www.gusucode.com > 4113网博士成品网站管理系统 PHP网站源码程序 > 4113/4113/post.php
<?php
/*********************/
/* */
/* Version : 5.1.0 */
/* Author : RM */
/* Comment : 85wu */
/* */
/*********************/
define( "ROOTPATH", "" );
include( ROOTPATH."includes/common.inc.php" );
include( ROOTPATH."member/language/".$sLan.".php" );
include( ROOTPATH."member/includes/member.inc.php" );
$act = $_POST['act'];
switch ( $act )
{
case "adminlogin" :
$user = mysql_real_escape_string($_POST['user']);
$password = mysql_real_escape_string($_POST['password']);
$ImgCode = $_POST['ImgCode'];
if ( $user == "" || $password == "" )
{
echo $strAdminLoginErr1;
exit( );
}
$frm = $_POST['frm'];
if ( $frm != "MC" )
{
$ImgCode = $_POST['ImgCode'];
$Ic = $_COOKIE['CODEIMG'];
$Ic = strrev( $Ic ) + 5 * 2 - 9;
$Ic = substr( $Ic, 0, 4 );
if ( $ImgCode == "" || $Ic != $ImgCode )
{
echo $strAdminLoginErr3;
exit( );
}
}
$md5pass = md5( $password );
$msql->query( "select * from {P}_base_admin where user='{$user}' and password='{$md5pass}'" );
if ( $msql->next_record( ) )
{
$sysuserid = $msql->f( "id" );
$psd = $msql->f( "password" );
$name = $msql->f( "name" );
$tm = time( );
$md5 = md5( $user."l0aZXUYJ876Mn5rQoL55B".$psd.$tm );
setcookie( "SYSZC", $md5 );
setcookie( "SYSUSER", $user );
setcookie( "SYSNAME", $name );
setcookie( "SYSUSERID", $sysuserid );
setcookie( "SYSTM", $tm );
echo "OK";
exit( );
}
else
{
echo $strAdminLoginErr2;
exit( );
}
break;
case "adminlogout" :
setcookie( "SYSUSER" );
setcookie( "SYSZC" );
setcookie( "SYSTM" );
setcookie( "SYSNAME" );
setcookie( "PLUSADMIN", "" );
echo "OK";
exit( );
break;
case "memberreg" :
$membertypeid = $_REQUEST['membertypeid'];
$user = htmlspecialchars( $_POST['user'] );
$password = htmlspecialchars( $_POST['password'] );
$repass = htmlspecialchars( $_POST['repass'] );
$email = htmlspecialchars( $_POST['email'] );
$ImgCode = $_POST['ImgCode'];
$fsql->query( "select * from {P}_member_type where membertypeid='{$membertypeid}'" );
if ( $fsql->next_record( ) )
{
$membergroupid = $fsql->f( "membergroupid" );
$membertype = $fsql->f( "membertype" );
$ifcanreg = $fsql->f( "ifcanreg" );
$ifchecked = $fsql->f( "ifchecked" );
$regmail = $fsql->f( "regmail" );
$expday = $fsql->f( "expday" );
}
if ( $ifcanreg != "1" )
{
echo $strRegNotice10;
exit( );
}
if ( strlen( $user ) < 5 || 20 < strlen( $user ) )
{
echo $strRegNotice4;
exit( );
}
if ( !eregi( "^[0-9a-z]{1,20}\$", $user ) )
{
echo $strRegNotice5;
exit( );
}
if ( !eregi( "^[0-9a-z]{1,20}\$", $password ) )
{
echo $strRegNotice6;
exit( );
}
if ( strlen( $password ) < 5 || 20 < strlen( $password ) )
{
echo $strRegNotice7;
exit( );
}
if ( $password != $repass )
{
echo $strRegNotice8;
exit( );
}
if ( !eregi( "^[_.0-9a-z-]+@([0-9a-z][0-9a-z-]+.)+[a-z]{2,3}\$", $email ) )
{
echo $strRegNotice9;
exit( );
}
$fsql->query( "select memberid from {P}_member where user='{$user}'" );
if ( $fsql->next_record( ) )
{
echo $strRegNotice2;
exit( );
}
if ( $GLOBALS['MEMBERCONF']['UC_OPEN'] == "1" )
{
if ( file_exists( ROOTPATH."api/uc_api/uc_client/client.php" ) && file_exists( ROOTPATH."api/uc_api/api.inc.php" ) )
