首页 > CMS > PhpCMS > 正文

【phpcms-v9】会员模块index.php控制器文件分析

2024-09-10 07:15:33
字体:
来源:转载
供稿:网友
  1. <?php   
  2. /**  
  3.  * 会员前台管理中心、账号管理、收藏操作类  
  4.  */   
  5.    
  6. defined('IN_PHPCMS'or exit('No permission resources.');   
  7. pc_base::load_app_class('foreground');//index控制器extends此类文件   
  8. pc_base::load_sys_class('format''', 0);   
  9. pc_base::load_sys_class('form''', 0);//表单生成类   
  10.    
  11. class index extends foreground {   
  12.    
  13.     private $times_db;//主要用来操作会员登录错误次数表:v9_times   
  14.        
  15.     function __construct() {   
  16.         parent::__construct();   
  17.         //如:Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20100101 Firefox/15.0.1    
  18.         $this->http_user_agent = $_SERVER['HTTP_USER_AGENT'];   
  19.     }   
  20.    
  21.     //会员中心首页   
  22.     public function init() {//会员登录成功后才会进入init方法,就member的会员管理中心的默认页面为init所对应的页面   
  23.         $memberinfo = $this->memberinfo;//会员信息:来自于phpcms/modules/member/classes/foreground.class.php文件   
  24.         //初始化phpsso,主要用来返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'   
  25.         $phpsso_api_url = $this->_init_phpsso();   
  26.         //获取头像数组   
  27.         $avatar = $this->client->ps_getavatar($this->memberinfo['phpssouid']);   
  28.            
  29.         //会员组信息   
  30.         $grouplist = getcache('grouplist');   
  31.         //会员组名称   
  32.         $memberinfo['groupname'] = $grouplist[$memberinfo[groupid]]['name'];   
  33.         //会员中心首页   
  34.         include template('member''index');   
  35.     }   
  36.        
  37.     public function register() {   
  38.         //初始化session,加载session_mysql.class.php文件,默认情况下会初始化一个实例   
  39.         $this->_session_start();   
  40.         //加载用户模块配置,如:注册协议等,对应 【后台】-》【用户】-》【会员模块配置】的设置   
  41.         $member_setting = getcache('member_setting');   
  42.         if(!$member_setting['allowregister']) {//是否允许注册   
  43.             //返回禁止注册的提示信息   
  44.             showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login');   
  45.         }   
  46.            
  47.         //获取用户siteid   
  48.         $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;   
  49.         //定义站点id常量   
  50.         if (!defined('SITEID')) {   
  51.            define('SITEID'$siteid);   
  52.         }   
  53.            
  54.         header("Cache-control: private");   
  55.            
  56.         //点击【注册】按钮   
  57.         if(isset($_POST['dosubmit'])) {   
  58.             if (emptyempty($_SESSION['connectid']) && $_SESSION['code'] != strtolower($_POST['code'])) {   
  59.                 showmessage(L('code_error'));   
  60.             }   
  61.             //注册信息   
  62.             $userinfo = array();   
  63.             //生成一个随机字符串   
  64.             $userinfo['encrypt'] = create_randomstr(6);   
  65.             //用户名   
  66.             $userinfo['username'] = (isset($_POST['username']) && is_username($_POST['username'])) ? $_POST['username'] : exit('0');   
  67.             //昵称   
  68.             $userinfo['nickname'] = (isset($_POST['nickname']) && is_username($_POST['nickname'])) ? $_POST['nickname'] : '';   
  69.             //email   
  70.             $userinfo['email'] = (isset($_POST['email']) && is_email($_POST['email'])) ? $_POST['email'] : exit('0');   
  71.             //密码   
  72.             $userinfo['password'] = isset($_POST['password']) ? $_POST['password'] : exit('0');   
  73.                
  74.             $userinfo['email'] = (isset($_POST['email']) && is_email($_POST['email'])) ? $_POST['email'] : exit('0');   
  75.             //会员模型id,会存储在v9_model模型表中   
  76.             $userinfo['modelid'] = isset($_POST['modelid']) ? intval($_POST['modelid']) : 10;   
  77.             //注册ip   
  78.             $userinfo['regip'] = ip();   
  79.             //默认积分   
  80.             $userinfo['point'] = $member_setting['defualtpoint'] ? $member_setting['defualtpoint'] : 0;   
  81.             //默认金钱总额   
  82.             $userinfo['amount'] = $member_setting['defualtamount'] ? $member_setting['defualtamount'] : 0;   
  83.             //注册时间   
  84.             $userinfo['regdate'] = $userinfo['lastdate'] = SYS_TIME;   
  85.             //站点   
  86.             $userinfo['siteid'] = $siteid;   
  87.             $userinfo['connectid'] = isset($_SESSION['connectid']) ? $_SESSION['connectid'] : '';   
  88.             $userinfo['from'] = isset($_SESSION['from']) ? $_SESSION['from'] : '';   
  89.             unset($_SESSION['connectid'], $_SESSION['from']);   
  90.                
  91.             if($member_setting['enablemailcheck']) {    //是否需要邮件验证   
  92.                 $userinfo['groupid'] = 7;               //邮件认证用户组   
  93.             } elseif($member_setting['registerverify']) {   //是否需要管理员审核,默认为否   
  94.                 $userinfo['modelinfo'] = isset($_POST['info']) ? array2string($_POST['info']) : '';   
  95.                 $this->verify_db = pc_base::load_model('member_verify_model');   
  96.                 unset($userinfo['lastdate'],$userinfo['connectid'],$userinfo['from']);   
  97.                 $this->verify_db->insert($userinfo);   
  98.                 showmessage(L('operation_success'), 'index.php?m=member&c=index&a=register&t=3');   
  99.             } else {   
  100.                 //查看当前模型是否开启了短信验证功能,加载:model_field_10.cache.php会员模型缓存文件   
  101.                 $model_field_cache = getcache('model_field_'.$userinfo['modelid'],'model');   
  102.                 //手机号,默认是不存在的   
  103.                 if(isset($model_field_cache['mobile']) && $model_field_cache['mobile']['disabled']==0) {   
  104.                     $mobile = $_POST['info']['mobile'];   
  105.                     if(!preg_match('/^1([0-9]{10})/',$mobile)) showmessage(L('input_right_mobile'));   
  106.                     $sms_report_db = pc_base::load_model('sms_report_model');   
  107.                     $posttime = SYS_TIME-300;   
  108.                     $where = "`mobile`='$mobile' AND `posttime`>'$posttime'";   
  109.                     $r = $sms_report_db->get_one($where);   
  110.                     if(!$r || $r['id_code']!=$_POST['mobile_verify']) showmessage(L('error_sms_code'));   
  111.                 }   
  112.                 //会员组   
  113.                 $userinfo['groupid'] = $this->_get_usergroup_bypoint($userinfo['point']);   
  114.             }   
  115.                
  116.             //使用phpsso的情况   
  117.             if(pc_base::load_config('system''phpsso')) {   
  118.                 //主要用来返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'   
  119.                 $this->_init_phpsso();   
  120.                 //同步注册,如果注册成功,返回会员id   
  121.                 $status = $this->client->ps_member_register($userinfo['username'], $userinfo['password'], $userinfo['email'], $userinfo['regip'], $userinfo['encrypt']);  //Vevb.com 
  122.                 if($status > 0) {   
  123.                     $userinfo['phpssouid'] = $status;//会员id   
  124.                     //传入phpsso为明文密码,加密后存入phpcms_v9   
  125.                     $password = $userinfo['password'];//密码   
  126.                     //password函数:return $pwd['password'] = md5(md5(trim($password)).$pwd['encrypt']);   
  127.                     //数据库中会员密码的组成:两次md5加密+随即字符串   
  128.                     $userinfo['password'] = password($userinfo['password'], $userinfo['encrypt']);   
  129.                     $userid = $this->db->insert($userinfo, 1);//插入v9_member会员表信息   
  130.                     if($member_setting['choosemodel']) {    //如果开启注册时选择模型   
  131.                         //通过模型获取会员信息       
  132.                         //$model_cache = getcache('member_model', 'commons');//获取member_model.cache.php会员模型缓存文件   
  133.                         //$this->db->table_name = $this->db_pre.$model_cache[$this->modelid]['tablename'];//会员模型字段表:v9_member_detail   
  134.                         require_once CACHE_MODEL_PATH.'member_input.class.php';   
  135.                         require_once CACHE_MODEL_PATH.'member_update.class.php';   
  136.                         $member_input = new member_input($userinfo['modelid']);//默认情况下会员模型id为10   
  137.                         $user_model_info = $member_input->get($_POST['info']);//模型字段的值一般都放在info数组中   
  138.                         $user_model_info['userid'] = $userid;   
  139.        
