<?php
/**
* 会员前台管理中心、账号管理、收藏操作类
*/
defined('IN_PHPCMS') or exit('No permission resources.');
pc_base::load_app_class('foreground');//index控制器extends此类文件
pc_base::load_sys_class('format', '', 0);
pc_base::load_sys_class('form', '', 0);//表单生成类
class index extends foreground {
private $times_db;//主要用来操作会员登录错误次数表:v9_times
function __construct() {
parent::__construct();
//如:Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20100101 Firefox/15.0.1
$this->http_user_agent = $_SERVER['HTTP_USER_AGENT'];
}
//会员中心首页
public function init() {//会员登录成功后才会进入init方法,就member的会员管理中心的默认页面为init所对应的页面
$memberinfo = $this->memberinfo;//会员信息:来自于phpcms/modules/member/classes/foreground.class.php文件
//初始化phpsso,主要用来返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'
$phpsso_api_url = $this->_init_phpsso();
//获取头像数组
$avatar = $this->client->ps_getavatar($this->memberinfo['phpssouid']);
//会员组信息
$grouplist = getcache('grouplist');
//会员组名称
$memberinfo['groupname'] = $grouplist[$memberinfo[groupid]]['name'];
//会员中心首页
include template('member', 'index');
}
public function register() {
//初始化session,加载session_mysql.class.php文件,默认情况下会初始化一个实例
$this->_session_start();
//加载用户模块配置,如:注册协议等,对应 【后台】-》【用户】-》【会员模块配置】的设置
$member_setting = getcache('member_setting');
if(!$member_setting['allowregister']) {//是否允许注册
//返回禁止注册的提示信息
showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login');
}
//获取用户siteid
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
//定义站点id常量
if (!defined('SITEID')) {
define('SITEID', $siteid);
}
header("Cache-control: private");
//点击【注册】按钮
if(isset($_POST['dosubmit'])) {
if (empty($_SESSION['connectid']) && $_SESSION['code'] != strtolower($_POST['code'])) {
showmessage(L('code_error'));
}
//注册信息
$userinfo = array();
//生成一个随机字符串
$userinfo['encrypt'] = create_randomstr(6);
//用户名
$userinfo['username'] = (isset($_POST['username']) && is_username($_POST['username'])) ? $_POST['username'] : exit('0');
//昵称
$userinfo['nickname'] = (isset($_POST['nickname']) && is_username($_POST['nickname'])) ? $_POST['nickname'] : '';
//email
$userinfo['email'] = (isset($_POST['email']) && is_email($_POST['email'])) ? $_POST['email'] : exit('0');
//密码
$userinfo['password'] = isset($_POST['password']) ? $_POST['password'] : exit('0');
$userinfo['email'] = (isset($_POST['email']) && is_email($_POST['email'])) ? $_POST['email'] : exit('0');
//会员模型id,会存储在v9_model模型表中
$userinfo['modelid'] = isset($_POST['modelid']) ? intval($_POST['modelid']) : 10;
//注册ip
$userinfo['regip'] = ip();
//默认积分
$userinfo['point'] = $member_setting['defualtpoint'] ? $member_setting['defualtpoint'] : 0;
//默认金钱总额
$userinfo['amount'] = $member_setting['defualtamount'] ? $member_setting['defualtamount'] : 0;
//注册时间
$userinfo['regdate'] = $userinfo['lastdate'] = SYS_TIME;
//站点
$userinfo['siteid'] = $siteid;
$userinfo['connectid'] = isset($_SESSION['connectid']) ? $_SESSION['connectid'] : '';
$userinfo['from'] = isset($_SESSION['from']) ? $_SESSION['from'] : '';
unset($_SESSION['connectid'], $_SESSION['from']);
if($member_setting['enablemailcheck']) { //是否需要邮件验证
$userinfo['groupid'] = 7; //邮件认证用户组
} elseif($member_setting['registerverify']) { //是否需要管理员审核,默认为否
$userinfo['modelinfo'] = isset($_POST['info']) ? array2string($_POST['info']) : '';
$this->verify_db = pc_base::load_model('member_verify_model');
unset($userinfo['lastdate'],$userinfo['connectid'],$userinfo['from']);
$this->verify_db->insert($userinfo);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=register&t=3');
} else {
//查看当前模型是否开启了短信验证功能,加载:model_field_10.cache.php会员模型缓存文件
$model_field_cache = getcache('model_field_'.$userinfo['modelid'],'model');
//手机号,默认是不存在的
if(isset($model_field_cache['mobile']) && $model_field_cache['mobile']['disabled']==0) {
$mobile = $_POST['info']['mobile'];
if(!preg_match('/^1([0-9]{10})/',$mobile)) showmessage(L('input_right_mobile'));
$sms_report_db = pc_base::load_model('sms_report_model');
$posttime = SYS_TIME-300;
$where = "`mobile`='$mobile' AND `posttime`>'$posttime'";
$r = $sms_report_db->get_one($where);
if(!$r || $r['id_code']!=$_POST['mobile_verify']) showmessage(L('error_sms_code'));
}
//会员组
$userinfo['groupid'] = $this->_get_usergroup_bypoint($userinfo['point']);
}
//使用phpsso的情况
if(pc_base::load_config('system', 'phpsso')) {
//主要用来返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'
$this->_init_phpsso();
//同步注册,如果注册成功,返回会员id
$status = $this->client->ps_member_register($userinfo['username'], $userinfo['password'], $userinfo['email'], $userinfo['regip'], $userinfo['encrypt']);
if($status > 0) {
$userinfo['phpssouid'] = $status;//会员id
//传入phpsso为明文密码,加密后存入phpcms_v9
$password = $userinfo['password'];//密码
//password函数:return $pwd['password'] = md5(md5(trim($password)).$pwd['encrypt']);
//数据库中会员密码的组成:两次md5加密+随即字符串
$userinfo['password'] = password($userinfo['password'], $userinfo['encrypt']);
$userid = $this->db->insert($userinfo, 1);//插入v9_member会员表信息
if($member_setting['choosemodel']) { //如果开启注册时选择模型
//通过模型获取会员信息
//$model_cache = getcache('member_model', 'commons');//获取member_model.cache.php会员模型缓存文件
//$this->db->table_name = $this->db_pre.$model_cache[$this->modelid]['tablename'];//会员模型字段表:v9_member_detail
require_once CACHE_MODEL_PATH.'member_input.class.php';
require_once CACHE_MODEL_PATH.'member_update.class.php';
$member_input = new member_input($userinfo['modelid']);//默认情况下会员模型id为10
$user_model_info = $member_input->get($_POST['info']);//模型字段的值一般都放在info数组中
$user_model_info['userid'] = $userid;
//插入会员模型数据
$this->db->set_model($userinfo['modelid']);
$this->db->insert($user_model_info);//插入会员模型表:v9_member_detail数据
}
if($userid > 0) {
//执行登陆操作
if(!$cookietime) $get_cookietime = param::get_cookie('cookietime');//是否保存登录信息
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
//邮件认证用户组
if($userinfo['groupid'] == 7) {
//设置cookie信息
param::set_cookie('_username', $userinfo['username'], $cookietime);
param::set_cookie('email', $userinfo['email'], $cookietime);
} else {
//设置cookie信息
//'auth_key' => '4s0f9TsT8Y2sHEXMrqnB', //密钥
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$phpcms_auth = sys_auth($userid."\t".$userinfo['password'], 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $userinfo['username'], $cookietime);