{
include( ROOTPATH."api/uc_api/api.inc.php" );
include( ROOTPATH."api/uc_api/uc_client/client.php" );
if ( uc_get_user( $user ) )
{
echo $strUCNTC2;
exit( );
}
}
else
{
echo $strUCNTC1;
exit( );
}
}
$Ic = $_COOKIE['CODEIMG'];
$Ic = strrev( $Ic ) + 5 * 2 - 9;
$Ic = substr( $Ic, 0, 4 );
if ( $ImgCode == "" || $Ic != $ImgCode )
{
echo $strIcErr;
exit( );
}
$regtime = time( );
if ( $expday != 0 )
{
$tm = $expday * 24 * 60 * 60;
$exptime = $regtime + $tm;
}
else
{
$exptime = 0;
}
$ip = $_SERVER['REMOTE_ADDR'];
$passwd = md5( $password );
$msql->query( "insert into {P}_member set\r\n\r\n\t\t membertypeid='{$membertypeid}',\r\n\t\t membergroupid='{$membergroupid}',\r\n\t\t user='{$user}',\r\n\t\t password='{$passwd}',\r\n\t\t email='{$email}',\r\n\t\t pname='{$user}',\r\n\t\t signature='{$signature}',\r\n\t\t nowface='1',\r\n\t\t checked='{$ifchecked}',\r\n\t\t regtime='{$regtime}',\r\n\t\t exptime='{$exptime}',\r\n\t\t ip='{$ip}',\r\n\t\t logincount='1',\r\n\t\t logintime='{$regtime}',\r\n\t\t loginip='{$ip}'\r\n\t\t" );
$memberid = $msql->instid( );
$msql->query( "delete from {P}_member_rights where memberid='{$memberid}'" );
$msql->query( "select * from {P}_member_defaultrights where membertypeid='{$membertypeid}'" );
while ( $msql->next_record( ) )
{
$secureid = $msql->f( "secureid" );
$securetype = $msql->f( "securetype" );
$secureset = $msql->f( "secureset" );
$fsql->query( "insert into {P}_member_rights values(\r\n\t\t\t0,\r\n\t\t '{$memberid}',\r\n\t\t '{$secureid}',\r\n\t\t '{$securetype}',\r\n\t\t '{$secureset}'\r\n\t\t\t)" );
}
membercentupdate( $memberid, "111" );
$regmail = str_replace( "{#user#}", $user, $regmail );
$regmail = str_replace( "{#password#}", $password, $regmail );
$msql->query( "insert into {P}_member_msn set\r\n\t\t\t`body`='{$regmail}',\r\n\t\t\t`tomemberid`='{$memberid}',\r\n\t\t\t`frommemberid`='0',\r\n\t\t\t`dtime`='{$regtime}',\r\n\t\t\t`iflook`='0'\r\n\t\t" );
include( ROOTPATH."includes/ebmail.inc.php" );
ebmail( $email, $GLOBALS['CONF']['SiteEmail'], $membertype.$strRegNotice11, $regmail );
$fsql->query( "select * from {P}_member_rights where memberid='{$memberid}' and securetype='con'" );
if ( $fsql->next_record( ) )
{
$consecure = $fsql->f( "secureset" );
}
$md5 = md5( $user."76|01|14".$memberid.$membertype.$consecure );
setcookie( "MUSER", $user );
setcookie( "MEMBERPNAME", $user );
setcookie( "MEMBERID", $memberid );
setcookie( "MEMBERTYPE", $membertype );
setcookie( "MEMBERTYPEID", $membertypeid );
setcookie( "ZC", $md5 );
setcookie( "SE", $consecure );
if ( $GLOBALS['MEMBERCONF']['UC_OPEN'] == "1" )
{
$uid = uc_user_register( $user, $password, $email );
if ( $uid <= 0 )
{
if ( $uid == 0 - 1 )
{
echo $strUCREGNTC1;
exit( );
}
else if ( $uid == 0 - 2 )
{
echo $strUCREGNTC2;
exit( );
}
else if ( $uid == 0 - 3 )
{
echo $strUCREGNTC3;
exit( );
}
else if ( $uid == 0 - 4 )
{
echo $strUCREGNTC4;
exit( );
}
else if ( $uid == 0 - 5 )
{
echo $strUCREGNTC5;
exit( );
}
else if ( $uid == 0 - 6 )
{
echo $strUCREGNTC6;
exit( );
}
else
{
echo $strUCREGNTC7;
exit( );
}
}
else
{
uc_user_login( $user, $password );
}
}
echo "OK";
