www.gusucode.com > 4113网博士成品网站管理系统 PHP网站源码程序 > 4113/4113/post.php
<?php /*********************/ /* */ /* Version : 5.1.0 */ /* Author : RM */ /* Comment : 85wu */ /* */ /*********************/ define( "ROOTPATH", "" ); include( ROOTPATH."includes/common.inc.php" ); include( ROOTPATH."member/language/".$sLan.".php" ); include( ROOTPATH."member/includes/member.inc.php" ); $act = $_POST['act']; switch ( $act ) { case "adminlogin" : $user = mysql_real_escape_string($_POST['user']); $password = mysql_real_escape_string($_POST['password']); $ImgCode = $_POST['ImgCode']; if ( $user == "" || $password == "" ) { echo $strAdminLoginErr1; exit( ); } $frm = $_POST['frm']; if ( $frm != "MC" ) { $ImgCode = $_POST['ImgCode']; $Ic = $_COOKIE['CODEIMG']; $Ic = strrev( $Ic ) + 5 * 2 - 9; $Ic = substr( $Ic, 0, 4 ); if ( $ImgCode == "" || $Ic != $ImgCode ) { echo $strAdminLoginErr3; exit( ); } } $md5pass = md5( $password ); $msql->query( "select * from {P}_base_admin where user='{$user}' and password='{$md5pass}'" ); if ( $msql->next_record( ) ) { $sysuserid = $msql->f( "id" ); $psd = $msql->f( "password" ); $name = $msql->f( "name" ); $tm = time( ); $md5 = md5( $user."l0aZXUYJ876Mn5rQoL55B".$psd.$tm ); setcookie( "SYSZC", $md5 ); setcookie( "SYSUSER", $user ); setcookie( "SYSNAME", $name ); setcookie( "SYSUSERID", $sysuserid ); setcookie( "SYSTM", $tm ); echo "OK"; exit( ); } else { echo $strAdminLoginErr2; exit( ); } break; case "adminlogout" : setcookie( "SYSUSER" ); setcookie( "SYSZC" ); setcookie( "SYSTM" ); setcookie( "SYSNAME" ); setcookie( "PLUSADMIN", "" ); echo "OK"; exit( ); break; case "memberreg" : $membertypeid = $_REQUEST['membertypeid']; $user = htmlspecialchars( $_POST['user'] ); $password = htmlspecialchars( $_POST['password'] ); $repass = htmlspecialchars( $_POST['repass'] ); $email = htmlspecialchars( $_POST['email'] ); $ImgCode = $_POST['ImgCode']; $fsql->query( "select * from {P}_member_type where membertypeid='{$membertypeid}'" ); if ( $fsql->next_record( ) ) { $membergroupid = $fsql->f( "membergroupid" ); $membertype = $fsql->f( "membertype" ); $ifcanreg = $fsql->f( "ifcanreg" ); $ifchecked = $fsql->f( "ifchecked" ); $regmail = $fsql->f( "regmail" ); $expday = $fsql->f( "expday" ); } if ( $ifcanreg != "1" ) { echo $strRegNotice10; exit( ); } if ( strlen( $user ) < 5 || 20 < strlen( $user ) ) { echo $strRegNotice4; exit( ); } if ( !eregi( "^[0-9a-z]{1,20}\$", $user ) ) { echo $strRegNotice5; exit( ); } if ( !eregi( "^[0-9a-z]{1,20}\$", $password ) ) { echo $strRegNotice6; exit( ); } if ( strlen( $password ) < 5 || 20 < strlen( $password ) ) { echo $strRegNotice7; exit( ); } if ( $password != $repass ) { echo $strRegNotice8; exit( ); } if ( !eregi( "^[_.0-9a-z-]+@([0-9a-z][0-9a-z-]+.)