www.gusucode.com > 行云海CMS内容管理系统php版 v3.2php源码程序 > 行云海CMS内容管理系统php版 v3.2/xyhcms_v3.2/xyhcms_v3.2/uploads_code/App/Home/Controller/PublicController.class.php
<?php
/**
* oooooooooooo
*
* ooooooooooooooooo
* o
* o
* o o
* oooooooooooo
*
* ~~ ~~ ~~
* ~~ ~~ ~~
* ~~~~~~~~ ~~~~~~~~~~ ~~~~~~~~~~
* ······· ~~XYHCMS~~ ·······
* ······· 闲看庭前花开花落 漫随天外云卷云舒 ·······
* ············· www.xyhcms.com ·············
* ··················································
* ··················································
*
* @Author: gosea <gosea199@gmail.com>
* @Date: 2014-06-21 10:00:00
* @Last Modified by: gosea
* @Last Modified time: 2016-06-21 12:39:37
*/
namespace Home\Controller;
class PublicController extends HomeCommonController
{
public function login()
{
$furl = $_SERVER['HTTP_REFERER'];
if (IS_POST) {
$this->loginPost();
exit();
}
$this->assign('furl', $furl);
$this->assign('title', '用户登录');
$this->display();
}
public function loginPost()
{
if (!IS_POST) {
exit();
}
$furl = I('furl', '', 'htmlspecialchars,trim');
if (empty($furl) || strpos($furl, 'register') || strpos($furl, 'login') || strpos($furl, 'logout') || strpos($furl, 'activate') || strpos($furl, 'sendActivate')) {
$furl = U(MODULE_NAME . '/Member/index');
}
$email = I('email', '', 'htmlspecialchars,trim');
$password = I('password', '');
$verify = I('vcode', '', 'htmlspecialchars,trim');
if (C('CFG_VERIFY_LOGIN') == 1 && !check_verify($verify)) {
$this->error('验证码不正确');
}
if ($email == '') {
$this->error('请输入帐号!', '', array('input' => 'email')); //支持ajax,$this->error(info,url,array);
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$this->error('账号为邮箱地址,格式不正确!', '', array('input' => 'email')); //支持ajax,$this->error(info,url,array);
}
if (strlen($password) < 4 || strlen($password) > 20) {
$this->error('密码必须是4-20位的字符!', '', array('input' => 'password'));
}
$user = M('member')->where(array('email' => $email))->find();
if (!$user || ($user['password'] != get_password($password, $user['encrypt']))) {
$this->error('账号或密码错误', '', array('input' => 'password'));
}
if ($user['islock']) {
$this->error('用户被锁定!', '', array('input' => ''));
}
//更新数据库的参数
$data = array('id' => $user['id'], //保存时会自动为此ID的更新
'logintime' => time(),
'loginip' => get_client_ip(),
'loginnum' => $user['loginnum'] + 1,
);
//更新数据库
M('member')->save($data);
//保存Session
//session(C('USER_AUTH_KEY'), $user['id']);
//保存到cookie
set_cookie(array('name' => 'uid', 'value' => $user['id']));
set_cookie(array('name' => 'email', 'value' => $user['email']));
set_cookie(array('name' => 'nickname', 'value' => $user['nickname']));
set_cookie(array('name' => 'groupid', 'value' => $user['groupid'])); //20140801
set_cookie(array('name' => 'logintime', 'value' => date('Y-m-d H:i:s', $user['logintime'])));
set_cookie(array('name' => 'loginip', 'value' => $user['loginip']));
set_cookie(array('name' => 'status', 'value' => $user['status'])); //激活状态
set_cookie(array('name' => 'verifytime', 'value' => time())); //激活状态
//跳转
//$this->redirect(MODULE_NAME.'/Member/index');
//redirect(__MODULE__);
$this->success('登录成功', $furl, array('input' => ''));
}
//退出
public function logout()
{
$furl = $_SERVER['HTTP_REFERER'];
if (empty($furl) || strpos($furl, 'register') || strpos($furl, 'login') || strpos($furl, 'activate') || strpos($furl, 'sendActivate')) {
$furl = U(MODULE_NAME . '/Public/login');
}
//session_unset();
//session_destroy();
del_cookie(array('name' => 'uid'));