param::set_cookie('_nickname', $userinfo['nickname'], $cookietime);
param::set_cookie('_groupid', $userinfo['groupid'], $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
}
}
//如果需要邮箱认证
if($member_setting['enablemailcheck']) {
pc_base::load_sys_func('mail');
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key'));
$code = sys_auth($userid.'|'.$phpcms_auth_key, 'ENCODE', $phpcms_auth_key);
$url = APP_PATH."index.php?m=member&c=index&a=register&code=$code&verify=1";
$message = $member_setting['registerverifymessage'];
$message = str_replace(array('{click}','{url}','{username}','{email}','{password}'), array('<a href="'.$url.'">'.L('please_click').'</a>',$url,$userinfo['username'],$userinfo['email'],$password), $message);
sendmail($userinfo['email'], L('reg_verify_email'), $message);
//设置当前注册账号COOKIE,为第二步重发邮件所用
param::set_cookie('_regusername', $userinfo['username'], $cookietime);
param::set_cookie('_reguserid', $userid, $cookietime);
param::set_cookie('_reguseruid', $userinfo['phpssouid'], $cookietime);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=register&t=2');
} else {
//如果不需要邮箱认证、直接登录其他应用
$synloginstr = $this->client->ps_member_synlogin($userinfo['phpssouid']);
//操作成功提示信息
showmessage(L('operation_success').$synloginstr, 'index.php?m=member&c=index&a=init');
}
}
} else {//不使用phpsso的情况
showmessage(L('enable_register').L('enable_phpsso'), 'index.php?m=member&c=index&a=login');
}
//操作失败的提示信息
showmessage(L('operation_failure'), HTTP_REFERER);
//注册完毕
} else {
if(!pc_base::load_config('system', 'phpsso')) {
showmessage(L('enable_register').L('enable_phpsso'), 'index.php?m=member&c=index&a=login');
}
if(!empty($_GET['verify'])) {
$code = isset($_GET['code']) ? trim($_GET['code']) : showmessage(L('operation_failure'), 'index.php?m=member&c=index');
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key'));
$code_res = sys_auth($code, 'DECODE', $phpcms_auth_key);
$code_arr = explode('|', $code_res);
$userid = isset($code_arr[0]) ? $code_arr[0] : '';
$userid = is_numeric($userid) ? $userid : showmessage(L('operation_failure'), 'index.php?m=member&c=index');
$this->db->update(array('groupid'=>$this->_get_usergroup_bypoint()), array('userid'=>$userid));
showmessage(L('operation_success'), 'index.php?m=member&c=index');
} elseif(!empty($_GET['protocol'])) {
//协议页面
include template('member', 'protocol');
} else {
//过滤非当前站点会员模型
$modellist = getcache('member_model', 'commons');
foreach($modellist as $k=>$v) {
if($v['siteid']!=$siteid || $v['disabled']) {
unset($modellist[$k]);
}
}
if(empty($modellist)) {//当前站点下所有的会员模型
//当前站点不存在会员模型的提示信息
showmessage(L('site_have_no_model').L('deny_register'), HTTP_REFERER);
}
//是否开启选择会员模型选项
if($member_setting['choosemodel']) {
$first_model = array_pop(array_reverse($modellist));
$modelid = isset($_GET['modelid']) && in_array($_GET['modelid'], array_keys($modellist)) ? intval($_GET['modelid']) : $first_model['modelid'];
if(array_key_exists($modelid, $modellist)) {
//获取会员模型表单
require CACHE_MODEL_PATH.'member_form.class.php';
$member_form = new member_form($modelid);
$this->db->set_model($modelid);
$forminfos = $forminfos_arr = $member_form->get();
//万能字段过滤
foreach($forminfos as $field=>$info) {
if($info['isomnipotent']) {
unset($forminfos[$field]);
} else {
if($info['formtype']=='omnipotent') {
foreach($forminfos_arr as $_fm=>$_fm_value) {
if($_fm_value['isomnipotent']) {
$info['form'] = str_replace('{'.$_fm.'}',$_fm_value['form'], $info['form']);
}
}
$forminfos[$field]['form'] = $info['form'];
}
}
}
$formValidator = $member_form->formValidator;
}
}
$description = $modellist[$modelid]['description'];
//注册页面
include template('member', 'register');
}
}//注册页面结束
}
/*
* 测试邮件配置
*/
public function send_newmail() {
$_username = param::get_cookie('_regusername');
$_userid = param::get_cookie('_reguserid');
$_ssouid = param::get_cookie('_reguseruid');
$newemail = $_GET['newemail'];
if($newemail==''){//邮箱为空,直接返回错误
return '2';
}
$this->_init_phpsso();
$status = $this->client->ps_checkemail($newemail);
if($status=='-5'){//邮箱被占用
exit('-1');
}
if ($status==-1) {
$status = $this->client->ps_get_member_info($newemail, 3);
if($status) {
$status = unserialize($status); //接口返回序列化,进行判断
if (!isset($status['uid']) || $status['uid'] != intval($_ssouid)) {
exit('-1');
}
} else {
exit('-1');
}
}
//验证邮箱格式
pc_base::load_sys_func('mail');
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key'));
$code = sys_auth($_userid.'|'.$phpcms_auth_key, 'ENCODE', $phpcms_auth_key);
$url = APP_PATH."index.php?m=member&c=index&a=register&code=$code&verify=1";
//读取配置获取验证信息
$member_setting = getcache('member_setting');
$message = $member_setting['registerverifymessage'];
$message = str_replace(array('{click}','{url}','{username}','{email}','{password}'), array('<a href="'.$url.'">'.L('please_click').'</a>',$url,$_username,$newemail,$password), $message);
if(sendmail($newemail, L('reg_verify_email'), $message)){
//更新新的邮箱,用来验证
$this->db->update(array('email'=>$newemail), array('userid'=>$_userid));
$this->client->ps_member_edit($_username, $newemail, '', '', $_ssouid);
$return = '1';
}else{
$return = '2';
}
echo $return;
}
public function account_manage() {
$memberinfo = $this->memberinfo;
//初始化phpsso
$phpsso_api_url = $this->_init_phpsso();
//获取头像数组
$avatar = $this->client->ps_getavatar($this->memberinfo['phpssouid']);
$grouplist = getcache('grouplist');
$member_model = getcache('member_model', 'commons');
//获取用户模型数据
$this->db->set_model($this->memberinfo['modelid']);
$member_modelinfo_arr = $this->db->get_one(array('userid'=>$this->memberinfo['userid']));
$model_info = getcache('model_field_'.$this->memberinfo['modelid'], 'model');
foreach($model_info as $k=>$v) {
if($v['formtype'] == 'omnipotent') continue;
if($v['formtype'] == 'image') {
$member_modelinfo[$v['name']] = "<a href='$member_modelinfo_arr[$k]' target='_blank'><img src='$member_modelinfo_arr[$k]' height='40' widht='40' οnerrοr=\"this.src='$phpsso_api_url/statics/images/member/nophoto.gif'\"></a>";
} elseif($v['formtype'] == 'datetime' && $v['fieldtype'] == 'int') { //如果为日期字段
$member_modelinfo[$v['name']] = format::date($member_modelinfo_arr[$k], $v['format'] == 'Y-m-d H:i:s' ? 1 : 0);
} elseif($v['formtype'] == 'images') {
$tmp = string2array($member_modelinfo_arr[$k]);