  140.                         //插入会员模型数据   
  141.                         $this->db->set_model($userinfo['modelid']);   
  142.                         $this->db->insert($user_model_info);//插入会员模型表:v9_member_detail数据   
  143.                     }   
  144.                        
  145.                     if($userid > 0) {   
  146.                         //执行登陆操作   
  147.                         if(!$cookietime$get_cookietime = param::get_cookie('cookietime');//是否保存登录信息   
  148.                         $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);   
  149.                         $cookietime = $_cookietime ? TIME + $_cookietime : 0;   
  150.                            
  151.                         //邮件认证用户组   
  152.                         if($userinfo['groupid'] == 7) {   
  153.                             //设置cookie信息   
  154.                             param::set_cookie('_username'$userinfo['username'], $cookietime);   
  155.                             param::set_cookie('email'$userinfo['email'], $cookietime);                               
  156.                         } else {   
  157.                             //设置cookie信息   
  158.                             //'auth_key' => '4s0f9TsT8Y2sHEXMrqnB', //密钥   
  159.                             $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  160.                             $phpcms_auth = sys_auth($userid."/t".$userinfo['password'], 'ENCODE'$phpcms_auth_key);   
  161.                                
  162.                             param::set_cookie('auth'$phpcms_auth$cookietime);   
  163.                             param::set_cookie('_userid'$userid$cookietime);   
  164.                             param::set_cookie('_username'$userinfo['username'], $cookietime);   
  165.                             param::set_cookie('_nickname'$userinfo['nickname'], $cookietime);   
  166.                             param::set_cookie('_groupid'$userinfo['groupid'], $cookietime);   
  167.                             param::set_cookie('cookietime'$_cookietime$cookietime);   
  168.                         }   
  169.                     }   
  170.                     //如果需要邮箱认证   
  171.                     if($member_setting['enablemailcheck']) {   
  172.                         pc_base::load_sys_func('mail');   
  173.                         $phpcms_auth_key = md5(pc_base::load_config('system''auth_key'));   
  174.                         $code = sys_auth($userid.'|'.$phpcms_auth_key'ENCODE'$phpcms_auth_key);   
  175.                         $url = APP_PATH."index.php?m=member&c=index&a=register&code=$code&verify=1";   
  176.                         $message = $member_setting['registerverifymessage'];   
  177.                         $message = str_replace(array('{click}','{url}','{username}','{email}','{password}'), array('<a href="'.$url.'">'.L('please_click').'</a>',$url,$userinfo['username'],$userinfo['email'],$password), $message);   
  178.                         sendmail($userinfo['email'], L('reg_verify_email'), $message);   
  179.                         //设置当前注册账号COOKIE,为第二步重发邮件所用   
  180.                         param::set_cookie('_regusername'$userinfo['username'], $cookietime);   
  181.                         param::set_cookie('_reguserid'$userid$cookietime);   
  182.                         param::set_cookie('_reguseruid'$userinfo['phpssouid'], $cookietime);   
  183.                         showmessage(L('operation_success'), 'index.php?m=member&c=index&a=register&t=2');   
  184.                     } else {   
  185.                         //如果不需要邮箱认证、直接登录其他应用   
  186.                         $synloginstr = $this->client->ps_member_synlogin($userinfo['phpssouid']);   
  187.                         //操作成功提示信息   
  188.                         showmessage(L('operation_success').$synloginstr'index.php?m=member&c=index&a=init');   
  189.                     }   
  190.                        
  191.                 }   
  192.             } else {//不使用phpsso的情况   
  193.                 showmessage(L('enable_register').L('enable_phpsso'), 'index.php?m=member&c=index&a=login');   
  194.             }   
  195.             //操作失败的提示信息   
  196.             showmessage(L('operation_failure'), HTTP_REFERER);   
  197.             //注册完毕   
  198.         } else {   
  199.             if(!pc_base::load_config('system''phpsso')) {   
  200.                 showmessage(L('enable_register').L('enable_phpsso'), 'index.php?m=member&c=index&a=login');   
  201.             }   
  202.                
  203.             if(!emptyempty($_GET['verify'])) {   
  204.                 $code = isset($_GET['code']) ? trim($_GET['code']) : showmessage(L('operation_failure'), 'index.php?m=member&c=index');   
  205.                 $phpcms_auth_key = md5(pc_base::load_config('system''auth_key'));   
  206.                 $code_res = sys_auth($code'DECODE'$phpcms_auth_key);   
  207.                 $code_arr = explode('|'$code_res);   
  208.                 $userid = isset($code_arr[0]) ? $code_arr[0] : '';   
  209.                 $userid = is_numeric($userid) ? $userid : showmessage(L('operation_failure'), 'index.php?m=member&c=index');   
  210.    
  211.                 $this->db->update(array('groupid'=>$this->_get_usergroup_bypoint()), array('userid'=>$userid));   
  212.                 showmessage(L('operation_success'), 'index.php?m=member&c=index');   
  213.             } elseif(!emptyempty($_GET['protocol'])) {   
  214.                 //协议页面   
  215.                 include template('member''protocol');   
  216.             } else {   
  217.                 //过滤非当前站点会员模型   
  218.                 $modellist = getcache('member_model''commons');   
  219.                 foreach($modellist as $k=>$v) {   
  220.                     if($v['siteid']!=$siteid || $v['disabled']) {   
  221.                         unset($modellist[$k]);   
  222.                     }   
  223.                 }   
  224.                 if(emptyempty($modellist)) {//当前站点下所有的会员模型   
  225.                     //当前站点不存在会员模型的提示信息   
  226.                     showmessage(L('site_have_no_model').L('deny_register'), HTTP_REFERER);   
  227.                 }   
  228.                 //是否开启选择会员模型选项   
  229.                 if($member_setting['choosemodel']) {   
  230.                     $first_model = array_pop(array_reverse($modellist));   
  231.                     $modelid = isset($_GET['modelid']) && in_array($_GET['modelid'], array_keys($modellist)) ? intval($_GET['modelid']) : $first_model['modelid'];   
  232.    
  233.                     if(array_key_exists($modelid$modellist)) {   
  234.                         //获取会员模型表单   
  235.                         require CACHE_MODEL_PATH.'member_form.class.php';   
  236.                         $member_form = new member_form($modelid);   
  237.                         $this->db->set_model($modelid);   
  238.                         $forminfos = $forminfos_arr = $member_form->get();   
  239.    
  240.                         //万能字段过滤   
  241.                         foreach($forminfos as $field=>$info) {   
  242.                             if($info['isomnipotent']) {   
  243.                                 unset($forminfos[$field]);   
  244.                             } else {   
  245.                                 if($info['formtype']=='omnipotent') {   
  246.                                     foreach($forminfos_arr as $_fm=>$_fm_value) {   
  247.                                         if($_fm_value['isomnipotent']) {   
  248.                                             $info['form'] = str_replace('{'.$_fm.'}',$_fm_value['form'], $info['form']);   
  249.                                         }   
  250.                                     }   
  251.                                     $forminfos[$field]['form'] = $info['form'];   
  252.                                 }   
  253.                             }   
  254.                         }   
  255.                            
  256.                         $formValidator = $member_form->formValidator;   
  257.                     }   
  258.                 }   
  259.                 $description = $modellist[$modelid]['description'];   
  260.                 //注册页面   
  261.                 include template('member''register');   
  262.             }   
  263.         }//注册页面结束   
  264.     }   
  265.     /*  
  266.      * 测试邮件配置  
  267.      */   
  268.     public function send_newmail() {   
  269.         $_username = param::get_cookie('_regusername');   
  270.         $_userid = param::get_cookie('_reguserid');   
  271.         $_ssouid = param::get_cookie('_reguseruid');   
  272.         $newemail = $_GET['newemail'];   
  273.    
  274.         if($newemail==''){//邮箱为空,直接返回错误   
  275.             return '2';   
  276.         }   
  277.         $this->_init_phpsso();   
  278.         $status = $this->client->ps_checkemail($newemail);   
  279.         if($status=='-5'){//邮箱被占用   
  280.             exit('-1');   
  281.         }   
  282.         if ($status==-1) {   
  283.             $status = $this->client->ps_get_member_info($newemail, 3);   
  284.             if($status) {   
  285.                 $status = unserialize($status); //接口返回序列化,进行判断   
  286.                 if (!isset($status['uid']) || $status['uid'] != intval($_ssouid)) {   
  287.                     exit('-1');   
  288.                 }   
  289.             } else {   
  290.                 exit('-1');   
  291.             }   
  292.         }   
  293.         //验证邮箱格式   
  294.         pc_base::load_sys_func('mail');   
  295.         $phpcms_auth_key = md5(pc_base::load_config('system''auth_key'));   
  296.         $code = sys_auth($_userid.'|'.$phpcms_auth_key'ENCODE'$phpcms_auth_key);   
  297.         $url = APP_PATH."index.php?m=member&c=index&a=register&code=$code&verify=1";   
  298.            