+[a-z]{2,3}\$", $email ) ) { echo $strRegNotice9; exit( ); } $fsql->query( "select memberid from {P}_member where user='{$user}'" ); if ( $fsql->next_record( ) ) { echo $strRegNotice2; exit( ); } if ( $GLOBALS['MEMBERCONF']['UC_OPEN'] == "1" ) { if ( file_exists( ROOTPATH."api/uc_api/uc_client/client.php" ) && file_exists( ROOTPATH."api/uc_api/api.inc.php" ) ) { include( ROOTPATH."api/uc_api/api.inc.php" ); include( ROOTPATH."api/uc_api/uc_client/client.php" ); if ( uc_get_user( $user ) ) { echo $strUCNTC2; exit( ); } } else { echo $strUCNTC1; exit( ); } } $Ic = $_COOKIE['CODEIMG']; $Ic = strrev( $Ic ) + 5 * 2 - 9; $Ic = substr( $Ic, 0, 4 ); if ( $ImgCode == "" || $Ic != $ImgCode ) { echo $strIcErr; exit( ); } $regtime = time( ); if ( $expday != 0 ) { $tm = $expday * 24 * 60 * 60; $exptime = $regtime + $tm; } else { $exptime = 0; } $ip = $_SERVER['REMOTE_ADDR']; $passwd = md5( $password ); $msql->query( "insert into {P}_member set\r\n\r\n\t\t membertypeid='{$membertypeid}',\r\n\t\t membergroupid='{$membergroupid}',\r\n\t\t user='{$user}',\r\n\t\t password='{$passwd}',\r\n\t\t email='{$email}',\r\n\t\t pname='{$user}',\r\n\t\t signature='{$signature}',\r\n\t\t nowface='1',\r\n\t\t checked='{$ifchecked}',\r\n\t\t regtime='{$regtime}',\r\n\t\t exptime='{$exptime}',\r\n\t\t ip='{$ip}',\r\n\t\t logincount='1',\r\n\t\t logintime='{$regtime}',\r\n\t\t loginip='{$ip}'\r\n\t\t" ); $memberid = $msql->instid( ); $msql->query( "delete from {P}_member_rights where memberid='{$memberid}'" ); $msql->query( "select * from {P}_member_defaultrights where membertypeid='{$membertypeid}'" ); while ( $msql->next_record( ) ) { $secureid = $msql->f( "secureid" ); $securetype = $msql->f( "securetype" ); $secureset = $msql->f( "secureset" ); $fsql->query( "insert into {P}_member_rights values(\r\n\t\t\t0,\r\n\t\t '{$memberid}',\r\n\t\t '{$secureid}',\r\n\t\t '{$securetype}',\r\n\t\t '{$secureset}'\r\n\t\t\t)" ); } membercentupdate( $memberid, "111" ); $regmail = str_replace( "{#user#}", $user, $regmail ); $regmail = str_replace( "{#password#}", $password, $regmail ); $msql->query( "insert into {P}_member_msn set\r\n\t\t\t`body`='{$regmail}',\r\n\t\t\t`tomemberid`='{$memberid}',\r\n\t\t\t`frommemberid`='0',\r\n\t\t\t`dtime`='{$regtime}',\r\n\t\t\t`iflook`='0'\r\n\t\t" ); include( ROOTPATH."includes/ebmail.inc.php" ); ebmail( $email, $GLOBALS['CONF']['SiteEmail'], $membertype.$strRegNotice11, $regmail ); $fsql->query( "select * from {P}_member_rights where memberid='{$memberid}' and securetype='con'" ); if ( $fsql->next_record( ) ) { $consecure = $fsql->f( "secureset" ); } $md5 = md5( $user."76|01|14".$memberid.$membertype.$consecure ); setcookie( "MUSER", $user ); setcookie( "MEMBERPNAME", $user ); setcookie( "MEMBERID", $memberid ); setcookie( "MEMBERTYPE", $membertype ); setcookie( "MEMBERTYPEID", $membertypeid ); setcookie( "ZC", $md5 ); setcookie( "SE", $consecure ); if ( $GLOBALS['MEMBERCONF']['UC_OPEN'] == "1" ) { $uid = uc_user_register( $user, $password, $email ); if ( $uid <= 0 ) { if ( $uid == 0 - 1 ) { echo $strUCREGNTC1; exit( ); } else if ( $uid == 0 - 2 ) { echo $strUCREGNTC2; exit( ); } else if ( $uid == 0 - 3 ) { echo $strUCREGNTC3; exit( ); } else if ( $uid == 0 - 4 ) { echo $strUCREGNTC4; exit( ); } else if ( $uid == 0 - 5 ) { echo $strUCREGNTC5; exit( ); } else if ( $uid == 0 - 6 ) { echo $strUCREGNTC6; exit( ); } else { echo $strUCREGNTC7; exit( ); } } else { uc_user_login( $user, $password ); } } echo "OK"; exit( ); break; case "memberlogin" : $muser = $_POST['muser']; $mpass = $_POST['mpass']; $from = $_POST['from']; $ImgCode = $_POST['ImgCode']; if ( $muser == "" || $mpass == "" ) { echo $strLoginNotice1; exit( ); } else { $Ic = $_COOKIE['CODEIMG']; $Ic = strrev( $Ic ) + 5 * 2 - 9; $Ic = substr( $Ic, 0, 4 ); if ( $ImgCode == "" || $Ic != $ImgCode ) { echo $strIcErr; exit( ); } if ( $GLOBALS['MEMBERCONF']['UC_OPEN'] == "1" ) { if ( file_exists( ROOTPATH."api/uc_api/uc_client/client.php" ) && file_exists( ROOTPATH."api/uc_api/api.inc.php" ) ) { include( ROOTPATH."api/uc_api/api.inc.php" ); include( ROOTPATH."api/uc_api/uc_client/client.php" ); list( $uid, $username, $password, $email ) = uid; if ( 0 < $uid ) { $msql->query( "select * from {P}_member where user='{$muser}'" ); if ( $msql->next_record( ) ) { } else { $membertypeid = $GLOBALS['MEMBERCONF']['UC_MEMBERTYPEID']; $fsql->query( "select * from {P}_member_type where membertypeid='{$membertypeid}'" ); if ( $fsql->next_record( ) ) { $membergroupid = $fsql->f( "membergroupid" ); $membertype = $fsql->f( "membertype" ); $ifchecked = $fsql->f( "ifchecked" ); $expday = $fsql->f( "expday" ); $regmail = $fsql->f( "regmail" ); } $regtime = time( ); if ( $expday != 0 ) { $tm = $expday * 24 * 60 * 60; $exptime = $regtime + $tm; } else { $exptime = 0; } $ip = $_SERVER['REMOTE_ADDR']; $passwd = md5( $mpass ); $fsql->query( "insert into {P}_member set\r\n\r\n\t\t\t\t\t\t\t\t\t membertypeid='{$membertypeid}',\r\n\t\t\t\t\t\t\t\t\t membergroupid='{$membergroupid}',\r\n\t\t\t\t\t\t\t\t\t user='{$muser}',\r\n\t\t\t\t\t\t\t\t\t password='{$passwd}',\r\n\t\t\t\t\t\t\t\t\t email='{$email}',\r\n\t\t\t\t\t\t\t\t\t pname='{$muser}',\r\n\t\t\t\t\t\t\t\t\t signature='',\r\n\t\t\t\t\t\t\t\t\t nowface='1',\r\n\t\t\t\t\t\t\t\t\t checked='{$ifchecked}',\r\n\t\t\t\t\t\t\t\t\t regtime='{$regtime}',\r\n\t\t\t\t\t\t\t\t\t exptime='{$exptime}',\r\n\t\t\t\t\t\t\t\t\t ip='{$ip}'\r\n\t\t\t\t\t\t\t\t\t" ); $memberid = $fsql->instid( ); $fsql->query( "delete from {P}_member_rights where memberid='{$memberid}'" ); $fsql->query( "select * from {P}_member_defaultrights where membertypeid='{$membertypeid}'" ); while ( $fsql->next_record( ) ) { $secureid = $fsql->f( "secureid" ); $securetype = $fsql->f( "securetype" ); $secureset = $fsql->f( "secureset" ); $tsql->query( "insert into {P}_member_rights values(\r\n\t\t\t\t\t\t\t\t\t\t0,\r\n\t\t\t\t\t\t\t\t\t '{$memberid}',\r\n\t\t\t\t\t\t\t\t\t '{$secureid}',\r\n\t\t\t\t\t\t\t\t\t '{$securetype}',\r\n\t\t\t\t\t\t\t\t\t '{$secureset}'\r\n\t\t\t\t\t\t\t\t\t\t)" ); } $regmail = str_replace( "{#user#}", $muser, $regmail ); $regmail = str_replace( "{#password#}", $mpass, $regmail ); $fsql->query( "insert into {P}_member_msn set\r\n\t\t\t\t\t\t\t\t\t\t`body`='{$regmail}',\r\n\t\t\t\t\t\t\t\t\t\t`tomemberid`='{$memberid}',\r\n\t\t\t\t\t\t\t\t\t\t`frommemberid`='0',\r\n\t\t\t\t\t\t\t\t\t\t`dtime`='{$regtime}',\r\n\t\t\t\t\t\t\t\t\t\t`iflook`='0'\r\n\t\t\t\t\t\t\t\t\t" ); } } else if ( $uid == 0 - 1 ) { $uc_addmember = "YES"; } else { $uc_addmember = ""; } } else { echo $strUCNTC1; exit( ); } } $mdpass = md5( $mpass ); $msql->query( "select * from {P}_member where user='{$muser}' and password='{$mdpass}'" ); if ( $msql->next_record( ) ) { $checked = $msql->f( "checked" ); $exptime = $msql->f( "exptime" ); $memberid = $msql->f( "memberid" ); $membertypeid = $msql->f( "membertypeid" ); $pname = $msql->f( "pname" ); $email = $msql->f( "email" ); $nowtime = time( ); if ( $exptime != 0 && $exptime < $nowtime ) { echo $strLoginNotice3; exit( ); } $ip = $_SERVER['REMOTE_ADDR']; $fsql->query( "update {P}_member set logincount=logincount+1,logintime='{$nowtime}',loginip='{$ip}' where memberid='{$memberid}'" ); $fsql->query( "select membertype from {P}_member_type where membertypeid='{$membertypeid}'" ); if ( $fsql->next_record( ) ) { $membertype = $fsql->f( "membertype" ); } $fsql->query( "select * from {P}_member_rights where memberid='{$memberid}' and securetype='con'" ); if ( $fsql->next_record( ) ) { $consecure = $fsql->f( "secureset" ); } $md5 = md5( $muser."76|01|14".$memberid.$membertype.$consecure ); setcookie( "MUSER", $muser ); setcookie( "MEMBERPNAME", $pname ); setcookie( "MEMBERID", $memberid ); setcookie( "MEMBERTYPE", $membertype ); setcookie( "MEMBERTYPEID", $membertypeid ); setcookie( "ZC", $md5 ); setcookie( "SE", $consecure ); membercentupdate( $memberid, "114" ); echo "OK"; if ( $GLOBALS['MEMBERCONF']['UC_OPEN'] == "1" ) { if ( $uc_addmember == "YES" ) { uc_user_register( $muser, $mpass, $email ); } if ( 0 < $uid ) { echo uc_user_synlogin( $uid ); } } exit( ); } else { echo $strLoginNotice4; exit( ); } } exit( ); break; case "memberlogout" : setcookie( "MUSER" ); setcookie( "MEMBERID" ); setcookie( "MEMBERPNAME" ); setcookie( "MEMBERTYPE" ); setcookie( "MEMBERTYPEID" ); setcookie( "SE" ); setcookie( "ZC" ); echo "OK"; exit( ); break; case "isLogin" : if ( isset( $_COOKIE['MUSER'], $_COOKIE['MEMBERID'] ) && isset( $_COOKIE['ZC'] ) && $_COOKIE['MEMBERID'] != "" && $_COOKIE['MUSER'] != "" && $_COOKIE['ZC'] != "" ) { $md5 = md5( $_COOKIE['MUSER']."76|01|14".$_COOKIE['MEMBERID'].$_COOKIE['MEMBERTYPE'].$_COOKIE['SE'] ); if ( $_COOKIE['ZC'] == $md5 ) { echo "1"; exit( ); } else { echo "0"; exit( ); } } else { echo "0"; exit( ); } break; case "xieyi" : $membertypeid = $_POST['membertypeid']; $msql->query( "select regxy from {P}_member_type where membertypeid='{$membertypeid}'" ); if ( $msql->next_record( ) ) { $regxy = nl2br( $msql->f( "regxy" ) ); } echo $regxy; exit( ); break; case "getstep" : $membertypeid = $_POST['membertypeid']; $nowstep = $_POST['nowstep']; $str = ""; $i = 0; $msql->query( "select * from {P}_member_regstep where membertypeid='{$membertypeid}' order by xuhao" ); while ( $msql->next_record( ) ) { $regstep = $msql->f( "regstep" ); $stepname = $msql->f( "stepname" ); if ( $nowstep == $regstep ) { $str .= "<li class='stepnow'>".$stepname."</li>"; } else { $str .= "<li class='step'>".$stepname."</li>"; } $arr[$i] = $regstep; $i++; } if ( $nowstep == "account" ) { $nextstep = $arr[0]; } else { for ( $p = 0; $p < sizeof( $arr ); $p++ ) { if ( $arr[$p] == $nowstep ) { $nextstep = $arr[$p + 1]; } } } if ( $nextstep == "" || $nextstep == null ) { $nextstep = "enter"; } $str .