$member_modelinfo[$v['name']] = '';
if(is_array($tmp)) {
foreach ($tmp as $tv) {
$member_modelinfo[$v['name']] .= " <a href='$tv[url]' target='_blank'><img src='$tv[url]' height='40' widht='40' οnerrοr=\"this.src='$phpsso_api_url/statics/images/member/nophoto.gif'\"></a>";
}
unset($tmp);
}
} elseif($v['formtype'] == 'box') { //box字段,获取字段名称和值的数组
$tmp = explode("\n",$v['options']);
if(is_array($tmp)) {
foreach($tmp as $boxv) {
$box_tmp_arr = explode('|', trim($boxv));
if(is_array($box_tmp_arr) && isset($box_tmp_arr[1]) && isset($box_tmp_arr[0])) {
$box_tmp[$box_tmp_arr[1]] = $box_tmp_arr[0];
$tmp_key = intval($member_modelinfo_arr[$k]);
}
}
}
if(isset($box_tmp[$tmp_key])) {
$member_modelinfo[$v['name']] = $box_tmp[$tmp_key];
} else {
$member_modelinfo[$v['name']] = $member_modelinfo_arr[$k];
}
unset($tmp, $tmp_key, $box_tmp, $box_tmp_arr);
} elseif($v['formtype'] == 'linkage') { //如果为联动菜单
$tmp = string2array($v['setting']);
$tmpid = $tmp['linkageid'];
$linkagelist = getcache($tmpid, 'linkage');
$fullname = $this->_get_linkage_fullname($member_modelinfo_arr[$k], $linkagelist);
$member_modelinfo[$v['name']] = substr($fullname, 0, -1);
unset($tmp, $tmpid, $linkagelist, $fullname);
} else {
$member_modelinfo[$v['name']] = $member_modelinfo_arr[$k];
}
}
include template('member', 'account_manage');
}
public function account_manage_avatar() {
$memberinfo = $this->memberinfo;
//初始化phpsso
$phpsso_api_url = $this->_init_phpsso();
$ps_auth_key = pc_base::load_config('system', 'phpsso_auth_key');
$auth_data = $this->client->auth_data(array('uid'=>$this->memberinfo['phpssouid'], 'ps_auth_key'=>$ps_auth_key), '', $ps_auth_key);
$upurl = base64_encode($phpsso_api_url.'/index.php?m=phpsso&c=index&a=uploadavatar&auth_data='.$auth_data);
//获取头像数组
$avatar = $this->client->ps_getavatar($this->memberinfo['phpssouid']);
include template('member', 'account_manage_avatar');
}
public function account_manage_security() {
$memberinfo = $this->memberinfo;
include template('member', 'account_manage_security');
}
public function account_manage_info() {
if(isset($_POST['dosubmit'])) {
//更新用户昵称
$nickname = isset($_POST['nickname']) && trim($_POST['nickname']) ? trim($_POST['nickname']) : '';
if($nickname) {
$this->db->update(array('nickname'=>$nickname), array('userid'=>$this->memberinfo['userid']));
if(!isset($cookietime)) {
$get_cookietime = param::get_cookie('cookietime');
}
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
param::set_cookie('_nickname', $nickname, $cookietime);
}
require_once CACHE_MODEL_PATH.'member_input.class.php';
require_once CACHE_MODEL_PATH.'member_update.class.php';
$member_input = new member_input($this->memberinfo['modelid']);
$modelinfo = $member_input->get($_POST['info']);
$this->db->set_model($this->memberinfo['modelid']);
$membermodelinfo = $this->db->get_one(array('userid'=>$this->memberinfo['userid']));
if(!empty($membermodelinfo)) {
$this->db->update($modelinfo, array('userid'=>$this->memberinfo['userid']));
} else {
$modelinfo['userid'] = $this->memberinfo['userid'];
$this->db->insert($modelinfo);
}
showmessage(L('operation_success'), HTTP_REFERER);
} else {
$memberinfo = $this->memberinfo;
//获取会员模型表单
require CACHE_MODEL_PATH.'member_form.class.php';
$member_form = new member_form($this->memberinfo['modelid']);
$this->db->set_model($this->memberinfo['modelid']);
$membermodelinfo = $this->db->get_one(array('userid'=>$this->memberinfo['userid']));
$forminfos = $forminfos_arr = $member_form->get($membermodelinfo);
//万能字段过滤
foreach($forminfos as $field=>$info) {
if($info['isomnipotent']) {
unset($forminfos[$field]);
} else {
if($info['formtype']=='omnipotent') {
foreach($forminfos_arr as $_fm=>$_fm_value) {
if($_fm_value['isomnipotent']) {
$info['form'] = str_replace('{'.$_fm.'}',$_fm_value['form'], $info['form']);
}
}
$forminfos[$field]['form'] = $info['form'];
}
}
}
$formValidator = $member_form->formValidator;
include template('member', 'account_manage_info');
}
}
public function account_manage_password() {
if(isset($_POST['dosubmit'])) {
if(!is_password($_POST['info']['password'])) {
showmessage(L('password_format_incorrect'), HTTP_REFERER);
}
if($this->memberinfo['password'] != password($_POST['info']['password'], $this->memberinfo['encrypt'])) {
showmessage(L('old_password_incorrect'), HTTP_REFERER);
}
//修改会员邮箱
if($this->memberinfo['email'] != $_POST['info']['email'] && is_email($_POST['info']['email'])) {
$email = $_POST['info']['email'];
$updateinfo['email'] = $_POST['info']['email'];
} else {
$email = '';
}
$newpassword = password($_POST['info']['newpassword'], $this->memberinfo['encrypt']);
$updateinfo['password'] = $newpassword;
$this->db->update($updateinfo, array('userid'=>$this->memberinfo['userid']));
if(pc_base::load_config('system', 'phpsso')) {
//初始化phpsso
$this->_init_phpsso();
$res = $this->client->ps_member_edit('', $email, $_POST['info']['password'], $_POST['info']['newpassword'], $this->memberinfo['phpssouid'], $this->memberinfo['encrypt']);
}
showmessage(L('operation_success'), HTTP_REFERER);
} else {
$show_validator = true;
$memberinfo = $this->memberinfo;
include template('member', 'account_manage_password');
}
}
public function account_manage_upgrade() {
$memberinfo = $this->memberinfo;
$grouplist = getcache('grouplist');
if(empty($grouplist[$memberinfo['groupid']]['allowupgrade'])) {
showmessage(L('deny_upgrade'), HTTP_REFERER);
}
if(isset($_POST['upgrade_type']) && intval($_POST['upgrade_type']) < 0) {
showmessage(L('operation_failure'), HTTP_REFERER);
}
if(isset($_POST['upgrade_date']) && intval($_POST['upgrade_date']) < 0) {
showmessage(L('operation_failure'), HTTP_REFERER);
}
if(isset($_POST['dosubmit'])) {
$groupid = isset($_POST['groupid']) ? intval($_POST['groupid']) : showmessage(L('operation_failure'), HTTP_REFERER);
$upgrade_type = isset($_POST['upgrade_type']) ? intval($_POST['upgrade_type']) : showmessage(L('operation_failure'), HTTP_REFERER);
$upgrade_date = !empty($_POST['upgrade_date']) ? intval($_POST['upgrade_date']) : showmessage(L('operation_failure'), HTTP_REFERER);
//消费类型,包年、包月、包日,价格
$typearr = array($grouplist[$groupid]['price_y'], $grouplist[$groupid]['price_m'], $grouplist[$groupid]['price_d']);
//消费类型,包年、包月、包日,时间