del_cookie(array('name' => 'email'));
del_cookie(array('name' => 'nickname'));
del_cookie(array('name' => 'groupid'));
del_cookie(array('name' => 'logintime'));
del_cookie(array('name' => 'loginip'));
del_cookie(array('name' => 'status'));
//$this->redirect(MODULE_NAME.'/Public/login');
$this->success('安全退出', $furl);
}
//自动登录后,js验证,更新积分
public function loginChk()
{
if (!IS_AJAX) {
exit();
}
$uid = intval(get_cookie('uid'));
$email = get_cookie('email');
$nickname = get_cookie('nickname');
$logintime = get_cookie('logintime');
$loginip = get_cookie('loginip');
$verifytime = intval(get_cookie('verifytime')); //上次登录时间
$furl = '';
$nickname = empty($nickname) ? $email : $nickname;
if ($uid <= 0 || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
del_cookie(array('name' => 'uid'));
del_cookie(array('name' => 'nickname'));
del_cookie(array('name' => 'verifytime'));
del_cookie(array('name' => 'logintime'));
$this->error('请登录', ''); //支持ajax,$this->error(info,url,array);
}
if (date('Y-m-d', $verifytime) != date('Y-m-d', time())) {
$user = M('member')->where(array('id' => $uid, 'email' => $email))->find();
if (!$user) {
del_cookie(array('name' => 'uid'));
del_cookie(array('name' => 'nickname'));
del_cookie(array('name' => 'verifytime'));
del_cookie(array('name' => 'logintime'));
$this->error('请登录!', '');
}
set_cookie(array('name' => 'verifytime', 'value' => time())); //本次状态
}
$this->success('已登录', $furl, array('nickname' => $nickname));
}
//注册
public function register()
{
if (IS_POST) {
$this->registerPost();
exit();
}
$this->assign('title', '用户注册');
$this->display();
}
//兼容v1.5之前的注册提交
public function registerHandle()
{
$this->register();
}
//注册
public function registerPost()
{
if (!IS_POST) {
exit(0);
}
$password = I('password', '');
$verify = I('vcode', '', 'htmlspecialchars,trim');
if (C('CFG_VERIFY_REGISTER') == 1 && !check_verify($verify)) {
$this->error('验证码不正确');
}
//M验证
$validate = array(
array('email', 'require', '电子邮箱必须填写!'),
array('email', 'email', '邮箱格式不符合要求。'),
//array('groupid','require','请选择会员组!'),
array('password', 'require', '密码必须填写!'),
array('rpassword', 'require', '确认密码必须填写!'),
array('password', 'rpassword', '两次密码不一致', 0, 'confirm'),
array('email', '', '邮箱已经存在!', 0, 'unique', 1), //使用这个是否存在,auto就不能自动完成
);
$db = M('member');
if (!$db->validate($validate)->create()) {
$this->error($db->getError());
}
if (strlen($password) < 4 || strlen($password) > 20) {
$this->error('密码必须是4-20位的字符!', '', array('input' => 'password'));
}
$nickname = I('nickname', '', 'htmlspecialchars,trim');
$notallowname = explode(',', C('CFG_MEMBER_NOTALLOW'));
if (in_array($nickname, $notallowname)) {
$this->error('此昵称系统禁用,请重新更换一个!');
}
//判断后台是否开始邮件验证
$data['groupid'] = 2; //注册会员
/*
$mGroup = M('membergroup')->Field('id')->find();
if ($mGroup) {
$data['groupid'] = $mGroup['id'];
}
*/
$email = I('email', '', 'htmlspecialchars,trim');
$data['email'] = $email;
$data['nickname'] = $nickname;
$data['nickname'] = I('nickname', '');
//代替自动完成
$data['regtime'] = time();
$passwordinfo = I('password', '', 'get_password');
$data['password'] = $passwordinfo['password'];
$data['encrypt'] = $passwordinfo['encrypt'];
$regtime = date('Y年m月d日', time());
$nextday = date('Y年m月d日 H:i', strtotime("+2 day"));
if ($id = $db->add($data)) {
$msg = '注册会员成功<br/>';
$active['expire'] = strtotime("+2 day"); //二天后时间截,相当于time() + 2 * 24 * 60 * 60
$active['code'] = get_randomstr(11);
$active['userid'] = $id;