  299.         //读取配置获取验证信息   
  300.         $member_setting = getcache('member_setting');   
  301.         $message = $member_setting['registerverifymessage'];   
  302.         $message = str_replace(array('{click}','{url}','{username}','{email}','{password}'), array('<a href="'.$url.'">'.L('please_click').'</a>',$url,$_username,$newemail,$password), $message);   
  303.            
  304.         if(sendmail($newemail, L('reg_verify_email'), $message)){   
  305.             //更新新的邮箱,用来验证   
  306.             $this->db->update(array('email'=>$newemail), array('userid'=>$_userid));   
  307.             $this->client->ps_member_edit($_username$newemail''''$_ssouid);   
  308.             $return = '1';   
  309.         }else{   
  310.             $return = '2';   
  311.         }   
  312.         echo $return;   
  313.     }   
  314.        
  315.     public function account_manage() {   
  316.         $memberinfo = $this->memberinfo;   
  317.         //初始化phpsso   
  318.         $phpsso_api_url = $this->_init_phpsso();   
  319.         //获取头像数组   
  320.         $avatar = $this->client->ps_getavatar($this->memberinfo['phpssouid']);   
  321.        
  322.         $grouplist = getcache('grouplist');   
  323.         $member_model = getcache('member_model''commons');   
  324.    
  325.         //获取用户模型数据   
  326.         $this->db->set_model($this->memberinfo['modelid']);   
  327.         $member_modelinfo_arr = $this->db->get_one(array('userid'=>$this->memberinfo['userid']));   
  328.         $model_info = getcache('model_field_'.$this->memberinfo['modelid'], 'model');   
  329.         foreach($model_info as $k=>$v) {   
  330.             if($v['formtype'] == 'omnipotent'continue;   
  331.             if($v['formtype'] == 'image') {   
  332.                 $member_modelinfo[$v['name']] = "<a href='$member_modelinfo_arr[$k]' target='_blank'><img src='$member_modelinfo_arr[$k]' height='40' widht='40' onerror=/"this.src='$phpsso_api_url/statics/images/member/nophoto.gif'/"></a>";   
  333.             } elseif($v['formtype'] == 'datetime' && $v['fieldtype'] == 'int') {    //如果为日期字段   
  334.                 $member_modelinfo[$v['name']] = format::date($member_modelinfo_arr[$k], $v['format'] == 'Y-m-d H:i:s' ? 1 : 0);   
  335.             } elseif($v['formtype'] == 'images') {   
  336.                 $tmp = string2array($member_modelinfo_arr[$k]);   
  337.                 $member_modelinfo[$v['name']] = '';   
  338.                 if(is_array($tmp)) {   
  339.                     foreach ($tmp as $tv) {   
  340.                         $member_modelinfo[$v['name']] .= " <a href='$tv[url]' target='_blank'><img src='$tv[url]' height='40' widht='40' onerror=/"this.src='$phpsso_api_url/statics/images/member/nophoto.gif'/"></a>";   
  341.                     }   
  342.                     unset($tmp);   
  343.                 }   
  344.             } elseif($v['formtype'] == 'box') { //box字段,获取字段名称和值的数组   
  345.                 $tmp = explode("/n",$v['options']);   
  346.                 if(is_array($tmp)) {   
  347.                     foreach($tmp as $boxv) {   
  348.                         $box_tmp_arr = explode('|', trim($boxv));   
  349.                         if(is_array($box_tmp_arr) && isset($box_tmp_arr[1]) && isset($box_tmp_arr[0])) {   
  350.                             $box_tmp[$box_tmp_arr[1]] = $box_tmp_arr[0];   
  351.                             $tmp_key = intval($member_modelinfo_arr[$k]);   
  352.                         }   
  353.                     }   
  354.                 }   
  355.                 if(isset($box_tmp[$tmp_key])) {   
  356.                     $member_modelinfo[$v['name']] = $box_tmp[$tmp_key];   
  357.                 } else {   
  358.                     $member_modelinfo[$v['name']] = $member_modelinfo_arr[$k];   
  359.                 }   
  360.                 unset($tmp$tmp_key$box_tmp$box_tmp_arr);   
  361.             } elseif($v['formtype'] == 'linkage') { //如果为联动菜单   
  362.                 $tmp = string2array($v['setting']);   
  363.                 $tmpid = $tmp['linkageid'];   
  364.                 $linkagelist = getcache($tmpid'linkage');   
  365.                 $fullname = $this->_get_linkage_fullname($member_modelinfo_arr[$k], $linkagelist);   
  366.    
  367.                 $member_modelinfo[$v['name']] = substr($fullname, 0, -1);   
  368.                 unset($tmp$tmpid$linkagelist$fullname);   
  369.             } else {   
  370.                 $member_modelinfo[$v['name']] = $member_modelinfo_arr[$k];   
  371.             }   
  372.         }   
  373.    
  374.         include template('member''account_manage');   
  375.     }   
  376.    
  377.     public function account_manage_avatar() {   
  378.         $memberinfo = $this->memberinfo;   
  379.         //初始化phpsso   
  380.         $phpsso_api_url = $this->_init_phpsso();   
  381.         $ps_auth_key = pc_base::load_config('system''phpsso_auth_key');   
  382.         $auth_data = $this->client->auth_data(array('uid'=>$this->memberinfo['phpssouid'], 'ps_auth_key'=>$ps_auth_key), ''$ps_auth_key);   
  383.         $upurl = base64_encode($phpsso_api_url.'/index.php?m=phpsso&c=index&a=uploadavatar&auth_data='.$auth_data);   
  384.         //获取头像数组   
  385.         $avatar = $this->client->ps_getavatar($this->memberinfo['phpssouid']);   
  386.            
  387.         include template('member''account_manage_avatar');   
  388.     }   
  389.    
  390.     public function account_manage_security() {   
  391.         $memberinfo = $this->memberinfo;   
  392.         include template('member''account_manage_security');   
  393.     }   
  394.        
  395.     public function account_manage_info() {   
  396.         if(isset($_POST['dosubmit'])) {   
  397.             //更新用户昵称   
  398.             $nickname = isset($_POST['nickname']) && trim($_POST['nickname']) ? trim($_POST['nickname']) : '';   
  399.             if($nickname) {   
  400.                 $this->db->update(array('nickname'=>$nickname), array('userid'=>$this->memberinfo['userid']));   
  401.                 if(!isset($cookietime)) {   
  402.                     $get_cookietime = param::get_cookie('cookietime');   
  403.                 }   
  404.                 $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);   
  405.                 $cookietime = $_cookietime ? TIME + $_cookietime : 0;   
  406.                 param::set_cookie('_nickname'$nickname$cookietime);   
  407.             }   
  408.             require_once CACHE_MODEL_PATH.'member_input.class.php';   
  409.             require_once CACHE_MODEL_PATH.'member_update.class.php';   
  410.             $member_input = new member_input($this->memberinfo['modelid']);   
  411.             $modelinfo = $member_input->get($_POST['info']);   
  412.    
  413.             $this->db->set_model($this->memberinfo['modelid']);   
  414.             $membermodelinfo = $this->db->get_one(array('userid'=>$this->memberinfo['userid']));   
  415.             if(!emptyempty($membermodelinfo)) {   
  416.                 $this->db->update($modelinfoarray('userid'=>$this->memberinfo['userid']));   
  417.             } else {   
  418.                 $modelinfo['userid'] = $this->memberinfo['userid'];   
  419.                 $this->db->insert($modelinfo);   
  420.             }   
  421.                
  422.             showmessage(L('operation_success'), HTTP_REFERER);   
  423.         } else {   
  424.             $memberinfo = $this->memberinfo;   
  425.             //获取会员模型表单   
  426.             require CACHE_MODEL_PATH.'member_form.class.php';   
  427.             $member_form = new member_form($this->memberinfo['modelid']);   
  428.             $this->db->set_model($this->memberinfo['modelid']);   
  429.                
  430.             $membermodelinfo = $this->db->get_one(array('userid'=>$this->memberinfo['userid']));   
  431.             $forminfos = $forminfos_arr = $member_form->get($membermodelinfo);   
  432.    
  433.             //万能字段过滤   
  434.             foreach($forminfos as $field=>$info) {   
  435.                 if($info['isomnipotent']) {   
  436.                     unset($forminfos[$field]);   
  437.                 } else {   
  438.                     if($info['formtype']=='omnipotent') {   
  439.                         foreach($forminfos_arr as $_fm=>$_fm_value) {   
  440.                             if($_fm_value['isomnipotent']) {   
  441.                                 $info['form'] = str_replace('{'.$_fm.'}',$_fm_value['form'], $info['form']);   
  442.                             }   
  443.                         }   
  444.                         $forminfos[$field]['form'] = $info['form'];   
  445.                     }   
  446.                 }   
  447.             }   
  448.                            
