ($this->charset != 'UTF8')
        {
            $post_username = ecs_iconv('UTF8', $this->charset, $username);
        }
        else
        {
            $post_username = $username;
        }

        if ($password === null)
        {
            $sql = "SELECT " . $this->field_id .
                   " FROM " . $this->table($this->user_table).
                   " WHERE " . $this->field_name . "='" . $post_username . "'";

            return $this->db->getOne($sql);
        }
        else
        {
            $sql = "SELECT user_id, password, salt,ec_salt " .
                   " FROM " . $this->table($this->user_table).
                   " WHERE user_name='$post_username'";
            $row = $this->db->getRow($sql);
			$ec_salt=$row['ec_salt'];
            if (empty($row))
            {
                return 0;
            }

            if (empty($row['salt']))
            {
                if ($row['password'] != $this->compile_password(array('password'=>$password,'ec_salt'=>$ec_salt)))
                {
                    return 0;
                }
                else
                {
					if(empty($ec_salt))
				    {
						$ec_salt=rand(1,9999);
						$new_password=md5(md5($password).$ec_salt);
					    $sql = "UPDATE ".$this->table($this->user_table)."SET password= '" .$new_password."',ec_salt='".$ec_salt."'".
                   " WHERE user_name='$post_username'";
                         $this->db->query($sql);

					}
                    return $row['user_id'];
                }
            }
            else
            {
                /* 如果salt存在,使用salt方式加密验证,验证通过洗白用户密码 */
                $encrypt_type = substr($row['salt'], 0, 1);
                $encrypt_salt = substr($row['salt'], 1);

                /* 计算加密后密码 */
                $encrypt_password = '';
                switch ($encrypt_type)
                {
                    case ENCRYPT_ZC :
                        $encrypt_password = md5($encrypt_salt.$password);
                        break;
                    /* 如果还有其他加密方式添加到这里  */
                    //case other :
                    //  ----------------------------------
                    //  break;
                    case ENCRYPT_UC :
                        $encrypt_password = md5(md5($password).$encrypt_salt);
                        break;

                    default:
                        $encrypt_password = '';

                }

                if ($row['password'] != $encrypt_password)
                {
                    return 0;
                }

                $sql = "UPDATE " . $this->table($this->user_table) .
                       " SET password = '".  $this->compile_password(array('password'=>$password)) . "', salt=''".
                       " WHERE user_id = '$row[user_id]'";
                $this->db->query($sql);

                return $row['user_id'];
            }
        }
    }
将这段代码修改为: 
    /**
     *  检查指定用户是否存在及密码是否正确(重载基类check_user函数,支持zc加密方法)
     *
     * @access  public
     * @param   string  $username   用户名
     *
     * @return  int
     */
    function check_user($username, $password = null)
    {
        if ($this->charset != 'UTF8')
        {
            $post_username = ecs_iconv('UTF8', $this->charset, $username);
        }
        else
        {
            $post_username = $username;
        }

        if ($password === null)
        {
            $sql = "SELECT " . $this->field_id .
                   " FROM " . $this->table($this->user_table).
                   " WHERE " . $this->field_name . "='" . $post_username . "'";

            return $this->db->getOne($sql);
        }
        else
        {
            $sql = "SELECT user_id, password, salt,ec_salt " .
                   " FROM " . $this->table($this->user_table).
                   " WHERE user_name='$post_username' and state=1"; /* 新注册会员登录审核插件 */
            $row = $this->db->getRow($sql);
			$ec_salt=$row['ec_salt'];
            if (empty($row))
            {
                return 0;
            }

            if (empty($row['salt']))
            {
                if ($row['password'] != $this->compile_password(array('password'=>$password,'ec_salt'=>$ec_salt)))
                {
                    return 0;
                }
                else
                {
					if(empty($ec_salt))
				    {
						$ec_salt=rand(1,9999);
						$new_password=md5(md5($password).$ec_salt);
					    $sql = "UPDATE ".$this->table($this->user_table)."SET password= '" .$new_password."',ec_salt='".$ec_salt."'".
                   " WHERE user_name='$post_username'";
                         $this->db->query($sql);

					}
                    return $row['user_id'];
                }
            }
            else
            {
                /* 如果salt存在,使用salt方式加密验证,验证通过洗白用户密码 */
                $encrypt_type = substr($row['salt'], 0, 1);
                $encrypt_salt = substr($row['salt'], 1);

                /* 计算加密后密码 */
                $encrypt_password = '';
                switch ($encrypt_type)
                {
                    case ENCRYPT_ZC :
                        $encrypt_password = md5($encrypt_salt.$password);
                        break;
                    /* 如果还有其他加密方式添加到这里  */
                    //case other :
                    //  ----------------------------------
                    //  break;
                    case ENCRYPT_UC :
                        $encrypt_password = md5(md5($password).$encrypt_salt);
                        break;

                    default:
                        $encrypt_password = '';

                }

                if ($row['password'] != $encrypt_password)
                {
                    return 0;
                }