$active['id'] = M('active')->add($active);
$url = rtrim(C('CFG_WEBURL'), '/') . "/index.php?m=" . MODULE_NAME . "&c=Public&a=activate&va={$active['id']}&vc={$active['code']}";
//$url = preg_replace("#http:\/\/#i", '', $url);
//$url = 'http://'.preg_replace("#\/\/#i", '/', $url);
$webname = C('CFG_WEBNAME');
$weburl = C('CFG_WEBURL');
$weburl2 = str_replace('http://www.', '', $weburl);
$webqq = C('cfg_qq');
$webmail = C('cfg_email');
$subject = "[{$webname}]请激活你的帐号,完成注册";
$message = <<<str
<p>您于 {$regtime} 注册{$webname}帐号 <a href="mailto:{$email}">{$email}</a> ,点击以下链接,即可激活该帐号:</p>
<p><a href="{$url}" target="_blank">{$url}</a></p>
<p>(如果您无法点击此链接,请将它复制到浏览器地址栏后访问)</p>
<p>为了保障您帐号的安全性,请在 48小时内完成激活,此链接将在您激活过一次后失效!</p>
<p>此邮件由系统发送,请勿直接回复。</p>
str;
if (C('CFG_MEMBER_VERIFYEMAIL')) {
if (send_mail($email, $subject, $message) == true) {
$msg .= '验证邮件已发送,请尽快查收邮件,激活该帐号';
} else {
$msg .= '验证邮件发送失败,请写管理员联系';
}
}
$this->success($msg, U(MODULE_NAME . '/Public/login'));
} else {
$this->error('注册失败');
}
}
public function sendActivate()
{
$uid = get_cookie('uid');
if (empty($uid)) {
$this->error('请登录后尝试');
}
$user = M('member')->find($uid);
$email = $user['email'];
$regtime = date('Y年m月d日', $user['regtime']);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$this->error('你的邮箱格式有错误!');
}
if ($user['status'] == 1) {
$this->error('你的帐号邮件已经激活,本操作无效!');
}
$actinfo = M('active')->where(array('userid' => $uid, 'expire' => array('gt', time())))->find();
$data = array();
//有记录
if ($actinfo) {
$data['id'] = $actinfo['id'];
$data['expire'] = $actinfo['expire'];
$data['code'] = $actinfo['code'];
$data['userid'] = $uid;
} else {
$data['expire'] = strtotime("+2 day"); //二天后时间截,相当于time() + 2 * 24 * 60 * 60
$data['code'] = get_randomstr(11);
$data['userid'] = $uid;
//M('active')->delete($uid);//清除有的记录
$data['id'] = M('active')->add($data);
}
$nextday = date('Y年m月d日 H:i', $data['expire']);
$url = rtrim(C('CFG_WEBURL'), '/') . "/index.php?m=" . MODULE_NAME . "&c=Public&a=activate&va={$data['id']}&vc={$data['code']}";
//$url = preg_replace("#http:\/\/#i", '', $url);
//$url = 'http://'.preg_replace("#\/\/#i", '/', $url);
$webname = C('CFG_WEBNAME');
$weburl = C('CFG_WEBURL');
$weburl2 = str_replace('http://www.', '', $weburl);
$webqq = C('cfg_qq');
$webmail = C('cfg_email');
$subject = "[{$webname}]会员邮件验证通知,完成激活";
$message = <<<str
<p>您于 {$regtime} 注册{$webname}帐号 <a href="mailto:{$email}">{$email}</a> ,点击以下链接,即可激活该帐号:</p>
<p><a href="{$url}" target="_blank">{$url}</a></p>
<p>(如果您无法点击此链接,请将它复制到浏览器地址栏后访问)</p>
<p>为了保障您帐号的安全性,请在 48小时内完成激活,此链接将在您激活过一次后失效!</p>
<p>此邮件由系统发送,请勿直接回复。</p>
str;
$msg = '';
if (send_mail($email, $subject, $message) == true) {
$msg .= '验证邮件已发送,请尽快查收邮件,激活该帐号';
} else {
$msg .= '验证邮件发送失败,请写管理员联系';
}
$this->success($msg, U(MODULE_NAME . '/Member/index'), 10);
}
public function activate()
{
header("Content-Type:text/html; charset=utf-8");
$id = I('va', 0, 'intval');
$code = I('vc', '', 'htmlspecialchars,trim');
if (empty($code) || $id == 0) {
exit('你的效验串不合法!<a href="' . C('CFG_WEBURL') . '">返回首页</a>');
}
$row = M('active')->where(array('id' => $id, 'expire' => array('gt', time())))->find();
if ($code != $row['code']) {
exit('激活码过期或错误!<a href="' . C('CFG_WEBURL') . '">返回首页</a>');
}
M('member')->where(array('id' => $row['userid']))->setField('status', '1'); //激活用户状态设置
//M('active')->delete($id);//从激活表中删除
M('active')->where(array('id' => $row['id']))->setField('expire', '0'); //激活用户状态设置