  449.             $formValidator = $member_form->formValidator;   
  450.    
  451.             include template('member''account_manage_info');   
  452.         }   
  453.     }   
  454.        
  455.     public function account_manage_password() {   
  456.         if(isset($_POST['dosubmit'])) {   
  457.             if(!is_password($_POST['info']['password'])) {   
  458.                 showmessage(L('password_format_incorrect'), HTTP_REFERER);   
  459.             }   
  460.             if($this->memberinfo['password'] != password($_POST['info']['password'], $this->memberinfo['encrypt'])) {   
  461.                 showmessage(L('old_password_incorrect'), HTTP_REFERER);   
  462.             }   
  463.             //修改会员邮箱   
  464.             if($this->memberinfo['email'] != $_POST['info']['email'] && is_email($_POST['info']['email'])) {   
  465.                 $email = $_POST['info']['email'];   
  466.                 $updateinfo['email'] = $_POST['info']['email'];   
  467.             } else {   
  468.                 $email = '';   
  469.             }   
  470.             $newpassword = password($_POST['info']['newpassword'], $this->memberinfo['encrypt']);   
  471.             $updateinfo['password'] = $newpassword;   
  472.                
  473.             $this->db->update($updateinfoarray('userid'=>$this->memberinfo['userid']));   
  474.             if(pc_base::load_config('system''phpsso')) {   
  475.                 //初始化phpsso   
  476.                 $this->_init_phpsso();   
  477.                 $res = $this->client->ps_member_edit(''$email$_POST['info']['password'], $_POST['info']['newpassword'], $this->memberinfo['phpssouid'], $this->memberinfo['encrypt']);   
  478.             }   
  479.    
  480.             showmessage(L('operation_success'), HTTP_REFERER);   
  481.         } else {   
  482.             $show_validator = true;   
  483.             $memberinfo = $this->memberinfo;   
  484.                
  485.             include template('member''account_manage_password');   
  486.         }   
  487.     }   
  488.        
  489.     public function account_manage_upgrade() {   
  490.         $memberinfo = $this->memberinfo;   
  491.         $grouplist = getcache('grouplist');   
  492.         if(emptyempty($grouplist[$memberinfo['groupid']]['allowupgrade'])) {   
  493.             showmessage(L('deny_upgrade'), HTTP_REFERER);   
  494.         }   
  495.         if(isset($_POST['upgrade_type']) && intval($_POST['upgrade_type']) < 0) {   
  496.             showmessage(L('operation_failure'), HTTP_REFERER);   
  497.         }   
  498.    
  499.         if(isset($_POST['upgrade_date']) && intval($_POST['upgrade_date']) < 0) {   
  500.             showmessage(L('operation_failure'), HTTP_REFERER);   
  501.         }   
  502.    
  503.         if(isset($_POST['dosubmit'])) {   
  504.             $groupid = isset($_POST['groupid']) ? intval($_POST['groupid']) : showmessage(L('operation_failure'), HTTP_REFERER);   
  505.                
  506.             $upgrade_type = isset($_POST['upgrade_type']) ? intval($_POST['upgrade_type']) : showmessage(L('operation_failure'), HTTP_REFERER);   
  507.             $upgrade_date = !emptyempty($_POST['upgrade_date']) ? intval($_POST['upgrade_date']) : showmessage(L('operation_failure'), HTTP_REFERER);   
  508.    
  509.             //消费类型,包年、包月、包日,价格   
  510.             $typearr = array($grouplist[$groupid]['price_y'], $grouplist[$groupid]['price_m'], $grouplist[$groupid]['price_d']);   
  511.             //消费类型,包年、包月、包日,时间   
  512.             $typedatearr = array('366''31''1');   
  513.             //消费的价格   
  514.             $cost = $typearr[$upgrade_type]*$upgrade_date;   
  515.             //购买时间   
  516.             $buydate = $typedatearr[$upgrade_type]*$upgrade_date*86400;   
  517.             $overduedate = $memberinfo['overduedate'] > SYS_TIME ? ($memberinfo['overduedate']+$buydate) : (SYS_TIME+$buydate);   
  518.    
  519.             if($memberinfo['amount'] >= $cost) {   
  520.                 $this->db->update(array('groupid'=>$groupid'overduedate'=>$overduedate'vip'=>1), array('userid'=>$memberinfo['userid']));   
  521.                 //消费记录   
  522.                 pc_base::load_app_class('spend','pay',0);   
  523.                 spend::amount($cost, L('allowupgrade'), $memberinfo['userid'], $memberinfo['username']);   
  524.                 showmessage(L('operation_success'), 'index.php?m=member&c=index&a=init');   
  525.             } else {   
  526.                 showmessage(L('operation_failure'), HTTP_REFERER);   
  527.             }   
  528.    
  529.         } else {   
  530.                
  531.             $groupid = isset($_GET['groupid']) ? intval($_GET['groupid']) : '';   
  532.             //初始化phpsso   
  533.             $phpsso_api_url = $this->_init_phpsso();   
  534.             //获取头像数组   
  535.             $avatar = $this->client->ps_getavatar($this->memberinfo['phpssouid']);   
  536.                
  537.                
  538.             $memberinfo['groupname'] = $grouplist[$memberinfo[groupid]]['name'];   
  539.             $memberinfo['grouppoint'] = $grouplist[$memberinfo[groupid]]['point'];   
  540.             unset($grouplist[$memberinfo['groupid']]);   
  541.             include template('member''account_manage_upgrade');   
  542.         }   
  543.     }   
  544.        
  545.        
  546.     //登录   
  547.     public function login() {   
  548.         //主要用来获取一个session_mysql.class.php类库文件中session_mysql类的一个实例化对象   
  549.         $this->_session_start();   
  550.         //获取用户siteid   
  551.         $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;   
  552.         //定义站点id常量   
  553.         if (!defined('SITEID')) {   
  554.            define('SITEID'$siteid);   
  555.         }   
  556.            
  557.         //点击了【登录】按钮   
  558.         if(isset($_POST['dosubmit'])) {   
  559.             if(emptyempty($_SESSION['connectid'])) {   
  560.                 //判断验证码   
  561.                 if(!isset($_POST['checkcode']) && $_POST['checkcode'] != 0){//此行代码由weiyanhui添加   
  562.                     $code = isset($_POST['code']) && trim($_POST['code']) ? trim($_POST['code']) : showmessage(L('input_code'), HTTP_REFERER);   
  563.                     if ($_SESSION['code'] != strtolower($code)) {   
  564.                         showmessage(L('code_error'), HTTP_REFERER);   
  565.                     }   
  566.                 }      
  567.             }   
  568.                
  569.             //用户名   
  570.             $username = isset($_POST['username']) && trim($_POST['username']) ? trim($_POST['username']) : showmessage(L('username_empty'), HTTP_REFERER);   
  571.                
  572.             //密码   
  573.             $password = isset($_POST['password']) && trim($_POST['password']) ? trim($_POST['password']) : showmessage(L('password_empty'), HTTP_REFERER);   
  574.                
  575.             //cookie:<input type="checkbox" name="cookietime" value="2592000" id="cookietime"> 记住用户名   
  576.             $cookietime = intval($_POST['cookietime']);//是否记住用户名   
  577.                
  578.             //同步登录字符串   
  579.             $synloginstr = ''//同步登陆js代码   
  580.                
  581.             //phpsso登录   
  582.             if(pc_base::load_config('system''phpsso')) {   
  583.                 //主要用来返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'   
  584.                 $this->_init_phpsso();   
  585.                 //返回序列化后的会员信息   
  586.                 $status = $this->client->ps_member_login($username$password);   
  587.                 //将序列化的会员信息反序列化   
  588.                 $memberinfo = unserialize($status);   
  589.                    
