www.gusucode.com > OurPHP傲派企业+电商建站系统PHP版 v1.6.1源码程序 > ourphp_v1.6.1.20160606/client/user/ourphp_play.class.php
<?php /* * Ourphp - CMS建站系统 * Copyright (C) 2014 ourphp.net * 开发者:哈尔滨伟成科技有限公司 */ include '../../config/ourphp_code.php'; include '../../config/ourphp_config.php'; include '../../config/ourphp_Language.php'; include '../../function/ourphp_function.class.php'; function ourphp_usercontrol(){ $sql = "select a.`OP_Userreg`,a.`OP_Userlogin`,a.`OP_Usergroup`,a.`OP_Usermoney`,a.`OP_Useripoff` ,b.`OP_Ucenter` from `ourphp_usercontrol` a , `ourphp_webdeploy` b where a.`id` = 1 && b.`id` = 1"; $query=mysql_query($sql); $ourphp_rs=mysql_fetch_array($query); $rows = array( 'regoff' => $ourphp_rs[0], 'loginoff' => $ourphp_rs[1], 'group' => $ourphp_rs[2], 'money' => explode("|",$ourphp_rs[3]), 'ipoff' => $ourphp_rs[4], 'ucenter' => $ourphp_rs[5], ); return $rows; mysql_free_result($query); } session_start(); date_default_timezone_set('Asia/Shanghai'); //设置时区 $ValidateCode = $_SESSION["code"]; //验证码 没搞明白为毛要写在这里才可以兼容其它虚拟主机 $ourphp_usercontrol = ourphp_usercontrol(); $inputno = $ourphp_adminfont['inputno']; $code = $ourphp_adminfont['code']; $passwordto = $ourphp_adminfont['passwordto']; $regyes = $ourphp_adminfont['regyes']; $usernameyes = $ourphp_adminfont['usernameyes']; $userip = $ourphp_adminfont['userip']; $userloginno = $ourphp_adminfont['userloginno']; $upok = $ourphp_adminfont['upok']; $usernameno = $ourphp_adminfont['usernameno']; $mailsend = $ourphp_adminfont['mailsend']; $accessno = $ourphp_adminfont['accessno']; $mobilecode = $ourphp_adminfont['mobilecode']; //处理注册用户 if(empty($_GET["ourphp_cms"])){ exit('no!'); }elseif($_GET["ourphp_cms"] == 'reg'){ if(strlen($_POST["OP_Useremail"])>40){ exit("<script language=javascript> alert('".$usernameyes."');history.go(-1);</script>"); } if ($_POST["OP_Useremail"] == '' || $_POST["OP_Userpass"] == '' || $_POST["OP_Userpass2"] == '' || $_POST["OP_Username"] == '' || $_POST["OP_Usertel"] == '' || $_POST["OP_Useranswer"] == ''){ exit("<script language=javascript> alert('".$inputno."');history.go(-1);</script>"); }elseif ($_POST["OP_Userpass"] != $_POST["OP_Userpass2"]){ exit("<script language=javascript> alert('".$passwordto."');history.go(-1);</script>"); }elseif ($_POST["code"] != $ValidateCode){ exit("<script language=javascript> alert('".$code."');history.go(-1);</script>"); } $op = $db -> plugsclass("手机短信API接口","regsms"); if($op == "200"){ if($_POST['mobilecode'] != $_SESSION['mobilecode']){ exit("<script language=javascript> alert('".$mobilecode."');history.go(-1);</script>"); } } $query=mysql_query("SELECT OP_Useremail FROM `ourphp_user` WHERE `OP_Useremail` = '".dowith_sql($_POST["OP_Useremail"])."'"); $num=mysql_num_rows($query); if ($num != 0){ exit("<script language=javascript> alert('".$usernameyes."');history.go(-1);</script>"); }else{ if ($ourphp_usercontrol['ipoff'] == 1){ $query=mysql_query("SELECT id FROM `ourphp_user` WHERE `OP_Userip` = '".dowith_sql($_POST["ip"])."'"); $num=mysql_num_rows($query); if ($num != 0){ exit("<script language=javascript> alert('".