$typedatearr = array('366', '31', '1');
//消费的价格
$cost = $typearr[$upgrade_type]*$upgrade_date;
//购买时间
$buydate = $typedatearr[$upgrade_type]*$upgrade_date*86400;
$overduedate = $memberinfo['overduedate'] > SYS_TIME ? ($memberinfo['overduedate']+$buydate) : (SYS_TIME+$buydate);
if($memberinfo['amount'] >= $cost) {
$this->db->update(array('groupid'=>$groupid, 'overduedate'=>$overduedate, 'vip'=>1), array('userid'=>$memberinfo['userid']));
//消费记录
pc_base::load_app_class('spend','pay',0);
spend::amount($cost, L('allowupgrade'), $memberinfo['userid'], $memberinfo['username']);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=init');
} else {
showmessage(L('operation_failure'), HTTP_REFERER);
}
} else {
$groupid = isset($_GET['groupid']) ? intval($_GET['groupid']) : '';
//初始化phpsso
$phpsso_api_url = $this->_init_phpsso();
//获取头像数组
$avatar = $this->client->ps_getavatar($this->memberinfo['phpssouid']);
$memberinfo['groupname'] = $grouplist[$memberinfo[groupid]]['name'];
$memberinfo['grouppoint'] = $grouplist[$memberinfo[groupid]]['point'];
unset($grouplist[$memberinfo['groupid']]);
include template('member', 'account_manage_upgrade');
}
}
//登录
public function login() {
//主要用来获取一个session_mysql.class.php类库文件中session_mysql类的一个实例化对象
$this->_session_start();
//获取用户siteid
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
//定义站点id常量
if (!defined('SITEID')) {
define('SITEID', $siteid);
}
//点击了【登录】按钮
if(isset($_POST['dosubmit'])) {
if(empty($_SESSION['connectid'])) {
//判断验证码
if(!isset($_POST['checkcode']) && $_POST['checkcode'] != 0){//此行代码由weiyanhui添加
$code = isset($_POST['code']) && trim($_POST['code']) ? trim($_POST['code']) : showmessage(L('input_code'), HTTP_REFERER);
if ($_SESSION['code'] != strtolower($code)) {
showmessage(L('code_error'), HTTP_REFERER);
}
}
}
//用户名
$username = isset($_POST['username']) && trim($_POST['username']) ? trim($_POST['username']) : showmessage(L('username_empty'), HTTP_REFERER);
//密码
$password = isset($_POST['password']) && trim($_POST['password']) ? trim($_POST['password']) : showmessage(L('password_empty'), HTTP_REFERER);
//cookie:<input type="checkbox" name="cookietime" value="2592000" id="cookietime"> 记住用户名
$cookietime = intval($_POST['cookietime']);//是否记住用户名
//同步登录字符串
$synloginstr = ''; //同步登陆js代码
//phpsso登录
if(pc_base::load_config('system', 'phpsso')) {
//主要用来返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'
$this->_init_phpsso();
//返回序列化后的会员信息
$status = $this->client->ps_member_login($username, $password);
//将序列化的会员信息反序列化
$memberinfo = unserialize($status);
//会员id
if(isset($memberinfo['uid'])) {
//查询帐号,phpssouid为v9_member表中字段,代表会员id
//登录过程:第一步-先从phpsso中返回会员信息 第二步:再根据从phpsso中返回的会员信息(如,uid)作为条件查询本应用的会员表
$r = $this->db->get_one(array('phpssouid'=>$memberinfo['uid']));
if(!$r) {//如果phpsso中会员表中有当前登录会员信息,而本应用的v9_member表中没有当前登录会员信息,则重新插入v9_member表会员信息
//插入会员详细信息,会员不存在 插入会员
$info = array(//对应v9_member会员表字段信息
'phpssouid'=>$memberinfo['uid'],
'username'=>$memberinfo['username'],
'password'=>$memberinfo['password'],
'encrypt'=>$memberinfo['random'],
'email'=>$memberinfo['email'],
'regip'=>$memberinfo['regip'],
'regdate'=>$memberinfo['regdate'],
'lastip'=>$memberinfo['lastip'],
'lastdate'=>$memberinfo['lastdate'],
'groupid'=>$this->_get_usergroup_bypoint(), //会员默认组
'modelid'=>10, //普通会员
);
//如果是connect用户
if(!empty($_SESSION['connectid'])) {
$userinfo['connectid'] = $_SESSION['connectid'];
}
if(!empty($_SESSION['from'])) {
$userinfo['from'] = $_SESSION['from'];
}
unset($_SESSION['connectid'], $_SESSION['from']);
//插入v9_member会员表信息
$this->db->insert($info);
unset($info);
//获取当前登录会员信息
$r = $this->db->get_one(array('phpssouid'=>$memberinfo['uid']));
}
//v9_member表中用户密码
$password = $r['password'];
//返回用户同步登录的js
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
} else {//如果会员id没有被设置
if($status == -1) { //用户不存在
showmessage(L('user_not_exist'), 'index.php?m=member&c=index&a=login');
} elseif($status == -2) { //密码错误
showmessage(L('password_error'), 'index.php?m=member&c=index&a=login');
} else {//登录失败
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
}
//phpsso登录结束
} else {//如果不使用phpsso
//密码错误剩余重试次数
$this->times_db = pc_base::load_model('times_model');//v9_times表:记录登录次数的表
$rtime = $this->times_db->get_one(array('username'=>$username));//通过username获取用户登录错误次数信息
if($rtime['times'] > 4) {//如果登录错误次数大于4
$minute = 60 - floor((SYS_TIME - $rtime['logintime']) / 60);
showmessage(L('wait_1_hour', array('minute'=>$minute)));//登录错误次数大于4,请1小时后重新登录
}
//查询帐号,v9_member
$r = $this->db->get_one(array('username'=>$username));
//会员账号不存在,返回登录页面
if(!$r) showmessage(L('user_not_exist'),'index.php?m=member&c=index&a=login');
//验证用户密码,用户密码的组成:两次md5加密+随机码
$password = md5(md5(trim($password)).$r['encrypt']);
if($r['password'] != $password) {
$ip = ip();//获取请求的IP
if($rtime && $rtime['times'] < 5) {//如果登录错误次数小于5次
$times = 5 - intval($rtime['times']);
$this->times_db->update(array('ip'=>$ip, 'times'=>'+=1'), array('username'=>$username));
} else {//如果登录错误次数大于等于5次
$this->times_db->insert(array('username'=>$username, 'ip'=>$ip, 'logintime'=>SYS_TIME, 'times'=>1));
$times = 5;
}
//密码错误提示信息
showmessage(L('password_error', array('times'=>$times)), 'index.php?m=member&c=index&a=login', 3000);
}
//如果输入密码正确,则将当前会员登录错误次数的记录删除
$this->times_db->delete(array('username'=>$username));
}//非phpsso登录结束
//如果用户被锁定
if($r['islock']) {
showmessage(L('user_is_lock'));
}
$userid = $r['userid'];//会员id
$groupid = $r['groupid'];//会员组id
$username = $r['username'];//会员用户名
$nickname = empty($r['nickname']) ? $username : $r['nickname'];//会员昵称
$updatearr = array('lastip'=>ip(), 'lastdate'=>SYS_TIME);
//vip过期,更新vip和会员组
if($r['overduedate'] < SYS_TIME) {
$updatearr['vip'] = 0;//vip信息需要更新了
}
//检查用户积分,更新新用户组,除去邮箱认证、禁止访问、游客组用户、vip用户,如果该用户组不允许自助升级则不进行该操作
if($r['point'] >= 0 && !in_array($r['groupid'], array('1', '7', '8')) && empty($r[vip])) {
$grouplist = getcache('grouplist');//获取会员组缓存文件:缓存了所有会员组的详细配置信息
if(!empty($grouplist[$r['groupid']]['allowupgrade'])) {//如果当前会员所在会员组不允许自主升级的话
$check_groupid = $this->_get_usergroup_bypoint($r['point']);//则根据积分算出用户组
//如果根据积分算出来的会员组与会员表中当前会员组不相等,说明该升级了
if($check_groupid != $r['groupid']) {
$updatearr['groupid'] = $groupid = $check_groupid;//会员组信息需要更新了
}
}
}
//如果是connect用户
if(!empty($_SESSION['connectid'])) {