exit( );
break;
case "memberlogin" :
$muser = $_POST['muser'];
$mpass = $_POST['mpass'];
$from = $_POST['from'];
$ImgCode = $_POST['ImgCode'];
if ( $muser == "" || $mpass == "" )
{
echo $strLoginNotice1;
exit( );
}
else
{
$Ic = $_COOKIE['CODEIMG'];
$Ic = strrev( $Ic ) + 5 * 2 - 9;
$Ic = substr( $Ic, 0, 4 );
if ( $ImgCode == "" || $Ic != $ImgCode )
{
echo $strIcErr;
exit( );
}
if ( $GLOBALS['MEMBERCONF']['UC_OPEN'] == "1" )
{
if ( file_exists( ROOTPATH."api/uc_api/uc_client/client.php" ) && file_exists( ROOTPATH."api/uc_api/api.inc.php" ) )
{
include( ROOTPATH."api/uc_api/api.inc.php" );
include( ROOTPATH."api/uc_api/uc_client/client.php" );
list( $uid, $username, $password, $email ) = uid;
if ( 0 < $uid )
{
$msql->query( "select * from {P}_member where user='{$muser}'" );
if ( $msql->next_record( ) )
{
}
else
{
$membertypeid = $GLOBALS['MEMBERCONF']['UC_MEMBERTYPEID'];
$fsql->query( "select * from {P}_member_type where membertypeid='{$membertypeid}'" );
if ( $fsql->next_record( ) )
{
$membergroupid = $fsql->f( "membergroupid" );
$membertype = $fsql->f( "membertype" );
$ifchecked = $fsql->f( "ifchecked" );
$expday = $fsql->f( "expday" );
$regmail = $fsql->f( "regmail" );
}
$regtime = time( );
if ( $expday != 0 )
{
$tm = $expday * 24 * 60 * 60;
$exptime = $regtime + $tm;
}
else
{
$exptime = 0;
}
$ip = $_SERVER['REMOTE_ADDR'];
$passwd = md5( $mpass );
$fsql->query( "insert into {P}_member set\r\n\r\n\t\t\t\t\t\t\t\t\t membertypeid='{$membertypeid}',\r\n\t\t\t\t\t\t\t\t\t membergroupid='{$membergroupid}',\r\n\t\t\t\t\t\t\t\t\t user='{$muser}',\r\n\t\t\t\t\t\t\t\t\t password='{$passwd}',\r\n\t\t\t\t\t\t\t\t\t email='{$email}',\r\n\t\t\t\t\t\t\t\t\t pname='{$muser}',\r\n\t\t\t\t\t\t\t\t\t signature='',\r\n\t\t\t\t\t\t\t\t\t nowface='1',\r\n\t\t\t\t\t\t\t\t\t checked='{$ifchecked}',\r\n\t\t\t\t\t\t\t\t\t regtime='{$regtime}',\r\n\t\t\t\t\t\t\t\t\t exptime='{$exptime}',\r\n\t\t\t\t\t\t\t\t\t ip='{$ip}'\r\n\t\t\t\t\t\t\t\t\t" );
$memberid = $fsql->instid( );
$fsql->query( "delete from {P}_member_rights where memberid='{$memberid}'" );
$fsql->query( "select * from {P}_member_defaultrights where membertypeid='{$membertypeid}'" );
while ( $fsql->next_record( ) )
{
$secureid = $fsql->f( "secureid" );
$securetype = $fsql->f( "securetype" );
$secureset = $fsql->f( "secureset" );
$tsql->query( "insert into {P}_member_rights values(\r\n\t\t\t\t\t\t\t\t\t\t0,\r\n\t\t\t\t\t\t\t\t\t '{$memberid}',\r\n\t\t\t\t\t\t\t\t\t '{$secureid}',\r\n\t\t\t\t\t\t\t\t\t '{$securetype}',\r\n\t\t\t\t\t\t\t\t\t '{$secureset}'\r\n\t\t\t\t\t\t\t\t\t\t)" );
}
$regmail = str_replace( "{#user#}", $muser, $regmail );
$regmail = str_replace( "{#password#}", $mpass, $regmail );
$fsql->query( "insert into {P}_member_msn set\r\n\t\t\t\t\t\t\t\t\t\t`body`='{$regmail}',\r\n\t\t\t\t\t\t\t\t\t\t`tomemberid`='{$memberid}',\r\n\t\t\t\t\t\t\t\t\t\t`frommemberid`='0',\r\n\t\t\t\t\t\t\t\t\t\t`dtime`='{$regtime}',\r\n\t\t\t\t\t\t\t\t\t\t`iflook`='0'\r\n\t\t\t\t\t\t\t\t\t" );
}
}
else if ( $uid == 0 - 1 )
{
$uc_addmember = "YES";
}
else
{
$uc_addmember = "";
}
}
else
{
echo $strUCNTC1;
exit( );