$userip."');history.go(-1);</script>"); } } if(dowith_sql($_POST["introducer"]) == ''){ $introducer = ''; }else{ $queryto=mysql_query("SELECT `OP_Useremail` FROM `ourphp_user` WHERE `id` = ".intval($_POST["introducer"])); $num=mysql_num_rows($queryto); if ($num != 0){ $query=mysql_query("update `ourphp_user` set `OP_Usermoney` = `OP_Usermoney` + ".$ourphp_usercontrol['money'][2].", `OP_Userintegral` = `OP_Userintegral` + ".$ourphp_usercontrol['money'][3]." where id = ".intval($_POST["introducer"])); $ourphp_rs = mysql_fetch_array($queryto); $introducer = $ourphp_rs[0]; }else{ $introducer = ''; } } $sql="insert into `ourphp_user` set `OP_Useremail` = '".dowith_sql($_POST["OP_Useremail"])."', `OP_Userpass` = '".dowith_sql(substr(md5(md5($_REQUEST["OP_Userpass"])),0,16))."', `OP_Username` = '".dowith_sql($_POST["OP_Username"])."', `OP_Usertel` = '".dowith_sql($_POST["OP_Usertel"])."', `OP_Userqq` = '".dowith_sql($_POST["OP_Userqq"])."', `OP_Userskype` = '".dowith_sql($_POST["OP_Userskype"])."', `OP_Useraliww` = '".dowith_sql($_POST["OP_Useraliww"])."', `OP_Useradd` = '".dowith_sql($_POST["OP_Useradd"])."', `OP_Userclass` = '".$ourphp_usercontrol['group']."', `OP_Usersource` = '".$introducer."', `OP_Usermoney` = '".$ourphp_usercontrol['money'][0]."', `OP_Userintegral` = '".$ourphp_usercontrol['money'][1]."', `OP_Userip` = '".dowith_sql($_POST["ip"])."', `OP_Userproblem` = '".dowith_sql($_POST["OP_Userproblem"])."', `OP_Useranswer` = '".dowith_sql($_POST["OP_Useranswer"])."', `OP_Userstatus` = 1, `OP_Usertext` = '".dowith_sql($_POST["OP_Usertext"])."', `OP_Usercode` = '".randomkeys(18)."', `time` = '".date("Y-m-d H:i:s")."' "; $query=mysql_query($sql); //处理Ucenter if($ourphp_usercontrol['ucenter'] == 1){ include_once '../../config.inc.php'; include_once '../../uc_client/client.php'; $OP_Useremail = dowith_sql($_POST["OP_Useremail"]); $OP_Userpass = dowith_sql($_REQUEST["OP_Userpass"]); $OP_Username = dowith_sql($_POST["OP_Username"]); $uid = uc_user_register("$OP_Username", "$OP_Userpass", "$OP_Useremail"); if ($uid <= 0) { if ($uid == -1) { exit("<script language=javascript> alert('姓名不合法');history.go(-1);</script>"); } elseif ($uid == -2) { exit("<script language=javascript> alert('包含要允许注册的词语');history.go(-1);</script>"); } elseif ($uid == -3) { exit("<script language=javascript> alert('姓名已经存在');history.go(-1);</script>"); } elseif ($uid == -4) { exit("<script language=javascript> alert('Email 格式有误');history.go(-1);</script>"); } elseif ($uid == -5) { exit("<script language=javascript> alert('Email 不允许注册');history.go(-1);</script>"); } elseif ($uid == -6) { exit("<script language=javascript> alert('该 Email 已经被注册');history.go(-1);</script>"); } else { echo '未定义'; } } else { echo ''; //注册成功 } } //注册成功,邮件提醒 $ourphp_mail = 'reguser'; $OP_Useremail = dowith_sql($_POST["OP_Useremail"]); $OP_Userpass = dowith_sql($_POST["OP_Userpass"]); $OP_Username = dowith_sql($_POST["OP_Username"]); include '../../function/ourphp_mail.class.php'; echo "<script language=javascript> alert('".