  590.                 //会员id   
  591.                 if(isset($memberinfo['uid'])) {   
  592.                     //查询帐号,phpssouid为v9_member表中字段,代表会员id   
  593.                     //登录过程:第一步-先从phpsso中返回会员信息   第二步:再根据从phpsso中返回的会员信息(如,uid)作为条件查询本应用的会员表   
  594.                     $r = $this->db->get_one(array('phpssouid'=>$memberinfo['uid']));   
  595.                     if(!$r) {//如果phpsso中会员表中有当前登录会员信息,而本应用的v9_member表中没有当前登录会员信息,则重新插入v9_member表会员信息   
  596.                         //插入会员详细信息,会员不存在 插入会员   
  597.                         $info = array(//对应v9_member会员表字段信息   
  598.                                     'phpssouid'=>$memberinfo['uid'],   
  599.                                     'username'=>$memberinfo['username'],   
  600.                                     'password'=>$memberinfo['password'],   
  601.                                     'encrypt'=>$memberinfo['random'],   
  602.                                     'email'=>$memberinfo['email'],   
  603.                                     'regip'=>$memberinfo['regip'],   
  604.                                     'regdate'=>$memberinfo['regdate'],   
  605.                                     'lastip'=>$memberinfo['lastip'],   
  606.                                     'lastdate'=>$memberinfo['lastdate'],   
  607.                                     'groupid'=>$this->_get_usergroup_bypoint(),   //会员默认组   
  608.                                     'modelid'=>10,   //普通会员   
  609.                                     );   
  610.                                        
  611.                         //如果是connect用户   
  612.                         if(!emptyempty($_SESSION['connectid'])) {   
  613.                             $userinfo['connectid'] = $_SESSION['connectid'];   
  614.                         }   
  615.                         if(!emptyempty($_SESSION['from'])) {   
  616.                             $userinfo['from'] = $_SESSION['from'];   
  617.                         }   
  618.                         unset($_SESSION['connectid'], $_SESSION['from']);   
  619.                         //插入v9_member会员表信息   
  620.                         $this->db->insert($info);   
  621.                         unset($info);   
  622.                         //获取当前登录会员信息   
  623.                         $r = $this->db->get_one(array('phpssouid'=>$memberinfo['uid']));   
  624.                     }   
  625.                     //v9_member表中用户密码   
  626.                     $password = $r['password'];   
  627.                     //返回用户同步登录的js   
  628.                     $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);   
  629.                 } else {//如果会员id没有被设置   
  630.                     if($status == -1) { //用户不存在   
  631.                         showmessage(L('user_not_exist'), 'index.php?m=member&c=index&a=login');   
  632.                     } elseif($status == -2) { //密码错误   
  633.                         showmessage(L('password_error'), 'index.php?m=member&c=index&a=login');   
  634.                     } else {//登录失败   
  635.                         showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');   
  636.                     }   
  637.                 }   
  638.             //phpsso登录结束       
  639.             } else {//如果不使用phpsso   
  640.                 //密码错误剩余重试次数   
  641.                 $this->times_db = pc_base::load_model('times_model');//v9_times表:记录登录次数的表   
  642.                 $rtime = $this->times_db->get_one(array('username'=>$username));//通过username获取用户登录错误次数信息   
  643.                 if($rtime['times'] > 4) {//如果登录错误次数大于4   
  644.                     $minute = 60 - floor((SYS_TIME - $rtime['logintime']) / 60);   
  645.                     showmessage(L('wait_1_hour'array('minute'=>$minute)));//登录错误次数大于4,请1小时后重新登录   
  646.                 }   
  647.                    
  648.                 //查询帐号,v9_member   
  649.                 $r = $this->db->get_one(array('username'=>$username));   
  650.                 //会员账号不存在,返回登录页面   
  651.                 if(!$r) showmessage(L('user_not_exist'),'index.php?m=member&c=index&a=login');   
  652.                    
  653.                 //验证用户密码,用户密码的组成:两次md5加密+随机码   
  654.                 $password = md5(md5(trim($password)).$r['encrypt']);   
  655.                 if($r['password'] != $password) {                  
  656.                     $ip = ip();//获取请求的IP   
  657.                     if($rtime && $rtime['times'] < 5) {//如果登录错误次数小于5次   
  658.                         $times = 5 - intval($rtime['times']);   
  659.                         $this->times_db->update(array('ip'=>$ip'times'=>'+=1'), array('username'=>$username));   
  660.                     } else {//如果登录错误次数大于等于5次   
  661.                         $this->times_db->insert(array('username'=>$username'ip'=>$ip'logintime'=>SYS_TIME, 'times'=>1));   
  662.                         $times = 5;   
  663.                     }   
  664.                     //密码错误提示信息   
  665.                     showmessage(L('password_error'array('times'=>$times)), 'index.php?m=member&c=index&a=login', 3000);   
  666.                 }   
  667.                 //如果输入密码正确,则将当前会员登录错误次数的记录删除   
  668.                 $this->times_db->delete(array('username'=>$username));   
  669.             }//非phpsso登录结束   
  670.                
  671.             //如果用户被锁定   
  672.             if($r['islock']) {   
  673.                 showmessage(L('user_is_lock'));   
  674.             }   
  675.                
  676.             $userid = $r['userid'];//会员id   
  677.             $groupid = $r['groupid'];//会员组id   
  678.             $username = $r['username'];//会员用户名   
  679.             $nickname = emptyempty($r['nickname']) ? $username : $r['nickname'];//会员昵称   
  680.                
  681.             $updatearr = array('lastip'=>ip(), 'lastdate'=>SYS_TIME);   
  682.             //vip过期,更新vip和会员组   
  683.             if($r['overduedate'] < SYS_TIME) {   
  684.                 $updatearr['vip'] = 0;//vip信息需要更新了   
  685.             }          
  686.    
  687.             //检查用户积分,更新新用户组,除去邮箱认证、禁止访问、游客组用户、vip用户,如果该用户组不允许自助升级则不进行该操作           
  688.             if($r['point'] >= 0 && !in_array($r['groupid'], array('1''7''8')) && emptyempty($r[vip])) {   
  689.                 $grouplist = getcache('grouplist');//获取会员组缓存文件:缓存了所有会员组的详细配置信息   
  690.                 if(!emptyempty($grouplist[$r['groupid']]['allowupgrade'])) {//如果当前会员所在会员组不允许自主升级的话   
  691.                     $check_groupid = $this->_get_usergroup_bypoint($r['point']);//则根据积分算出用户组   
  692.                     //如果根据积分算出来的会员组与会员表中当前会员组不相等,说明该升级了   
  693.                     if($check_groupid != $r['groupid']) {   
  694.                         $updatearr['groupid'] = $groupid = $check_groupid;//会员组信息需要更新了   
  695.                     }   
  696.                 }   
  697.             }   
  698.    
  699.             //如果是connect用户   
  700.             if(!emptyempty($_SESSION['connectid'])) {   
  701.                 $updatearr['connectid'] = $_SESSION['connectid'];//外部通行证   
  702.             }   
  703.             if(!emptyempty($_SESSION['from'])) {   
  704.                 $updatearr['from'] = $_SESSION['from'];   
  705.             }   
  706.             unset($_SESSION['connectid'], $_SESSION['from']);   
  707.    
  708.             //更新v9_member用户会员表信息   
  709.             $this->db->update($updatearrarray('userid'=>$userid));   
  710.                
  711.             if(!isset($cookietime)) {//是否记住用户名   
  712.                 $get_cookietime = param::get_cookie('cookietime');   
  713.             }   
  714.                
  715.             $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);   
  716.             $cookietime = $_cookietime ? SYS_TIME + $_cookietime : 0;//保存时间   
  717.                
  718.                
  719.                
  720.             //'auth_key' => '4s0f9TsT8Y2sHEXMrqnB', //密钥   
  721.             //'phpsso_auth_key' => 'M11tXxlhKEceB4tYeGYZnWwoTgQP7BA4', //phpsso加密密钥   
  722.             $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  723.             $phpcms_auth = sys_auth($userid."/t".$password'ENCODE'$phpcms_auth_key);   
  724.                
  725.                
  726.                
  727.             //登录后将信息放入cookie   
  728.             param::set_cookie('auth'$phpcms_auth$cookietime);//auth放入cookie   
  729.             param::set_cookie('_userid'$userid$cookietime);//会员id放入cookie   
  730.             param::set_cookie('_username'$username$cookietime);//会员名放入cookie   
  731.             param::set_cookie('_groupid'$groupid$cookietime);//会员组id放入cookie   
  732.             param::set_cookie('_nickname'$nickname$cookietime);//会员昵称放入cookie   
  733.             //param::set_cookie('cookietime', $_cookietime, $cookietime);   
  734.                
  735.             //登录成功后跳转页面:<input type="hidden" name="forward" id="forward" value="http%3A%2F%2Fzhencms.com%2Findex.php%3Fm%3Dmember%26c%3Dindex">   
  736.             //value="http%3A%2F%2Fzhencms.com%2Findex.php%3Fm%3Dmember%26c%3Dindex"为urlencode()后的结果,所以需要将其解码   
  737.             $forward = isset($_POST['forward']) && !emptyempty($_POST['forward']) ? urldecode($_POST['forward']) : 'index.php?m=member&c=index';   
  738.             showmessage(L('login_success').$synloginstr$forward);//登录成功提示信息[phpsso登录或非phpsso登录]   
  739.                