= "<input type='hidden' id='nextst' value='".$nextstep."' />"; echo $str; exit( ); break; case "imgcode" : $ImgCode = trim( $_POST['codenum'] ); $Ic = $_COOKIE['CODEIMG']; $Ic = strrev( $Ic ) + 5 * 2 - 9; $Ic = substr( $Ic, 0, 4 ); if ( $ImgCode == "" || $Ic != $ImgCode ) { echo "0"; } else { echo "1"; } exit( ); break; case "plusexit" : setcookie( "PLUSADMIN", "READY" ); echo "OK"; exit( ); break; case "plusclose" : setcookie( "PLUSADMIN", "" ); echo "OK"; exit( ); break; case "plusenter" : if ( admincheckauth( ) ) { setcookie( "PLUSADMIN", "SET" ); echo "OK"; } else { echo "NORIGHTS"; } exit( ); break; case "plusready" : if ( admincheckauth( ) ) { setcookie( "PLUSADMIN", "READY" ); echo "OK"; } else { echo "NORIGHTS"; } exit( ); break; case "setcookie" : $cookietype = $_POST['cookietype']; $cookiename = $_POST['cookiename']; switch ( $cookietype ) { case "new" : $gid = $_POST['gid']; $nums = $_POST['nums']; $fz = $_POST['fz']; if ( $nums == "" || intval( $nums ) < 1 || ceil( $nums ) != $nums ) { echo "1000"; exit( ); } $CART = $gid."|".$nums."|".$fz."#"; setcookie( $cookiename, $CART ); break; case "add" : $gid = $_POST['gid']; $nums = $_POST['nums']; $fz = $_POST['fz']; if ( $nums == "" || intval( $nums ) < 1 || ceil( $nums ) != $nums ) { echo "1000"; exit( ); } $NEWCART = $gid."|".$nums."|".$fz."#"; $OLDCOOKIE = $_COOKIE[$cookiename]; if ( $OLDCOOKIE == "" ) { setcookie( $cookiename, $NEWCART ); } else { $array = explode( "#", $OLDCOOKIE ); $tnums = sizeof( $array ) - 1; $CART = ""; $ifex = "0"; for ( $t = 0; $t < $tnums; $t++ ) { $fff = explode( "|", $array[$t] ); $oldgid = $fff[0]; $oldacc = $fff[1]; $oldfz = $fff[2]; if ( $gid == $oldgid && $fz == $oldfz ) { $newacc = $oldacc + $nums; $CART .= $oldgid."|".$newacc."|".$oldfz."#"; $ifex = "1"; } else { $CART .= $oldgid."|".$oldacc."|".$oldfz."#"; } } if ( $ifex != "1" ) { $CART .= $NEWCART; } setcookie( $cookiename, $CART ); } break; case "del" : $gid = $_POST['gid']; $fz = $_POST['fz']; $OLDCOOKIE = $_COOKIE[$cookiename]; $array = explode( "#", $OLDCOOKIE ); $tnums = sizeof( $array ) - 1; $CART = ""; for ( $t = 0; $t < $tnums; $t++ ) { $fff = explode( "|", $array[$t] ); $oldgid = $fff[0]; $oldacc = $fff[1]; $oldfz = $fff[2]; if ( $gid != $oldgid || $fz != $oldfz ) { $CART .= $oldgid."|".$oldacc."|".$oldfz."#"; } } setcookie( $cookiename, $CART ); break; case "modi" : $gid = $_POST['gid']; $fz = $_POST['fz']; $nums = $_POST['nums']; if ( $nums == "" || intval( $nums ) < 1 || ceil( $nums ) != $nums ) { echo "1000"; exit( ); } $OLDCOOKIE = $_COOKIE[$cookiename]; $array = explode( "#", $OLDCOOKIE ); $tnums = sizeof( $array ) - 1; $CART = ""; for ( $t = 0; $t < $tnums; $t++ ) { $fff = explode( "|", $array[$t] ); $oldgid = $fff[0]; $oldacc = $fff[1]; $oldfz = $fff[2]; if ( $gid == $oldgid && $fz == $oldfz ) { $CART .= $oldgid."|".$nums."|".$oldfz."#"; } else { $CART .= $oldgid."|".$oldacc."|".$oldfz."#"; } } setcookie( $cookiename, $CART ); break; case "empty" : setcookie( $cookiename ); break; } echo "OK"; exit( ); break; } ?>