$regyes."');location.replace('".$ourphp_webpath."client/user/?".$_POST["lang"]."-login.html');</script>"; exit; } //处理会员登录 }elseif($_GET["ourphp_cms"] == 'login'){ if ($_POST["code"] != $ValidateCode){ exit("<script language=javascript> alert('".$code."');history.go(-1);</script>"); } $loginerror = $ourphp_adminfont['loginerror']; $query=mysql_query("SELECT `id`,`OP_Useremail`,`OP_Userpass`,`OP_Userstatus`,`OP_Username` FROM `ourphp_user` WHERE `OP_Useremail` = '".dowith_sql($_POST["OP_Useremail"])."' and `OP_Userpass` = '".dowith_sql(substr(md5(md5($_REQUEST["OP_Userpass"])),0,16))."'"); $num=mysql_num_rows($query); if ($num < 1){ exit("<script language=javascript> alert('".$loginerror."');history.go(-1);</script>"); }else{ $ourphp_rs = mysql_fetch_array($query); if($ourphp_rs[3] == 2){ exit("<script language=javascript> alert('".$userloginno."');history.go(-1);</script>"); } $_SESSION['username'] = $ourphp_rs[1]; $_SESSION['name'] = $ourphp_rs[4]; //处理Ucenter if($ourphp_usercontrol['ucenter'] == 1){ include_once '../../config.inc.php'; include_once '../../uc_client/client.php'; $OP_Userpass = dowith_sql($_REQUEST["OP_Userpass"]); $OP_Username = $ourphp_rs[4]; list($uid, $username, $password, $email) = uc_user_login("$OP_Username", "$OP_Userpass"); if($uid > 0) { //echo '登录成功'.$uid; echo uc_user_synlogin($uid); } elseif($uid == -1) { //echo '用户不存在,或者被删除'; } elseif($uid == -2) { //echo '密码错'; } else { //echo '未定义'; } } echo "<script>location.href='".$ourphp_webpath."client/user/';</script>"; } mysql_close($conn); //退出 }elseif($_GET["ourphp_cms"] == 'out'){ unset($_SESSION['username']); //处理Ucenter if($ourphp_usercontrol['ucenter'] == 1){ include_once '../../config.inc.php'; include_once '../../uc_client/client.php'; echo uc_user_synlogout(); } echo "<script language=javascript> location.replace('".$ourphp_webpath."client/user/?".$_GET["lang"]."-login.html');</script>"; //修改资料 }elseif($_GET["ourphp_cms"] == 'edit'){ if ($_POST["OP_Username"] == '' || $_POST["OP_Usertel"] == '' || $_POST["OP_Useranswer"] == '' || $_POST["code"] == ''){ exit("<script language=javascript> alert('".$inputno."');history.go(-1);</script>"); }elseif ($_POST["OP_Userpass"] != $_POST["OP_Userpass2"]){ exit("<script language=javascript> alert('".$passwordto."');history.go(-1);</script>"); }elseif ($_POST["code"] != $ValidateCode){ exit("<script language=javascript> alert('".$code."');history.go(-1);</script>"); } if ($_POST["OP_Userpass"] == '' && $_POST["OP_Userpass2"] == ''){ $password = dowith_sql($_POST["password"]); }else{ if ($_POST["OP_Userpass"] != $_POST["OP_Userpass2"]){ exit("<script language=javascript> alert('".$passwordto."');history.go(-1);</script>"); } $password = dowith_sql(substr(md5(md5($_REQUEST["OP_Userpass"])),0,16)); } $sql="update `ourphp_user` set `OP_Userpass` = '".