  740.         } else {//如果没有 点击 【登录】按钮,则显示登录页面   
  741.             $setting = pc_base::load_config('system');   
  742.             //获取登录后要跳转的页面,赋值给前台模板   
  743.             $forward = isset($_GET['forward']) && trim($_GET['forward']) ? urlencode($_GET['forward']) : '';   
  744.             //站点id   
  745.             $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;   
  746.             //站点信息   
  747.             $siteinfo = siteinfo($siteid);   
  748.             //登录页面   
  749.             include template('member''login');   
  750.         }   
  751.     }   
  752.        
  753.     //退出登录   
  754.     public function logout() {   
  755.         $setting = pc_base::load_config('system');   
  756.         //snda退出,是否开启盛大通行证   
  757.         if($setting['snda_enable'] && param::get_cookie('_from')=='snda') {   
  758.             param::set_cookie('_from''');   
  759.             $forward = isset($_GET['forward']) && trim($_GET['forward']) ? urlencode($_GET['forward']) : '';   
  760.             $logouturl = 'https://cas.sdo.com/cas/logout?url='.urlencode(APP_PATH.'index.php?m=member&c=index&a=logout&forward='.$forward);   
  761.             header('Location: '.$logouturl);   
  762.         } else {   
  763.             $synlogoutstr = ''//同步退出js代码   
  764.             if(pc_base::load_config('system''phpsso')) {   
  765.                 $this->_init_phpsso();//主要用来返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'   
  766.                 //http://zhencms.com/phpsso_server/index.php?m=phpsso&c=index&a=logout   
  767.                 $synlogoutstr = $this->client->ps_member_synlogout();//返回退出字符串               
  768.             }   
  769.                
  770.             param::set_cookie('auth''');//将auth设置为失效   
  771.             param::set_cookie('_userid''');//将_userid设置为失效   
  772.             param::set_cookie('_username''');//将_username设置为失效   
  773.             param::set_cookie('_groupid''');//将_groupid设置为失效   
  774.             param::set_cookie('_nickname''');//将_nickname设置为失效   
  775.             param::set_cookie('cookietime''');//将cookietime设置为失效   
  776.             //退出后返回的页面   
  777.             $forward = isset($_GET['forward']) && trim($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index&a=login';   
  778.             //退出的提示信息   
  779.             showmessage(L('logout_success').$synlogoutstr$forward);   
  780.         }   
  781.     }   
  782.    
  783.     /**  
  784.      * 我的收藏  
  785.      *   
  786.      */   
  787.     public function favorite() {   
  788.         $this->favorite_db = pc_base::load_model('favorite_model');   
  789.         $memberinfo = $this->memberinfo;   
  790.         if(isset($_GET['id']) && trim($_GET['id'])) {   
  791.             $this->favorite_db->delete(array('userid'=>$memberinfo['userid'], 'id'=>intval($_GET['id'])));   
  792.             showmessage(L('operation_success'), HTTP_REFERER);   
  793.         } else {   
  794.             $page = isset($_GET['page']) && trim($_GET['page']) ? intval($_GET['page']) : 1;   
  795.             $favoritelist = $this->favorite_db->listinfo(array('userid'=>$memberinfo['userid']), 'id DESC'$page, 10);   
  796.             $pages = $this->favorite_db->pages;   
  797.    
  798.             include template('member''favorite_list');   
  799.         }   
  800.     }   
  801.        
  802.     /**  
  803.      * 我的好友  
  804.      */   
  805.     public function friend() {   
  806.         $memberinfo = $this->memberinfo;   
  807.         $this->friend_db = pc_base::load_model('friend_model');   
  808.         if(isset($_GET['friendid'])) {   
  809.             $this->friend_db->delete(array('userid'=>$memberinfo['userid'], 'friendid'=>intval($_GET['friendid'])));   
  810.             showmessage(L('operation_success'), HTTP_REFERER);   
  811.         } else {   
  812.             //初始化phpsso   
  813.             $phpsso_api_url = $this->_init_phpsso();   
  814.        
  815.             //我的好友列表userid   
  816.             $page = isset($_GET['page']) ? intval($_GET['page']) : 1;   
  817.             $friendids = $this->friend_db->listinfo(array('userid'=>$memberinfo['userid']), ''$page, 10);   
  818.             $pages = $this->friend_db->pages;   
  819.             foreach($friendids as $k=>$v) {   
  820.                 $friendlist[$k]['friendid'] = $v['friendid'];   
  821.                 $friendlist[$k]['avatar'] = $this->client->ps_getavatar($v['phpssouid']);   
  822.                 $friendlist[$k]['is'] = $v['is'];   
  823.             }   
  824.             include template('member''friend_list');   
  825.         }   
  826.     }   
  827.        
  828.     /**  
  829.      * 积分兑换  
  830.      */   
  831.     public function change_credit() {   
  832.         $memberinfo = $this->memberinfo;   
  833.         //加载用户模块配置   
  834.         $member_setting = getcache('member_setting');   
  835.         $this->_init_phpsso();   
  836.         $setting = $this->client->ps_getcreditlist();   
  837.         $outcredit = unserialize($setting);   
  838.         $setting = $this->client->ps_getapplist();   
  839.         $applist = unserialize($setting);   
  840.            
  841.         if(isset($_POST['dosubmit'])) {   
  842.             //本系统积分兑换数   
  843.             $fromvalue = intval($_POST['fromvalue']);   
  844.             //本系统积分类型   
  845.             $from = $_POST['from'];   
  846.             $toappid_to = explode('_'$_POST['to']);   
  847.             //目标系统appid   
  848.             $toappid = $toappid_to[0];   
  849.             //目标系统积分类型   
  850.             $to = $toappid_to[1];   
  851.             if($from == 1) {   
  852.                 if($memberinfo['point'] < $fromvalue) {   
  853.                     showmessage(L('need_more_point'), HTTP_REFERER);   
  854.                 }   
  855.             } elseif($from == 2) {   
  856.                 if($memberinfo['amount'] < $fromvalue) {   
  857.                     showmessage(L('need_more_amount'), HTTP_REFERER);   
  858.                 }   
  859.             } else {   
  860.                 showmessage(L('credit_setting_error'), HTTP_REFERER);   
  861.             }   
  862.    
  863.             $status = $this->client->ps_changecredit($memberinfo['phpssouid'], $from$toappid$to$fromvalue);   
  864.             if($status == 1) {   
  865.                 if($from == 1) {   
  866.                     $this->db->update(array('point'=>"-=$fromvalue"), array('userid'=>$memberinfo['userid']));   
  867.                 } elseif($from == 2) {   
  868.                     $this->db->update(array('amount'=>"-=$fromvalue"), array('userid'=>$memberinfo['userid']));   
  869.                 }   
  870.                 showmessage(L('operation_success'), HTTP_REFERER);   
  871.             } else {   
  872.                 showmessage(L('operation_failure'), HTTP_REFERER);   
  873.             }   
  874.         } elseif(isset($_POST['buy'])) {   
  875.             if(!is_numeric($_POST['money']) || $_POST['money'] < 0) {   
  876.                 showmessage(L('money_error'), HTTP_REFERER);   
  877.             } else {   
  878.                 $money = intval($_POST['money']);   
  879.             }   
  880.                
  881.             if($memberinfo['amount'] < $money) {   
  882.                 showmessage(L('short_of_money'), HTTP_REFERER);   
  883.             }   
  884.             //此处比率读取用户配置   
  885.             $point = $money*$member_setting['rmb_point_rate'];   
  886.             $this->db->update(array('point'=>"+=$point"), array('userid'=>$memberinfo['userid']));   
  887.             //加入消费记录,同时扣除金钱   
  888.             pc_base::load_app_class('spend','pay',0);   
  889.             spend::amount($money, L('buy_point'), $memberinfo['userid'], $memberinfo['username']);   
  890.             showmessage(L('operation_success'), HTTP_REFERER);   
  891.         } else {   
  892.             $credit_list = pc_base::load_config('credit');   
  893.                
  894.             include template('member''change_credit');   
  895.         }   
  896.     }   
  897.        
  898.     //mini登陆条   
  899.     public function mini() {   
  900.         //获取通过 set_cookie 设置的 _username 变量   
  901.         $_username = param::get_cookie('_username');   
  902.         //获取通过 set_cookie 设置的 _userid 变量   
  903.         $_userid = param::get_cookie('_userid');   
  904.         //当前站点   
  905.         $siteid = isset($_GET['siteid']) ? intval($_GET['siteid']) : '';   
  906.         //定义站点id常量   
  907.         if (!defined('SITEID')) {   
  908.            define('SITEID'$siteid);   
  909.         }   
  910.            
  911.         $snda_enable = pc_base::load_config('system''snda_enable');   
  912.         //顶部登录信息:欢迎 xxx 登录 ,会员中心、退出   
  913.         include template('member''mini');   
  914.     }   
  915.        