$updatearr['connectid'] = $_SESSION['connectid'];//外部通行证
}
if(!empty($_SESSION['from'])) {
$updatearr['from'] = $_SESSION['from'];
}
unset($_SESSION['connectid'], $_SESSION['from']);
//更新v9_member用户会员表信息
$this->db->update($updatearr, array('userid'=>$userid));
if(!isset($cookietime)) {//是否记住用户名
$get_cookietime = param::get_cookie('cookietime');
}
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? SYS_TIME + $_cookietime : 0;//保存时间
//'auth_key' => '4s0f9TsT8Y2sHEXMrqnB', //密钥
//'phpsso_auth_key' => 'M11tXxlhKEceB4tYeGYZnWwoTgQP7BA4', //phpsso加密密钥
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$phpcms_auth = sys_auth($userid."\t".$password, 'ENCODE', $phpcms_auth_key);
//登录后将信息放入cookie
param::set_cookie('auth', $phpcms_auth, $cookietime);//auth放入cookie
param::set_cookie('_userid', $userid, $cookietime);//会员id放入cookie
param::set_cookie('_username', $username, $cookietime);//会员名放入cookie
param::set_cookie('_groupid', $groupid, $cookietime);//会员组id放入cookie
param::set_cookie('_nickname', $nickname, $cookietime);//会员昵称放入cookie
//param::set_cookie('cookietime', $_cookietime, $cookietime);
//登录成功后跳转页面:<input type="hidden" name="forward" id="forward" value="http%3A%2F%2Fzhencms.com%2Findex.php%3Fm%3Dmember%26c%3Dindex">
//value="http%3A%2F%2Fzhencms.com%2Findex.php%3Fm%3Dmember%26c%3Dindex"为urlencode()后的结果,所以需要将其解码
$forward = isset($_POST['forward']) && !empty($_POST['forward']) ? urldecode($_POST['forward']) : 'index.php?m=member&c=index';
showmessage(L('login_success').$synloginstr, $forward);//登录成功提示信息[phpsso登录或非phpsso登录]
} else {//如果没有 点击 【登录】按钮,则显示登录页面
$setting = pc_base::load_config('system');
//获取登录后要跳转的页面,赋值给前台模板
$forward = isset($_GET['forward']) && trim($_GET['forward']) ? urlencode($_GET['forward']) : '';
//站点id
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
//站点信息
$siteinfo = siteinfo($siteid);
//登录页面
include template('member', 'login');
}
}
//退出登录
public function logout() {
$setting = pc_base::load_config('system');
//snda退出,是否开启盛大通行证
if($setting['snda_enable'] && param::get_cookie('_from')=='snda') {
param::set_cookie('_from', '');
$forward = isset($_GET['forward']) && trim($_GET['forward']) ? urlencode($_GET['forward']) : '';
$logouturl = 'https://cas.sdo.com/cas/logout?url='.urlencode(APP_PATH.'index.php?m=member&c=index&a=logout&forward='.$forward);
header('Location: '.$logouturl);
} else {
$synlogoutstr = ''; //同步退出js代码
if(pc_base::load_config('system', 'phpsso')) {
$this->_init_phpsso();//主要用来返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'
//http://zhencms.com/phpsso_server/index.php?m=phpsso&c=index&a=logout
$synlogoutstr = $this->client->ps_member_synlogout();//返回退出字符串
}
param::set_cookie('auth', '');//将auth设置为失效
param::set_cookie('_userid', '');//将_userid设置为失效
param::set_cookie('_username', '');//将_username设置为失效
param::set_cookie('_groupid', '');//将_groupid设置为失效
param::set_cookie('_nickname', '');//将_nickname设置为失效
param::set_cookie('cookietime', '');//将cookietime设置为失效
//退出后返回的页面
$forward = isset($_GET['forward']) && trim($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index&a=login';
//退出的提示信息
showmessage(L('logout_success').$synlogoutstr, $forward);
}
}
/**
* 我的收藏
*
*/
public function favorite() {
$this->favorite_db = pc_base::load_model('favorite_model');
$memberinfo = $this->memberinfo;
if(isset($_GET['id']) && trim($_GET['id'])) {
$this->favorite_db->delete(array('userid'=>$memberinfo['userid'], 'id'=>intval($_GET['id'])));
showmessage(L('operation_success'), HTTP_REFERER);
} else {
$page = isset($_GET['page']) && trim($_GET['page']) ? intval($_GET['page']) : 1;
$favoritelist = $this->favorite_db->listinfo(array('userid'=>$memberinfo['userid']), 'id DESC', $page, 10);
$pages = $this->favorite_db->pages;
include template('member', 'favorite_list');
}
}
/**
* 我的好友
*/
public function friend() {
$memberinfo = $this->memberinfo;
$this->friend_db = pc_base::load_model('friend_model');
if(isset($_GET['friendid'])) {
$this->friend_db->delete(array('userid'=>$memberinfo['userid'], 'friendid'=>intval($_GET['friendid'])));
showmessage(L('operation_success'), HTTP_REFERER);
} else {
//初始化phpsso
$phpsso_api_url = $this->_init_phpsso();
//我的好友列表userid
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$friendids = $this->friend_db->listinfo(array('userid'=>$memberinfo['userid']), '', $page, 10);
$pages = $this->friend_db->pages;
foreach($friendids as $k=>$v) {
$friendlist[$k]['friendid'] = $v['friendid'];
$friendlist[$k]['avatar'] = $this->client->ps_getavatar($v['phpssouid']);
$friendlist[$k]['is'] = $v['is'];
}
include template('member', 'friend_list');
}
}
/**
* 积分兑换
*/
public function change_credit() {
$memberinfo = $this->memberinfo;
//加载用户模块配置
$member_setting = getcache('member_setting');
$this->_init_phpsso();
$setting = $this->client->ps_getcreditlist();
$outcredit = unserialize($setting);
$setting = $this->client->ps_getapplist();
$applist = unserialize($setting);
if(isset($_POST['dosubmit'])) {
//本系统积分兑换数
$fromvalue = intval($_POST['fromvalue']);
//本系统积分类型
$from = $_POST['from'];
$toappid_to = explode('_', $_POST['to']);
//目标系统appid
$toappid = $toappid_to[0];
//目标系统积分类型
$to = $toappid_to[1];
if($from == 1) {
if($memberinfo['point'] < $fromvalue) {
showmessage(L('need_more_point'), HTTP_REFERER);
}
} elseif($from == 2) {
if($memberinfo['amount'] < $fromvalue) {
showmessage(L('need_more_amount'), HTTP_REFERER);
}
} else {
showmessage(L('credit_setting_error'), HTTP_REFERER);
}
$status = $this->client->ps_changecredit($memberinfo['phpssouid'], $from, $toappid, $to, $fromvalue);
if($status == 1) {
if($from == 1) {
$this->db->update(array('point'=>"-=$fromvalue"), array('userid'=>$memberinfo['userid']));
} elseif($from == 2) {
$this->db->update(array('amount'=>"-=$fromvalue"), array('userid'=>$memberinfo['userid']));
}
showmessage(L('operation_success'), HTTP_REFERER);
} else {
showmessage(L('operation_failure'), HTTP_REFERER);
}
} elseif(isset($_POST['buy'])) {
if(!is_numeric($_POST['money']) || $_POST['money'] < 0) {
showmessage(L('money_error'), HTTP_REFERER);
} else {
$money = intval($_POST['money']);
}
if($memberinfo['amount'] < $money) {
showmessage(L('short_of_money'), HTTP_REFERER);
}
//此处比率读取用户配置