// 清除会员缓存
//DelCache($mid);
$this->success('激活操作成功,请重新登录!', U(MODULE_NAME . '/Public/login'));
}
/*Send verification code*/
public function sendCode()
{
header("Content-Type:text/html; charset=utf-8");
if (!IS_POST) {
exit();
}
$email = I('username', '', 'htmlspecialchars,trim');
$flag = I('flag', 0, 'intval');
//$flag为1时,需要验证email是否已经被使用,注册必需未使用的email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
//exit(json_encode(array('status'=>0,'info'=>'E-mail格式不正确!','input'=>'email')));
//$this->ajaxReturn(array('status'=>0,'info'=>'E-mail格式不正确!','input'=>'email'),'JSON');//Thinkphp内部
$this->error('E-mail格式不正确!', '', array('input' => 'email')); //TP3.1后,error和success支持ajax返回
}
if ($flag) {
if ($user = M('member')->where(array('email' => $email))->find()) {
$this->error('邮箱已经存在,请更换邮箱或直接登录!', '', array('input' => 'email'));
}
}
//查询active表,是否发送过注册验证码,发过,则不再重新生成新的验证码,直接发送
$actinfo = M('active')->where(array('email' => $email, 'type' => 1, 'expire' => array('gt', time())))->order('expire DESC')->find();
$data = array();
//有记录
if ($actinfo) {
$data['id'] = $actinfo['id'];
$data['userid'] = 0;
$data['code'] = $actinfo['code'];
$data['expire'] = $actinfo['expire'];
$data['type'] = $actinfo['type'];
//小于3分钟,则更新有效期(延长)
if ($data['expire'] - time() < 3 * 60) {
$data['expire'] = time() + 20 * 60; //20 minutes
M('active')->where(array('id' => $data['id']))->setField('expire', $data['expire']);
}
} else {
$data['userid'] = 0;
$data['code'] = get_random(6, '1234567890'); //产生数字
$data['expire'] = time() + 20 * 60; //20 minutes//strtotime("+2 day") ;
$data['email'] = $email;
$data['type'] = 1;
//M('active')->delete($uid);//清除有的记录
$data['id'] = M('active')->add($data);
}
$nextday = date('Y年m月d日 H:i', $data['expire']);
$regtime = date('Y年m月d日', time());
$nextday = date('Y年m月d日 H:i', strtotime("+2 day"));
//$url = rtrim(C('CFG_WEBURL'),'/'). "/index.php?m=". MODULE_NAME ."&c=Public&a=activate&va={$active['id']}&vc={$active['code']}";
//$url = preg_replace("#http:\/\/#i", '', $url);
//$url = 'http://'.preg_replace("#\/\/#i", '/', $url);
$webname = C('CFG_WEBNAME');
$weburl = C('CFG_WEBURL');
$weburl2 = str_replace('http://www.', '', $weburl);
$webqq = C('cfg_qq');
$webmail = C('cfg_email');
$subject = "[{$webname}]会员注册验证码";
$message = <<<str
<p>您本次申请的验证码为:{$data['code']}</p>
<p> </p>
<p>1、为了保障您的安全,请不要将以上验证码告诉任何人,本站工作人员不会向您索取验证码。</p>
<p>2、如果本次验证码并非您本人申请,请忽略本邮件。。</p>
<p>此邮件由系统发送,请勿直接回复。</p>
str;
$msg = '';
if (send_mail($email, $subject, $message) == true) {
$msg .= ''; //'验证邮件已发送,请尽快查收邮件,激活该帐号';
} else {
$msg .= '!'; //'验证邮件发送失败,请写管理员联系';
}
$this->success('验证码发送成功,请到邮箱查收' . $msg, '', array('input' => 'email'));
}
//增加点击数
public function click()
{
$id = I('id', 0, 'intval');
$tablename = I('tn', '');
if (!preg_match('/^[a-zA-Z0-9_]+$/', $tablename)) {
$tablename = '';
}
if (C('HTML_CACHE_ON') == true) {
echo 'document.write(' . get_click($id, $tablename) . ')';
} else {
echo get_click($id, $tablename);
}
}
//证码码
public function verify()
{
$verify = new \Think\Verify();
$verify->entry(1);
}
//online
public function online()
{
$mode = get_meta_value('ONLINE_CFG_MODE');
if ($mode != 1) {
return '';
}
$style = get_meta_value('ONLINE_CFG_STYLE');
$style = empty($style) ? 'blue' : $style;
$qq = get_meta_value('ONLINE_CFG_QQ');
$wangwang = get_meta_value('ONLINE_CFG_WANGWANG');
$phone = get_meta_value('ONLINE_CFG_PHONE');
if (empty($qq)) {
$qq = array();