}
}
$mdpass = md5( $mpass );
$msql->query( "select * from {P}_member where user='{$muser}' and password='{$mdpass}'" );
if ( $msql->next_record( ) )
{
$checked = $msql->f( "checked" );
$exptime = $msql->f( "exptime" );
$memberid = $msql->f( "memberid" );
$membertypeid = $msql->f( "membertypeid" );
$pname = $msql->f( "pname" );
$email = $msql->f( "email" );
$nowtime = time( );
if ( $exptime != 0 && $exptime < $nowtime )
{
echo $strLoginNotice3;
exit( );
}
$ip = $_SERVER['REMOTE_ADDR'];
$fsql->query( "update {P}_member set logincount=logincount+1,logintime='{$nowtime}',loginip='{$ip}' where memberid='{$memberid}'" );
$fsql->query( "select membertype from {P}_member_type where membertypeid='{$membertypeid}'" );
if ( $fsql->next_record( ) )
{
$membertype = $fsql->f( "membertype" );
}
$fsql->query( "select * from {P}_member_rights where memberid='{$memberid}' and securetype='con'" );
if ( $fsql->next_record( ) )
{
$consecure = $fsql->f( "secureset" );
}
$md5 = md5( $muser."76|01|14".$memberid.$membertype.$consecure );
setcookie( "MUSER", $muser );
setcookie( "MEMBERPNAME", $pname );
setcookie( "MEMBERID", $memberid );
setcookie( "MEMBERTYPE", $membertype );
setcookie( "MEMBERTYPEID", $membertypeid );
setcookie( "ZC", $md5 );
setcookie( "SE", $consecure );
membercentupdate( $memberid, "114" );
echo "OK";
if ( $GLOBALS['MEMBERCONF']['UC_OPEN'] == "1" )
{
if ( $uc_addmember == "YES" )
{
uc_user_register( $muser, $mpass, $email );
}
if ( 0 < $uid )
{
echo uc_user_synlogin( $uid );
}
}
exit( );
}
else
{
echo $strLoginNotice4;
exit( );
}
}
exit( );
break;
case "memberlogout" :
setcookie( "MUSER" );
setcookie( "MEMBERID" );
setcookie( "MEMBERPNAME" );
setcookie( "MEMBERTYPE" );
setcookie( "MEMBERTYPEID" );
setcookie( "SE" );
setcookie( "ZC" );
echo "OK";
exit( );
break;
case "isLogin" :
if ( isset( $_COOKIE['MUSER'], $_COOKIE['MEMBERID'] ) && isset( $_COOKIE['ZC'] ) && $_COOKIE['MEMBERID'] != "" && $_COOKIE['MUSER'] != "" && $_COOKIE['ZC'] != "" )
{
$md5 = md5( $_COOKIE['MUSER']."76|01|14".$_COOKIE['MEMBERID'].$_COOKIE['MEMBERTYPE'].$_COOKIE['SE'] );
if ( $_COOKIE['ZC'] == $md5 )
{
echo "1";
exit( );
}
else
{
echo "0";
exit( );
}
}
else
{
echo "0";
exit( );
}
break;
case "xieyi" :
$membertypeid = $_POST['membertypeid'];
$msql->query( "select regxy from {P}_member_type where membertypeid='{$membertypeid}'" );
if ( $msql->next_record( ) )
{
$regxy = nl2br( $msql->f( "regxy" ) );
}
echo $regxy;
exit( );
break;
case "getstep" :
$membertypeid = $_POST['membertypeid'];
$nowstep = $_POST['nowstep'];
$str = "";
$i = 0;
$msql->query( "select * from {P}_member_regstep where membertypeid='{$membertypeid}' order by xuhao" );
while ( $msql->next_record( ) )
{
$regstep = $msql->f( "regstep" );
$stepname = $msql->f( "stepname" );
if ( $nowstep == $regstep )
{
$str .= "<li class='stepnow'>".$stepname."</li>";
}
else
{
$str .= "<li class='step'>".$stepname."</li>";
}
$arr[$i] = $regstep;
$i++;
}
if ( $nowstep == "account" )
{
$nextstep = $arr[0];
}
else
{
for ( $p = 0; $p < sizeof( $arr ); $p++ )
{
if ( $arr[$p] == $nowstep )
{
$nextstep = $arr[$p + 1];
}
}
}