$point = $money*$member_setting['rmb_point_rate'];
$this->db->update(array('point'=>"+=$point"), array('userid'=>$memberinfo['userid']));
//加入消费记录,同时扣除金钱
pc_base::load_app_class('spend','pay',0);
spend::amount($money, L('buy_point'), $memberinfo['userid'], $memberinfo['username']);
showmessage(L('operation_success'), HTTP_REFERER);
} else {
$credit_list = pc_base::load_config('credit');
include template('member', 'change_credit');
}
}
//mini登陆条
public function mini() {
//获取通过 set_cookie 设置的 _username 变量
$_username = param::get_cookie('_username');
//获取通过 set_cookie 设置的 _userid 变量
$_userid = param::get_cookie('_userid');
//当前站点
$siteid = isset($_GET['siteid']) ? intval($_GET['siteid']) : '';
//定义站点id常量
if (!defined('SITEID')) {
define('SITEID', $siteid);
}
$snda_enable = pc_base::load_config('system', 'snda_enable');
//顶部登录信息:欢迎 xxx 登录 ,会员中心、退出
include template('member', 'mini');
}
/**
* 初始化phpsso
* about phpsso, include client and client configure
* @return string phpsso_api_url phpsso地址
*/
private function _init_phpsso() {
pc_base::load_app_class('client', '', 0);
define('APPID', pc_base::load_config('system', 'phpsso_appid'));//应用id
$phpsso_api_url = pc_base::load_config('system', 'phpsso_api_url');//接口地址
$phpsso_auth_key = pc_base::load_config('system', 'phpsso_auth_key');//加密秘钥
//主要将phpsso_api_url、phpsso_auth_key赋给client类对应的属性
$this->client = new client($phpsso_api_url, $phpsso_auth_key);
return $phpsso_api_url;//返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'
}
protected function _checkname($username) {
$username = trim($username);
if ($this->db->get_one(array('username'=>$username))){
return false;
}
return true;
}
private function _session_start() {
$session_storage = 'session_'.pc_base::load_config('system','session_storage');//session_mysql
pc_base::load_sys_class($session_storage);//加载session_mysql.class.php文件,默认情况下会初始化一个实例
}
/*
* 通过linkageid获取名字路径
*/
protected function _get_linkage_fullname($linkageid, $linkagelist) {
$fullname = '';
if($linkagelist['data'][$linkageid]['parentid'] != 0) {
$fullname = $this->_get_linkage_fullname($linkagelist['data'][$linkageid]['parentid'], $linkagelist);
}
//所在地区名称
$return = $fullname.$linkagelist['data'][$linkageid]['name'].'>';
return $return;
}
/**
*根据积分算出用户组
* @param $point int 积分数
*/
protected function _get_usergroup_bypoint($point=0) {
$groupid = 2;
if(empty($point)) {
$member_setting = getcache('member_setting');
$point = $member_setting['defualtpoint'] ? $member_setting['defualtpoint'] : 0;
}
$grouplist = getcache('grouplist');
foreach ($grouplist as $k=>$v) {
$grouppointlist[$k] = $v['point'];
}
arsort($grouppointlist);
//如果超出用户组积分设置则为积分最高的用户组
if($point > max($grouppointlist)) {
$groupid = key($grouppointlist);
} else {
foreach ($grouppointlist as $k=>$v) {
if($point >= $v) {
$groupid = $tmp_k;
break;
}
$tmp_k = $k;
}
}
return $groupid;
}
/**
* 检查用户名
* @param string $username 用户名
* @return $status {-4:用户名禁止注册;-1:用户名已经存在 ;1:成功}
*/
public function public_checkname_ajax() {
$username = isset($_GET['username']) && trim($_GET['username']) ? trim($_GET['username']) : exit(0);
if(CHARSET != 'utf-8') {
$username = iconv('utf-8', CHARSET, $username);
$username = addslashes($username);
}
//首先判断会员审核表
$this->verify_db = pc_base::load_model('member_verify_model');
if($this->verify_db->get_one(array('username'=>$username))) {
exit('0');
}
$this->_init_phpsso();
$status = $this->client->ps_checkname($username);
if($status == -4 || $status == -1) {
exit('0');
} else {
exit('1');
}
}
/**
* 检查用户昵称
* @param string $nickname 昵称
* @return $status {0:已存在;1:成功}
*/
public function public_checknickname_ajax() {
$nickname = isset($_GET['nickname']) && trim($_GET['nickname']) ? trim($_GET['nickname']) : exit('0');
if(CHARSET != 'utf-8') {
$nickname = iconv('utf-8', CHARSET, $nickname);
$nickname = addslashes($nickname);
}
//首先判断会员审核表
$this->verify_db = pc_base::load_model('member_verify_model');
if($this->verify_db->get_one(array('nickname'=>$nickname))) {
exit('0');
}
if(isset($_GET['userid'])) {
$userid = intval($_GET['userid']);
//如果是会员修改,而且NICKNAME和原来优质一致返回1,否则返回0
$info = get_memberinfo($userid);
if($info['nickname'] == $nickname){//未改变
exit('1');
}else{//已改变,判断是否已有此名
$where = array('nickname'=>$nickname);
$res = $this->db->get_one($where);
if($res) {
exit('0');
} else {
exit('1');
}
}
} else {
$where = array('nickname'=>$nickname);
$res = $this->db->get_one($where);
if($res) {
exit('0');
} else {
exit('1');
}
}
}
/**
* 检查邮箱
* @param string $email
* @return $status {-1:email已经存在 ;-5:邮箱禁止注册;1:成功}
*/
public function public_checkemail_ajax() {
$this->_init_phpsso();
$email = isset($_GET['email']) && trim($_GET['email']) ? trim($_GET['email']) : exit(0);
$status = $this->client->ps_checkemail($email);
if($status == -5) { //禁止注册
exit('0');
} elseif($status == -1) { //用户名已存在,但是修改用户的时候需要判断邮箱是否是当前用户的
if(isset($_GET['phpssouid'])) { //修改用户传入phpssouid
$status = $this->client->ps_get_member_info($email, 3);
if($status) {
$status = unserialize($status); //接口返回序列化,进行判断
if (isset($status['uid']) && $status['uid'] == intval($_GET['phpssouid'])) {
exit('1');
} else {
exit('0');
}
} else {
exit('0');
}
} else {
exit('0');
}
} else {
exit('1');
}
}
public function public_sina_login() {
define('WB_AKEY', pc_base::load_config('system', 'sina_akey'));
define('WB_SKEY', pc_base::load_config('system', 'sina_skey'));
pc_base::load_app_class('weibooauth', '' ,0);
$this->_session_start();
if(isset($_GET['callback']) && trim($_GET['callback'])) {
$o = new WeiboOAuth(WB_AKEY, WB_SKEY, $_SESSION['keys']['oauth_token'], $_SESSION['keys']['oauth_token_secret']);
$_SESSION['last_key'] = $o->getAccessToken($_REQUEST['oauth_verifier']);
$c = new WeiboClient(WB_AKEY, WB_SKEY, $_SESSION['last_key']['oauth_token'], $_SESSION['last_key']['oauth_token_secret']);
//获取用户信息
$me = $c->verify_credentials();
if(CHARSET != 'utf-8') {
$me['name'] = iconv('utf-8', CHARSET, $me['name']);
$me['location'] = iconv('utf-8', CHARSET, $me['location']);
$me['description'] = iconv('utf-8', CHARSET, $me['description']);
$me['screen_name'] = iconv('utf-8', CHARSET, $me['screen_name']);
}
if(!empty($me['id'])) {
//检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面
$where = array('connectid'=>$me['id'], 'from'=>'sina');
