login.inc.php 08CMS空白站群系统 3.3 繁体 UTF-8 - ASP源码程序

www.gusucode.com > 08CMS空白站群系统 3.3 繁体 UTF-8 > upload/adminm/login.inc.php
    <?
!defined('M_COM') && exit('No Permission');
$forward = empty($forward) ? M_REFERER : $forward;
$memberid && mcmessage(lang('please dont repeat login')."&nbsp;  &nbsp;[<a href=\"adminm.php?action=logout\">".lang('logout')."</a>]");
if($enable_pptin && !empty($pptin_url) && $pptin_login){
	$url = $pptin_url.$pptin_login;
	$url .= (strpos($url,'?') ? '&' : '?').'forward='.rawurlencode($forward);
	header('location:'.$url);
	exit;
}
if(!submitcheck('cmslogin')){
	tabheader(lang('member login')."&nbsp; &nbsp; >><a href=\"?action=lostpwd\">".lang('refind password')."</a>",'cmslogin',"adminm.php?action=login&forward=".rawurlencode($forward),2,0,1);
	trbasic(lang('member cname'),'username');
	trbasic(lang('login password'),'password','','password');
	$submitstr = '';
	$submitstr .= makesubmitstr('username',1,0,0,15);
	$submitstr .= makesubmitstr('password',1,0,0,15);
	$submitstr .= tr_regcode('login');
	tabfooter('cmslogin',lang('login'));
	check_submit_func($submitstr);
}else{
	$username = trim($username);
	if(!regcode_pass('login',empty($regcode) ? '' : trim($regcode))) mcmessage(lang('regcode error'),$forward);
	if(strlen($username) < 3) mcmessage(lang('member cname illegal'),$forward);
	if(!$password || $password != addslashes($password)) mcmessage(lang('password illegal'),$forward);
	$guestexp = '\xA1\xA1|^Guest|^\xD3\xCE\xBF\xCD|\xB9\x43\xAB\xC8';
	if(preg_match("/^\s*$|^c:\\con\\con$|[%,\*\"\s\t\<\>\&]|$guestexp/is", $username)) {
		mcmessage(lang('member cname illegal'),$forward);
	}
	if($enable_uc){
		$in_center = 1;
		include_once M_ROOT.'./include/ucenter/uc.inc.php';
	}
	$md5_password = md5($password);
	if($cmember = $db->fetch_one("SELECT mid,mname,password,email,checked FROM {$tblprefix}members WHERE mname='$username' AND password='$md5_password'")){
		if($cmember['checked'] == 1){
			$memberid = $cmember['mid'];
			msetcookie('userauth', authcode("$md5_password\t$cmember[mid]",'ENCODE'),2592000);
			if($enable_pptout && !empty($pptout_file) && !empty($pptout_url)){
				include M_ROOT.'./include/pptout/'.$pptout_file.'.php';
				header('location:'.$url);
				exit;
			}
			mcmessage(lang('member login succeed'),$forward);
		}elseif($cmember['checked'] == 2){//需要重新激活的会员
			mcmessage(lang('outsite register member , want active !'),'adminm.php?action=memactive&ppt=1&username='.rawurlencode($username).'&password='.rawurlencode($password).'&forward='.rawurlencode($forward));
		}else mcmessage(lang('nocheck member !'),$forward);
	}
	$password = preg_replace("/^(.{".round(strlen($password) / 4)."})(.+?)(.{".round(strlen($password) / 6)."})$/s", "\\1***\\3", $password);
	$record = mhtmlspecialchars(
		$timestamp."\t".
		stripslashes($username)."\t".
		$password."\t".
		$onlineip);
	record2file('badlogin',$record);
	mcmessage(lang('member login failed'),$forward);
}
?>