if ( $nextstep == "" || $nextstep == null )
{
$nextstep = "enter";
}
$str .= "<input type='hidden' id='nextst' value='".$nextstep."' />";
echo $str;
exit( );
break;
case "imgcode" :
$ImgCode = trim( $_POST['codenum'] );
$Ic = $_COOKIE['CODEIMG'];
$Ic = strrev( $Ic ) + 5 * 2 - 9;
$Ic = substr( $Ic, 0, 4 );
if ( $ImgCode == "" || $Ic != $ImgCode )
{
echo "0";
}
else
{
echo "1";
}
exit( );
break;
case "plusexit" :
setcookie( "PLUSADMIN", "READY" );
echo "OK";
exit( );
break;
case "plusclose" :
setcookie( "PLUSADMIN", "" );
echo "OK";
exit( );
break;
case "plusenter" :
if ( admincheckauth( ) )
{
setcookie( "PLUSADMIN", "SET" );
echo "OK";
}
else
{
echo "NORIGHTS";
}
exit( );
break;
case "plusready" :
if ( admincheckauth( ) )
{
setcookie( "PLUSADMIN", "READY" );
echo "OK";
}
else
{
echo "NORIGHTS";
}
exit( );
break;
case "setcookie" :
$cookietype = $_POST['cookietype'];
$cookiename = $_POST['cookiename'];
switch ( $cookietype )
{
case "new" :
$gid = $_POST['gid'];
$nums = $_POST['nums'];
$fz = $_POST['fz'];
if ( $nums == "" || intval( $nums ) < 1 || ceil( $nums ) != $nums )
{
echo "1000";
exit( );
}
$CART = $gid."|".$nums."|".$fz."#";
setcookie( $cookiename, $CART );
break;
case "add" :
$gid = $_POST['gid'];
$nums = $_POST['nums'];
$fz = $_POST['fz'];
if ( $nums == "" || intval( $nums ) < 1 || ceil( $nums ) != $nums )
{
echo "1000";
exit( );
}
$NEWCART = $gid."|".$nums."|".$fz."#";
$OLDCOOKIE = $_COOKIE[$cookiename];
if ( $OLDCOOKIE == "" )
{
setcookie( $cookiename, $NEWCART );
}
else
{
$array = explode( "#", $OLDCOOKIE );
$tnums = sizeof( $array ) - 1;
$CART = "";
$ifex = "0";
for ( $t = 0; $t < $tnums; $t++ )
{
$fff = explode( "|", $array[$t] );
$oldgid = $fff[0];
$oldacc = $fff[1];
$oldfz = $fff[2];
if ( $gid == $oldgid && $fz == $oldfz )
{
$newacc = $oldacc + $nums;
$CART .= $oldgid."|".$newacc."|".$oldfz."#";
$ifex = "1";
}
else
{
$CART .= $oldgid."|".$oldacc."|".$oldfz."#";
}
}
if ( $ifex != "1" )
{
$CART .= $NEWCART;
}
setcookie( $cookiename, $CART );
}
break;
case "del" :
$gid = $_POST['gid'];
$fz = $_POST['fz'];
$OLDCOOKIE = $_COOKIE[$cookiename];
$array = explode( "#", $OLDCOOKIE );
$tnums = sizeof( $array ) - 1;
$CART = "";
for ( $t = 0; $t < $tnums; $t++ )
{
$fff = explode( "|", $array[$t] );
$oldgid = $fff[0];
$oldacc = $fff[1];
$oldfz = $fff[2];
if ( $gid != $oldgid || $fz != $oldfz )
{
$CART .= $oldgid."|".$oldacc."|".$oldfz."#";
}
}
setcookie( $cookiename, $CART );
break;
case "modi" :
$gid = $_POST['gid'];
$fz = $_POST['fz'];
$nums = $_POST['nums'];
if ( $nums == "" || intval( $nums ) < 1 || ceil( $nums ) != $nums )
{
echo "1000";
exit( );
}
$OLDCOOKIE = $_COOKIE[$cookiename];
$array = explode( "#", $OLDCOOKIE );
$tnums = sizeof( $array ) - 1;
$CART = "";
for ( $t = 0; $t < $tnums; $t++ )
{
$fff = explode( "|", $array[$t] );
$oldgid = $fff[0];
$oldacc = $fff[1];
$oldfz = $fff[2];
if ( $gid == $oldgid && $fz == $oldfz )
{
$CART .= $oldgid."|".$nums."|".$oldfz."#";
}
else
{
$CART .= $oldgid."|".$oldacc."|".$oldfz."#";
}
}
setcookie( $cookiename, $CART );
break;
case "empty" :
setcookie( $cookiename );
break;
}
echo "OK";
exit( );
break;
}
?>