$r = $this->db->get_one($where);
//connect用户已经绑定本站用户
if(!empty($r)) {
//读取本站用户信息,执行登录操作
$password = $r['password'];
$this->_init_phpsso();
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));
if(!$cookietime) $get_cookietime = param::get_cookie('cookietime');
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$phpcms_auth = sys_auth($userid."\t".$password, 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success').$synloginstr, $forward);
} else {
//弹出绑定注册页面
$_SESSION = array();
$_SESSION['connectid'] = $me['id'];
$_SESSION['from'] = 'sina';
$connect_username = $me['name'];
//加载用户模块配置
$member_setting = getcache('member_setting');
if(!$member_setting['allowregister']) {
showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login');
}
//获取用户siteid
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
//过滤非当前站点会员模型
$modellist = getcache('member_model', 'commons');
foreach($modellist as $k=>$v) {
if($v['siteid']!=$siteid || $v['disabled']) {
unset($modellist[$k]);
}
}
if(empty($modellist)) {
showmessage(L('site_have_no_model').L('deny_register'), HTTP_REFERER);
}
$modelid = 10; //设定默认值
if(array_key_exists($modelid, $modellist)) {
//获取会员模型表单
require CACHE_MODEL_PATH.'member_form.class.php';
$member_form = new member_form($modelid);
$this->db->set_model($modelid);
$forminfos = $forminfos_arr = $member_form->get();
//万能字段过滤
foreach($forminfos as $field=>$info) {
if($info['isomnipotent']) {
unset($forminfos[$field]);
} else {
if($info['formtype']=='omnipotent') {
foreach($forminfos_arr as $_fm=>$_fm_value) {
if($_fm_value['isomnipotent']) {
$info['form'] = str_replace('{'.$_fm.'}',$_fm_value['form'], $info['form']);
}
}
$forminfos[$field]['form'] = $info['form'];
}
}
}
$formValidator = $member_form->formValidator;
}
include template('member', 'connect');
}
} else {
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
} else {
$o = new WeiboOAuth(WB_AKEY, WB_SKEY);
$keys = $o->getRequestToken();
$aurl = $o->getAuthorizeURL($keys['oauth_token'] ,false , APP_PATH.'index.php?m=member&c=index&a=public_sina_login&callback=1');
$_SESSION['keys'] = $keys;
include template('member', 'connect_sina');
}
}
/**
* 盛大通行证登陆
*/
public function public_snda_login() {
define('SNDA_AKEY', pc_base::load_config('system', 'snda_akey'));
define('SNDA_SKEY', pc_base::load_config('system', 'snda_skey'));
define('SNDA_CALLBACK', urlencode(APP_PATH.'index.php?m=member&c=index&a=public_snda_login&callback=1'));
pc_base::load_app_class('OauthSDK', '' ,0);
$this->_session_start();
if(isset($_GET['callback']) && trim($_GET['callback'])) {
$o = new OauthSDK(SNDA_AKEY, SNDA_SKEY, SNDA_CALLBACK);
$code = $_REQUEST['code'];
$accesstoken = $o->getAccessToken($code);
if(is_numeric($accesstoken['sdid'])) {
$userid = $accesstoken['sdid'];
} else {
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
if(!empty($userid)) {
//检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面
$where = array('connectid'=>$userid, 'from'=>'snda');
$r = $this->db->get_one($where);
//connect用户已经绑定本站用户
if(!empty($r)) {
//读取本站用户信息,执行登录操作
$password = $r['password'];
$this->_init_phpsso();
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));
if(!$cookietime) $get_cookietime = param::get_cookie('cookietime');
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$phpcms_auth = sys_auth($userid."\t".$password, 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('_from', 'snda');
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success').$synloginstr, $forward);
} else {
//弹出绑定注册页面
$_SESSION = array();
$_SESSION['connectid'] = $userid;
$_SESSION['from'] = 'snda';
$connect_username = $userid;
include template('member', 'connect');
}
}
} else {
$o = new OauthSDK(SNDA_AKEY, SNDA_SKEY, SNDA_CALLBACK);
$accesstoken = $o->getSystemToken();
$aurl = $o->getAuthorizeURL();
include template('member', 'connect_snda');
}
}
/**
* QQ号码登录
* 该函数为QQ登录回调地址
*/
public function public_qq_loginnew(){
$appid = pc_base::load_config('system', 'qq_appid');
$appkey = pc_base::load_config('system', 'qq_appkey');
$callback = pc_base::load_config('system', 'qq_callback');
pc_base::load_app_class('qqapi','',0);
$info = new qqapi($appid,$appkey,$callback);
$this->_session_start();
if(!isset($_GET['oauth_token'])){
$info->redirect_to_login();
}else{
$info->get_openid();//调取QQ openid值
if(!empty($_SESSION['openid'])){
$r = $this->db->get_one(array('connectid'=>$_SESSION['openid'],'from'=>'qq'));
if(!empty($r)){
//QQ已存在于数据库,则直接转向登陆操作
$password = $r['password'];
$this->_init_phpsso();
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));
if(!$cookietime) $get_cookietime = param::get_cookie('cookietime');
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$phpcms_auth = sys_auth($userid."\t".$password, 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success').$synloginstr, $forward);
}else{
//未存在于数据库中,跳去完善资料页面。页面预置用户名(QQ返回是UTF8编码,如有需要进行转码)
$user = $info->get_user_info();
$_SESSION['connectid'] = $_SESSION['openid'];
$_SESSION['from'] = 'qq';
if(CHARSET != 'utf-8') {//转编码
$connect_username = iconv('utf-8', CHARSET, $user['nickname']);
}
include template('member', 'connect');
}
}
}
}
/**
* QQ微博登录
*/
public function public_qq_login() {
define('QQ_AKEY', pc_base::load_config('system', 'qq_akey'));
define('QQ_SKEY', pc_base::load_config('system', 'qq_skey'));
pc_base::load_app_class('qqoauth', '' ,0);
$this->_session_start();
if(isset($_GET['callback']) && trim($_GET['callback'])) {
$o = new WeiboOAuth(QQ_AKEY, QQ_SKEY, $_SESSION['keys']['oauth_token'], $_SESSION['keys']['oauth_token_secret']);
$_SESSION['last_key'] = $o->getAccessToken($_REQUEST['oauth_verifier']);
if(!empty($_SESSION['last_key']['name'])) {
//检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面
$where = array('connectid'=>$_REQUEST['openid'], 'from'=>'qq');
$r = $this->db->get_one($where);
//connect用户已经绑定本站用户
if(!empty($r)) {
//读取本站用户信息,执行登录操作
$password = $r['password'];
$this->_init_phpsso();
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));
if(!$cookietime) $get_cookietime = param::get_cookie('cookietime');
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$phpcms_auth = sys_auth($userid."\t".$password, 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('_from', 'snda');