                $sql = "UPDATE " . $this->table($this->user_table) .
                       " SET password = '".  $this->compile_password(array('password'=>$password)) . "', salt=''".
                       " WHERE user_id = '$row[user_id]'";
                $this->db->query($sql);

                return $row['user_id'];
            }
        }
    }





Mick_小马哥
关注
专栏目录
ECSHOP会员注册审核
09-02
ECSHOP会员注册审核功能,比网上的插件完整多了,二次开发过的网站可以使用本文档进行修改。
ECSHOP会员注册审核插件会员注册审核登录ECSHOP会员注册审核插件,会员注册审核通过登录
程序发烧猿's Blog
02-21 440
ECSHOP会员注册审核登录插件实现了用户注册是否需要管理员审核的可控制功能!后台开启注册审核,用户注册成功则需要等待管理员审核方可登录成功。
ecshop权限功能
Looking_heaven
06-16 1374
supplier_admin_user表中的action_list 字段保留数据(来源于supplier_admin_action表的action_code字段)对应文字设置在languanges/zh_cn/admin/supplier_priv_aciotn.php  格式 $_LANG['action_code字段名称'] = '****'; 内置了    check_authz_json(...
【原创】ECshop会员添加权限的开发教程
diaobian0896的博客
12-15 242
由于会员管理权限里面就包括会员添加和查看会员列表。但是这次开发需要只有会员添加权限,不允许看到其他会员的任何信息,所以才会有这两天的菜鸟级开发。希望对菜鸟级的人有用,因为在网上搜的帖子很模糊。 ======先转发某人写的权限详细内容========== 一 基础知识 首先我们需要了解以下一些基本的知识: 1.ECshop的所有可用权限列表存储在数据库’ecs_admin_ac...
ecshop会员注册推荐送现金插件
06-18
"ecshop会员注册推荐送现金插件"是针对ECSHOP平台设计的一个功能扩展,它旨在通过激励机制增加用户注册量和用户活跃度。 在电商运营中,推荐系统是一种常见的营销策略,它利用现有用户的社交网络来吸引用户。...
ecshop通用版本第三方登录插件
03-27
而“最ecshop通用版本第三方登录插件”则是针对ECShop的一个扩展功能,使得用户可以通过第三方账号(如QQ、微博)进行快速登录,提升用户体验并增加用户注册的可能性。 1. **第三方登录原理** 第三方登录是通过...
会员插件 for ECSHOP.rar
07-14
**ECSHOP会员插件详解** ECSHOP是一款广泛应用的开源电子商务系统,它为企业和个人提供了构建在线商店的强大工具。"会员插件 for ECSHOP.rar" 是为ECSHOP设计的一个功能扩展,旨在增强其会员管理与营销能力。这...
ecshop会员注册送红包插件 UTF-8
07-27
"ecshop会员注册送红包插件 UTF-8"是针对ECShop系统开发的一个特定功能插件,旨在吸引用户注册并增强用户粘性。这个插件的核心功能是在会员完成注册后,系统会自动赠送红包给用户,作为一种促销手段,鼓励用户...
ecshop 后台 审核功能
weixin_34071713的博客
04-29 299
有三个关键文件 html文件&lt;img src="images/{if $vo.is_check}yes{else}no{/if}.gif" onclick="listTable.toggle(this, 'is_check', {$vo.id})" /&gt; listtable.js的listTable.toggle(传递值只能是0或者11) /** * 切换状态 */ ...
公式多重筛选—内存数组的使用
01-17
在EXCEL中,要用公式实现多重条件筛选是较困难的事,本示例是结合内存数组的使用,实现了轻松筛选,当然对VBA高手来说,运用VBA+SQL语句可能更容易一些,不过达不到动态的显示效果
ECSHOP批量扩展分类功能插件
04-29
ECSHOP批量扩展分类剩去你的一个一个去分类的痛苦。简单实用。特别是早起建站人员必备插件
ecshop用户登录支持手机&邮箱
08-29
直接将本文件替换掉ecshop根目录下的文件即可。 替换后可以实现用户直接使用手机号或者Email地址登录,前提是有在会员资料内填写手机号。适用版本2.7.3,其他版本不敢保证。
仿京东的多条件筛选的实现(php)
12-15
仿京东的多条件筛选的实现,可以实现 按品牌,价格,颜色 等组合条件筛选信息
ecshop会员插件
11-10
ecshop 插,用于会员卡积分卡应用,简介易用,有详细说明
ecshop用户注册如何去掉邮箱
zhjian6的专栏
03-12 6825
这个是“如何将会员注册页的E-MAIL由必填项改为非必填项”的操作方法,您可以稍微借鉴一下。 以下修改是 ECSHOP2.7.1版 官方默认模板基础上做的修改,其他版本或其他模板,大同小异。 1、 打开 user_passport.dwt 文件 将 onblur="checkEmail(this.value);" 删除 并将 * 也删除 2、 打开 js/user.js 文件,找到 reg
ecshop 会员登录注册业务逻辑实现
鸟叔
11-04 2933
一、登录 function login($username, $password, $remember = null) { if ($this->check_user($username, $password) > 0) { if ($this->need_sync) {
数组多重筛选条件排序方法
baidu_29983639的博客
02-19 1013
arr-sort 根据一个或者多个属性对数组进行排序,支持嵌套的属性。而且可以在每个条件中指定排序的方向,并支持传入比较函数。 安装 采用 npm 安装: $ npm install --save arr-sort 采用 yarn 安装: $ yarn add arr-sort 用法 通过给定的对象属性进行排序: var arrSort = ...
ecshop的数据库getRow、getAll、getOne区别
weixin_34362875的博客
11-06 178
ECShop没有使用一些开源的数据库操作类,比如adodb或者PEAR,而是封装了自己的实现。这样做的好处是实现非常轻量,大大减小了分发包的文件大小。另外,当网站需要做memcached缓存时,也可以很方便的实现。当然,这样做的后果就是数据库的选择非常狭窄,无法实现其它的非MySQL数据库。 ECShop的数据操作类文件是includes/cls_mysql.php,类名是cls_mysql。 ...
ECSHOP增强会员注册审核功能:添加用户状态字段
ECSHOP系统中,会员注册审核功能是一项关键操作,它涉及到用户数据的管理和...ECSHOP会员注册审核功能的这一调整旨在提供更加完善的用户管理功能,确保数据完整性和安全性,有助于提升平台的运营效率和用户信任度。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值