  916.     /**  
  917.      * 初始化phpsso  
  918.      * about phpsso, include client and client configure  
  919.      * @return string phpsso_api_url phpsso地址  
  920.      */   
  921.     private function _init_phpsso() {   
  922.         pc_base::load_app_class('client''', 0);   
  923.         define('APPID', pc_base::load_config('system''phpsso_appid'));//应用id   
  924.         $phpsso_api_url = pc_base::load_config('system''phpsso_api_url');//接口地址   
  925.         $phpsso_auth_key = pc_base::load_config('system''phpsso_auth_key');//加密秘钥   
  926.         //主要将phpsso_api_url、phpsso_auth_key赋给client类对应的属性   
  927.         $this->client = new client($phpsso_api_url$phpsso_auth_key);   
  928.         return $phpsso_api_url;//返回接口地址:'phpsso_api_url' => 'http://zhencms.com/phpsso_server'   
  929.     }   
  930.        
  931.     protected function _checkname($username) {   
  932.         $username =  trim($username);   
  933.         if ($this->db->get_one(array('username'=>$username))){   
  934.             return false;   
  935.         }   
  936.         return true;   
  937.     }   
  938.        
  939.     private function _session_start() {   
  940.         $session_storage = 'session_'.pc_base::load_config('system','session_storage');//session_mysql   
  941.         pc_base::load_sys_class($session_storage);//加载session_mysql.class.php文件,默认情况下会初始化一个实例   
  942.     }   
  943.        
  944.     /*  
  945.      * 通过linkageid获取名字路径  
  946.      */   
  947.     protected function _get_linkage_fullname($linkageid,  $linkagelist) {   
  948.         $fullname = '';   
  949.         if($linkagelist['data'][$linkageid]['parentid'] != 0) {   
  950.             $fullname = $this->_get_linkage_fullname($linkagelist['data'][$linkageid]['parentid'], $linkagelist);   
  951.         }   
  952.         //所在地区名称   
  953.         $return = $fullname.$linkagelist['data'][$linkageid]['name'].'>';   
  954.         return $return;   
  955.     }   
  956.        
  957.     /**  
  958.      *根据积分算出用户组  
  959.      * @param $point int 积分数  
  960.      */   
  961.     protected function _get_usergroup_bypoint($point=0) {   
  962.         $groupid = 2;   
  963.         if(emptyempty($point)) {   
  964.             $member_setting = getcache('member_setting');   
  965.             $point = $member_setting['defualtpoint'] ? $member_setting['defualtpoint'] : 0;   
  966.         }   
  967.         $grouplist = getcache('grouplist');   
  968.            
  969.         foreach ($grouplist as $k=>$v) {   
  970.             $grouppointlist[$k] = $v['point'];   
  971.         }   
  972.         arsort($grouppointlist);   
  973.    
  974.         //如果超出用户组积分设置则为积分最高的用户组   
  975.         if($point > max($grouppointlist)) {   
  976.             $groupid = key($grouppointlist);   
  977.         } else {   
  978.             foreach ($grouppointlist as $k=>$v) {   
  979.                 if($point >= $v) {   
  980.                     $groupid = $tmp_k;   
  981.                     break;   
  982.                 }   
  983.                 $tmp_k = $k;   
  984.             }   
  985.         }   
  986.         return $groupid;   
  987.     }   
  988.                    
  989.     /**  
  990.      * 检查用户名  
  991.      * @param string $username  用户名  
  992.      * @return $status {-4:用户名禁止注册;-1:用户名已经存在 ;1:成功}  
  993.      */   
  994.     public function public_checkname_ajax() {   
  995.         $username = isset($_GET['username']) && trim($_GET['username']) ? trim($_GET['username']) : exit(0);   
  996.         if(CHARSET != 'utf-8') {   
  997.             $username = iconv('utf-8', CHARSET, $username);   
  998.             $username = addslashes($username);   
  999.         }   
  1000.            
  1001.         //首先判断会员审核表   
  1002.         $this->verify_db = pc_base::load_model('member_verify_model');   
  1003.         if($this->verify_db->get_one(array('username'=>$username))) {   
  1004.             exit('0');   
  1005.         }   
  1006.        
  1007.         $this->_init_phpsso();   
  1008.         $status = $this->client->ps_checkname($username);   
  1009.                
  1010.         if($status == -4 || $status == -1) {   
  1011.             exit('0');   
  1012.         } else {   
  1013.             exit('1');   
  1014.         }   
  1015.     }   
  1016.        
  1017.     /**  
  1018.      * 检查用户昵称  
  1019.      * @param string $nickname  昵称  
  1020.      * @return $status {0:已存在;1:成功}  
  1021.      */   
  1022.     public function public_checknickname_ajax() {   
  1023.         $nickname = isset($_GET['nickname']) && trim($_GET['nickname']) ? trim($_GET['nickname']) : exit('0');   
  1024.         if(CHARSET != 'utf-8') {   
  1025.             $nickname = iconv('utf-8', CHARSET, $nickname);   
  1026.             $nickname = addslashes($nickname);   
  1027.         }    
  1028.         //首先判断会员审核表   
  1029.         $this->verify_db = pc_base::load_model('member_verify_model');   
  1030.         if($this->verify_db->get_one(array('nickname'=>$nickname))) {   
  1031.             exit('0');   
  1032.         }   
  1033.         if(isset($_GET['userid'])) {   
  1034.             $userid = intval($_GET['userid']);   
  1035.             //如果是会员修改,而且NICKNAME和原来优质一致返回1,否则返回0   
  1036.             $info = get_memberinfo($userid);   
  1037.             if($info['nickname'] == $nickname){//未改变   
  1038.                 exit('1');   
  1039.             }else{//已改变,判断是否已有此名   
  1040.                 $where = array('nickname'=>$nickname);   
  1041.                 $res = $this->db->get_one($where);   
  1042.                 if($res) {   
  1043.                     exit('0');   
  1044.                 } else {   
  1045.                     exit('1');   
  1046.                 }   
  1047.             }   
  1048.         } else {   
  1049.             $where = array('nickname'=>$nickname);   
  1050.             $res = $this->db->get_one($where);   
  1051.             if($res) {   
  1052.                 exit('0');   
  1053.             } else {   
  1054.                 exit('1');   
  1055.             }   
  1056.         }    
  1057.     }   
  1058.        
  1059.     /**  
  1060.      * 检查邮箱  
  1061.      * @param string $email  
  1062.      * @return $status {-1:email已经存在 ;-5:邮箱禁止注册;1:成功}  
  1063.      */   
  1064.     public function public_checkemail_ajax() {   
  1065.         $this->_init_phpsso();   
  1066.         $email = isset($_GET['email']) && trim($_GET['email']) ? trim($_GET['email']) : exit(0);   
  1067.            
  1068.         $status = $this->client->ps_checkemail($email);   
  1069.         if($status == -5) { //禁止注册   
  1070.             exit('0');   
  1071.         } elseif($status == -1) {   //用户名已存在,但是修改用户的时候需要判断邮箱是否是当前用户的   
  1072.             if(isset($_GET['phpssouid'])) { //修改用户传入phpssouid   
  1073.                 $status = $this->client->ps_get_member_info($email, 3);   
  1074.                 if($status) {   
  1075.                     $status = unserialize($status); //接口返回序列化,进行判断   
  1076.                     if (isset($status['uid']) && $status['uid'] == intval($_GET['phpssouid'])) {   
  1077.                         exit('1');   
  1078.                     } else {   
  1079.                         exit('0');   
  1080.                     }   
  1081.                 } else {   
  1082.                     exit('0');   
  1083.                 }   
  1084.             } else {   
  1085.                 exit('0');   
  1086.             }   
  1087.         } else {   
  1088.             exit('1');   
  1089.         }   
  1090.     }   
  1091.        
  1092.     public function public_sina_login() {   
  1093.         define('WB_AKEY', pc_base::load_config('system''sina_akey'));   
  1094.         define('WB_SKEY', pc_base::load_config('system''sina_skey'));   
  1095.         pc_base::load_app_class('weibooauth''' ,0);   
  1096.         $this->_session_start();   
  1097.                        
  1098.         if(isset($_GET['callback']) && trim($_GET['callback'])) {   
  1099.             $o = new WeiboOAuth(WB_AKEY, WB_SKEY, $_SESSION['keys']['oauth_token'], $_SESSION['keys']['oauth_token_secret']);   
  1100.             $_SESSION['last_key'] = $o->getAccessToken($_REQUEST['oauth_verifier']);   
  1101.             $c = new WeiboClient(WB_AKEY, WB_SKEY, $_SESSION['last_key']['oauth_token'], $_SESSION['last_key']['oauth_token_secret']);   
  1102.             //获取用户信息   
  1103.             $me = $c->verify_credentials();   
  1104.             if(CHARSET != 'utf-8') {   
  1105.                 $me['name'] = iconv('utf-8', CHARSET, $me['name']);   
  1106.                 $me['location'] = iconv('utf-8', CHARSET, $me['location']);   
  1107.                 $me['description'] = iconv('utf-8', CHARSET, $me['description']);   
  1108.                 $me['screen_name'] = iconv('utf-8', CHARSET, $me['screen_name']);   
  1109.             }   
  1110.             if(!emptyempty($me['id'])) {   
  1111.                 //检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面   
  1112.                 $where = array('connectid'=>$me['id'], 'from'=>'sina');   
  1113.                 $r = $this->db->get_one($where);   
  1114.                    