} else {
$qq = explode("\n", trim(str_replace("\r", '', $qq), "\n"));
}
if (empty($wangwang)) {
$wangwang = array();
} else {
$wangwang = explode("\n", trim(str_replace("\r", '', $wangwang), "\n"));
}
$qq_param = get_meta_value('ONLINE_CFG_QQ_PARAM');
$wangwang_param = get_meta_value('ONLINE_CFG_WANGWANG_PARAM');
//位置
$_divL = get_meta_value('ONLINE_CFG_H') == 1 ? (-get_meta_value('ONLINE_CFG_H_MARGIN') - 0.01) : get_meta_value('ONLINE_CFG_H_MARGIN'); //水平
$_divT = get_meta_value('ONLINE_CFG_V') == 1 ? (-get_meta_value('ONLINE_CFG_V_MARGIN') - 0.01) : get_meta_value('ONLINE_CFG_V_MARGIN');
$_divM = 0;
if (get_meta_value('ONLINE_CFG_H') == 2 && get_meta_value('ONLINE_CFG_V') == 2) {
$_divM = 2;
} elseif (get_meta_value('ONLINE_CFG_H') == 2) {
$_divM = 1;
} elseif (get_meta_value('ONLINE_CFG_V') == 2) {
$_divM = -1;
}
$js_path = __ROOT__ . '/Data';
$str = <<<str
//动态加载
function loadScript(url,callback){
var script = document.createElement("script")
script.type = "text/javascript";
if (script.readyState){//IE
script.onreadystatechange = function(){
if (script.readyState == "loaded" || script.readyState == "complete"){
script.onreadystatechange = null;
callback();
}
};
} else { //Others: Firefox, Safari, Chrome, and Opera
script.onload = function(){
callback();
};
}
script.src = url;
document.body.appendChild(script);
}
function online_show() {
if(document.getElementById("XYHOnlineView")){
new scrollx({id:"XYHOnlineView",l:{$_divL},t:{$_divT},f:1,m:{$_divM}});
}
}
document.write('<link href="{$js_path}/static/js_plugins/online/{$style}.css" rel="stylesheet" type="text/css" />');
document.write('<div id="XYHOnlineView" class="xyh_online_view">');
document.write('<div class="top_b"></div>');
document.write('<div class="body">');
document.write('<dl>');
document.write('<dd class="title">在线客服</dd>');
document.write('<dd>');
document.write(' <span class="ico_zx">在线咨询</span>');
document.write('</dd>');
str;
foreach ($qq as $k => $_qq):
$_qq_array = explode('$$$', $_qq);
$_qq_array[1] = isset($_qq_array[1]) ? $_qq_array[1] : '点击这里给我发消息';
$str .= 'document.write(\'<dd class="qq">\');';
$str .= "document.write('" . str_replace(array('[客服号]', '[客服说明]', "\r\n", "'"), array($_qq_array[0], $_qq_array[1], '', "\'"), $qq_param) . "');";
$str .= "document.write('</dd>');\n";
endforeach;
foreach ($wangwang as $k => $_wangwang):
$_wangwang_array = explode('$$$', $_wangwang);
$_wangwang_array[1] = isset($_wangwang_array[1]) ? $_wangwang_array[1] : '点击这里给我发消息';
$str .= 'document.write(\'<dd class="qq">\');';
$str .= "document.write('" . str_replace(array('[客服号]', '[客服说明]', "\r\n", "'"), array($_wangwang_array[0], $_wangwang_array[1], '', "\'"), $wangwang_param) . "');";
$str .= "document.write('</dd>');";
endforeach;
$str .= "document.write('</dl>');";
$str .= "document.write('<dl>');";
if (get_meta_value('ONLINE_CFG_PHONE_ON') == 1) {
$str .= 'document.write(\'<dd class="title bborder">电话咨询</dd>\');';
$str .= 'document.write(\'<dd><span class="ico_tel">' . $phone . '</span></dd>\');';
}
if (get_meta_value('ONLINE_CFG_GUESTBOOK_ON') == 1) {
$str .= 'document.write(\'<dd class="msg noborder"><a href="' . U('Guestbook/index') . '" target="_blank">给我们留言</a></dd>\');';
}
$str .= "document.write('</dl>');";
$str .= "document.write('</div>');";
$str .= "document.write('</div>');";
$str .= 'loadScript("' . $js_path . '/static/js_plugins/online/scrollx.js",online_show)';
echo $str;
}
}