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success').$synloginstr, $forward);
} else {
//弹出绑定注册页面
$_SESSION = array();
$_SESSION['connectid'] = $_REQUEST['openid'];
$_SESSION['from'] = 'qq';
$connect_username = $_SESSION['last_key']['name'];
//加载用户模块配置
$member_setting = getcache('member_setting');
if(!$member_setting['allowregister']) {
showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login');
}
//获取用户siteid
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
//过滤非当前站点会员模型
$modellist = getcache('member_model', 'commons');
foreach($modellist as $k=>$v) {
if($v['siteid']!=$siteid || $v['disabled']) {
unset($modellist[$k]);
}
}
if(empty($modellist)) {
showmessage(L('site_have_no_model').L('deny_register'), HTTP_REFERER);
}
$modelid = 10; //设定默认值
if(array_key_exists($modelid, $modellist)) {
//获取会员模型表单
require CACHE_MODEL_PATH.'member_form.class.php';
$member_form = new member_form($modelid);
$this->db->set_model($modelid);
$forminfos = $forminfos_arr = $member_form->get();
//万能字段过滤
foreach($forminfos as $field=>$info) {
if($info['isomnipotent']) {
unset($forminfos[$field]);
} else {
if($info['formtype']=='omnipotent') {
foreach($forminfos_arr as $_fm=>$_fm_value) {
if($_fm_value['isomnipotent']) {
$info['form'] = str_replace('{'.$_fm.'}',$_fm_value['form'], $info['form']);
}
}
$forminfos[$field]['form'] = $info['form'];
}
}
}
$formValidator = $member_form->formValidator;
}
include template('member', 'connect');
}
} else {
showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');
}
} else {
$oauth_callback = APP_PATH.'index.php?m=member&c=index&a=public_qq_login&callback=1';
$oauth_nonce = md5(SYS_TIME);
$oauth_signature_method = 'HMAC-SHA1';
$oauth_timestamp = SYS_TIME;
$oauth_version = '1.0';
$url = "https://open.t.qq.com/cgi-bin/request_token?oauth_callback=$oauth_callback&oauth_consumer_key=".QQ_AKEY."&oauth_nonce=$oauth_nonce&oauth_signature=".QQ_SKEY."&oauth_signature_method=HMAC-SHA1&oauth_timestamp=$oauth_timestamp&oauth_version=$oauth_version";
$o = new WeiboOAuth(QQ_AKEY, QQ_SKEY);
$keys = $o->getRequestToken(array('callback'=>$oauth_callback));
$_SESSION['keys'] = $keys;
$aurl = $o->getAuthorizeURL($keys['oauth_token'] ,false , $oauth_callback);
include template('member', 'connect_qq');
}
}
//QQ登录功能
public function public_qq_login2(){
$appid = pc_base::load_config('system', 'qq_appid');
$appkey = pc_base::load_config('system', 'qq_appkey');
$callback = pc_base::load_config('system', 'qq_callback');
pc_base::load_app_class('qqapi','',0);
$info = new qqapi($appid,$appkey,$callback);
$this->_session_start();
if(!isset($_GET['oauth_token'])){
$info->redirect_to_login();
}else{
$info->get_openid();
if(!empty($_SESSION['openid'])){
$r = $this->db->get_one(array('connectid'=>$_SESSION['openid'],'from'=>'qq'));
if(!empty($r)){
//登陆
$password = $r['password'];
$this->_init_phpsso();
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));
if(!$cookietime) $get_cookietime = param::get_cookie('cookietime');
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime: 0);
$cookietime = $_cookietime ? TIME + $_cookietime : 0;
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$phpcms_auth = sys_auth($userid."\t".$password, 'ENCODE', $phpcms_auth_key);
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
$forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';
showmessage(L('login_success').$synloginstr, $forward);
}else{
$user = $info->get_user_info();
$_SESSION['connectid'] = $_SESSION['openid'];
$_SESSION['from'] = 'qq';
$connect_username = $user['nickname'];
include template('member', 'connect');
}
}
}
}
/**
* 找回密码
*/
public function public_forget_password () {
$email_config = getcache('common', 'commons');
//SMTP MAIL 二种发送模式
if($email_config['mail_type'] == '1'){
if(empty($email_config['mail_user']) || empty($email_config['mail_password'])) {
showmessage(L('email_config_empty'), HTTP_REFERER);
}
}
$this->_session_start();
$member_setting = getcache('member_setting');
if(isset($_POST['dosubmit'])) {
if ($_SESSION['code'] != strtolower($_POST['code'])) {
showmessage(L('code_error'), HTTP_REFERER);
}
$memberinfo = $this->db->get_one(array('email'=>$_POST['email']));
if(!empty($memberinfo['email'])) {
$email = $memberinfo['email'];
} else {
showmessage(L('email_error'), HTTP_REFERER);
}
pc_base::load_sys_func('mail');
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$code = sys_auth($memberinfo['userid']."\t".SYS_TIME, 'ENCODE', $phpcms_auth_key);
$url = APP_PATH."index.php?m=member&c=index&a=public_forget_password&code=$code";
$message = $member_setting['forgetpassword'];
$message = str_replace(array('{click}','{url}'), array('<a href="'.$url.'">'.L('please_click').'</a>',$url), $message);
//获取站点名称
$sitelist = getcache('sitelist', 'commons');
if(isset($sitelist[$memberinfo['siteid']]['name'])) {
$sitename = $sitelist[$memberinfo['siteid']]['name'];
} else {
$sitename = 'PHPCMS_V9_MAIL';
}
sendmail($email, L('forgetpassword'), $message, '', '', $sitename);
showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login');
} elseif($_GET['code']) {
$phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent);
$hour = date('y-m-d h', SYS_TIME);
$code = sys_auth($_GET['code'], 'DECODE', $phpcms_auth_key);
$code = explode("\t", $code);
if(is_array($code) && is_numeric($code[0]) && date('y-m-d h', SYS_TIME) == date('y-m-d h', $code[1])) {
$memberinfo = $this->db->get_one(array('userid'=>$code[0]));
if(empty($memberinfo['phpssouid'])) {
showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');
}
$password = random(8);
$updateinfo['password'] = password($password, $memberinfo['encrypt']);
$this->db->update($updateinfo, array('userid'=>$code[0]));
if(pc_base::load_config('system', 'phpsso')) {
//初始化phpsso
$this->_init_phpsso();
$this->client->ps_member_edit('', $email, '', $password, $memberinfo['phpssouid'], $memberinfo['encrypt']);
}
showmessage(L('operation_success').L('newpassword').':'.$password);
} else {
showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');
}
} else {
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
$siteinfo = siteinfo($siteid);
include template('member', 'forget_password');
}
}
}
?>
【phpcms-v9】会员模块index.php控制器文件分析:
最新推荐文章于 2023-03-04 11:14:08 发布