$password."', `OP_Username` = '".dowith_sql($_POST["OP_Username"])."', `OP_Usertel` = '".dowith_sql($_POST["OP_Usertel"])."', `OP_Userqq` = '".dowith_sql($_POST["OP_Userqq"])."', `OP_Userskype` = '".dowith_sql($_POST["OP_Userskype"])."', `OP_Useraliww` = '".dowith_sql($_POST["OP_Useraliww"])."', `OP_Useradd` = '".dowith_sql($_POST["OP_Useradd"])."', `OP_Useranswer` = '".dowith_sql($_POST["OP_Useranswer"])."', `OP_Usertext` = '".dowith_sql($_POST["OP_Usertext"])."', `OP_Usercode` = '".randomkeys(18)."' WHERE `OP_Useremail` = '".$_SESSION['username']."' and `OP_Usercode` = '".dowith_sql($_POST["usercode"])."'"; $query=mysql_query($sql); echo "<script language=javascript> alert('".$upok."');location.replace('".$ourphp_webpath."client/user/?".$_POST["lang"]."-useredit.html');</script>"; exit; //处理站内邮件 }elseif($_GET["ourphp_cms"] == 'mail'){ $query=mysql_query("SELECT id FROM `ourphp_user` WHERE `OP_Useremail` = '".dowith_sql($_POST["OP_Usercollect"])."'"); $num=mysql_num_rows($query); if ($num < 1){ exit("<script language=javascript> alert('".$usernameno."');history.go(-1);</script>"); }else{ if (dowith_sql($_POST["OP_Usercollect"]) == $_SESSION['username']){ exit("<script language=javascript> alert('".$accessno."');history.go(-1);</script>"); } $sql="insert into `ourphp_usermessage` set `OP_Usersend` = '".$_SESSION['username']."', `OP_Usercollect` = '".dowith_sql($_POST["OP_Usercollect"])."', `OP_Usercontent` = '".dowith_sql($_POST["OP_Usercontent"])."', `time` = '".date("Y-m-d H:i:s")."'"; $query=mysql_query($sql); echo "<script language=javascript> alert('".$mailsend."');location.replace('".$ourphp_webpath."client/user/?".$_POST["lang"]."-usermail.html');</script>"; exit; } }elseif($_GET["ourphp_cms"] == 'integral'){ $query=mysql_query("SELECT `id`,`OP_Iintegral`,`OP_Iid` FROM `ourphp_integral` WHERE `id` = '".intval($_GET["id"])."' && OP_Iuseremail = '".$_SESSION['username']."' && `OP_Iconfirm` = 0"); $ourphp_rs = mysql_fetch_array($query); $num=mysql_num_rows($query); if ($num < 1){ exit("<script language=javascript> alert('".$accessno."');history.go(-1);</script>"); }else{ $sql="update `ourphp_integral` set `OP_Iconfirm` = 1,`OP_ITime` = '".date("Y-m-d H:i:s")."' where `id` = '".intval($_GET["id"])."' && OP_Iuseremail = '".$_SESSION['username']."'"; $query=mysql_query($sql); $sqlto="update `ourphp_user` set `OP_Userintegral` = `OP_Userintegral` + ".$ourphp_rs[1]." where `OP_Useremail` = '".$_SESSION['username']."'"; $query=mysql_query($sqlto); $sqlth="insert into `ourphp_userpay` set `OP_Useremail` = '".$_SESSION['username']."', `OP_Usermoney` = 0, `OP_Userintegral` = '".$ourphp_rs[1]."', `OP_Usercontent` = '领取商品赠送积分<br>商品id:".$ourphp_rs[2]."', `OP_Useradmin` = '".$_SESSION['username']."', `time` = '".date("Y-m-d H:i:s")."' "; $query=mysql_query($sqlth); echo "<script language=javascript> location.replace('".$ourphp_webpath."client/user/?".$_GET["lang"]."-userintegral.html');</script>"; exit; } } ?>