  1115.                 //connect用户已经绑定本站用户   
  1116.                 if(!emptyempty($r)) {   
  1117.                     //读取本站用户信息,执行登录操作   
  1118.                        
  1119.                     $password = $r['password'];   
  1120.                     $this->_init_phpsso();   
  1121.                     $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);   
  1122.                     $userid = $r['userid'];   
  1123.                     $groupid = $r['groupid'];   
  1124.                     $username = $r['username'];   
  1125.                     $nickname = emptyempty($r['nickname']) ? $username : $r['nickname'];   
  1126.                     $this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));   
  1127.                        
  1128.                     if(!$cookietime$get_cookietime = param::get_cookie('cookietime');   
  1129.                     $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);   
  1130.                     $cookietime = $_cookietime ? TIME + $_cookietime : 0;   
  1131.                        
  1132.                     $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  1133.                     $phpcms_auth = sys_auth($userid."/t".$password'ENCODE'$phpcms_auth_key);   
  1134.                        
  1135.                     param::set_cookie('auth'$phpcms_auth$cookietime);   
  1136.                     param::set_cookie('_userid'$userid$cookietime);   
  1137.                     param::set_cookie('_username'$username$cookietime);   
  1138.                     param::set_cookie('_groupid'$groupid$cookietime);   
  1139.                     param::set_cookie('cookietime'$_cookietime$cookietime);   
  1140.                     param::set_cookie('_nickname'$nickname$cookietime);   
  1141.                     $forward = isset($_GET['forward']) && !emptyempty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';   
  1142.                     showmessage(L('login_success').$synloginstr$forward);   
  1143.                        
  1144.                 } else {   
  1145.                     //弹出绑定注册页面   
  1146.                     $_SESSION = array();   
  1147.                     $_SESSION['connectid'] = $me['id'];   
  1148.                     $_SESSION['from'] = 'sina';   
  1149.                     $connect_username = $me['name'];   
  1150.                        
  1151.                     //加载用户模块配置   
  1152.                     $member_setting = getcache('member_setting');   
  1153.                     if(!$member_setting['allowregister']) {   
  1154.                         showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login');   
  1155.                     }   
  1156.                        
  1157.                     //获取用户siteid   
  1158.                     $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;   
  1159.                     //过滤非当前站点会员模型   
  1160.                     $modellist = getcache('member_model''commons');   
  1161.                     foreach($modellist as $k=>$v) {   
  1162.                         if($v['siteid']!=$siteid || $v['disabled']) {   
  1163.                             unset($modellist[$k]);   
  1164.                         }   
  1165.                     }   
  1166.                     if(emptyempty($modellist)) {   
  1167.                         showmessage(L('site_have_no_model').L('deny_register'), HTTP_REFERER);   
  1168.                     }   
  1169.                        
  1170.                     $modelid = 10; //设定默认值   
  1171.                     if(array_key_exists($modelid$modellist)) {   
  1172.                         //获取会员模型表单   
  1173.                         require CACHE_MODEL_PATH.'member_form.class.php';   
  1174.                         $member_form = new member_form($modelid);   
  1175.                         $this->db->set_model($modelid);   
  1176.                         $forminfos = $forminfos_arr = $member_form->get();   
  1177.    
  1178.                         //万能字段过滤   
  1179.                         foreach($forminfos as $field=>$info) {   
  1180.                             if($info['isomnipotent']) {   
  1181.                                 unset($forminfos[$field]);   
  1182.                             } else {   
  1183.                                 if($info['formtype']=='omnipotent') {   
  1184.                                     foreach($forminfos_arr as $_fm=>$_fm_value) {   
  1185.                                         if($_fm_value['isomnipotent']) {   
  1186.                                             $info['form'] = str_replace('{'.$_fm.'}',$_fm_value['form'], $info['form']);   
  1187.                                         }   
  1188.                                     }   
  1189.                                     $forminfos[$field]['form'] = $info['form'];   
  1190.                                 }   
  1191.                             }   
  1192.                         }   
  1193.                            
  1194.                         $formValidator = $member_form->formValidator;   
  1195.                     }   
  1196.                     include template('member''connect');   
  1197.                 }   
  1198.             } else {   
  1199.                 showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');   
  1200.             }   
  1201.         } else {   
  1202.             $o = new WeiboOAuth(WB_AKEY, WB_SKEY);   
  1203.             $keys = $o->getRequestToken();   
  1204.             $aurl = $o->getAuthorizeURL($keys['oauth_token'] ,false , APP_PATH.'index.php?m=member&c=index&a=public_sina_login&callback=1');   
  1205.             $_SESSION['keys'] = $keys;   
  1206.                
  1207.                
  1208.             include template('member''connect_sina');   
  1209.         }   
  1210.     }   
  1211.        
  1212.     /**  
  1213.      * 盛大通行证登陆  
  1214.      */   
  1215.     public function public_snda_login() {   
  1216.         define('SNDA_AKEY', pc_base::load_config('system''snda_akey'));   
  1217.         define('SNDA_SKEY', pc_base::load_config('system''snda_skey'));   
  1218.         define('SNDA_CALLBACK', urlencode(APP_PATH.'index.php?m=member&c=index&a=public_snda_login&callback=1'));   
  1219.            
  1220.         pc_base::load_app_class('OauthSDK''' ,0);   
  1221.         $this->_session_start();        
  1222.         if(isset($_GET['callback']) && trim($_GET['callback'])) {   
  1223.                        
  1224.             $o = new OauthSDK(SNDA_AKEY, SNDA_SKEY, SNDA_CALLBACK);   
  1225.             $code = $_REQUEST['code'];   
  1226.             $accesstoken = $o->getAccessToken($code);   
  1227.            
  1228.             if(is_numeric($accesstoken['sdid'])) {   
  1229.                 $userid = $accesstoken['sdid'];   
  1230.             } else {   
  1231.                 showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');   
  1232.             }   
  1233.    
  1234.             if(!emptyempty($userid)) {   
  1235.                    
  1236.                 //检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面   
  1237.                 $where = array('connectid'=>$userid'from'=>'snda');   
  1238.                 $r = $this->db->get_one($where);   
  1239.                    
  1240.                 //connect用户已经绑定本站用户   
  1241.                 if(!emptyempty($r)) {   
  1242.                     //读取本站用户信息,执行登录操作   
  1243.                     $password = $r['password'];   
  1244.                     $this->_init_phpsso();   
  1245.                     $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);   
  1246.                     $userid = $r['userid'];   
  1247.                     $groupid = $r['groupid'];   
  1248.                     $username = $r['username'];   
  1249.                     $nickname = emptyempty($r['nickname']) ? $username : $r['nickname'];   
  1250.                     $this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));   
  1251.                     if(!$cookietime$get_cookietime = param::get_cookie('cookietime');   
  1252.                     $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);   
  1253.                     $cookietime = $_cookietime ? TIME + $_cookietime : 0;   
  1254.                        
  1255.                     $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  1256.                     $phpcms_auth = sys_auth($userid."/t".$password'ENCODE'$phpcms_auth_key);   
  1257.                        
  1258.                     param::set_cookie('auth'$phpcms_auth$cookietime);   
  1259.                     param::set_cookie('_userid'$userid$cookietime);   
  1260.                     param::set_cookie('_username'$username$cookietime);   
  1261.                     param::set_cookie('_groupid'$groupid$cookietime);   
  1262.                     param::set_cookie('cookietime'$_cookietime$cookietime);   
  1263.                     param::set_cookie('_nickname'$nickname$cookietime);   
  1264.                     param::set_cookie('_from''snda');   
  1265.                     $forward = isset($_GET['forward']) && !emptyempty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';   
  1266.                     showmessage(L('login_success').$synloginstr$forward);   
  1267.                 } else {                   
  1268.                     //弹出绑定注册页面   
  1269.                     $_SESSION = array();   
  1270.                     $_SESSION['connectid'] = $userid;   
  1271.                     $_SESSION['from'] = 'snda';   
  1272.                     $connect_username = $userid;   
  1273.                     include template('member''connect');   
  1274.                 }   
  1275.             }      
  1276.         } else {   
  1277.             $o = new OauthSDK(SNDA_AKEY, SNDA_SKEY, SNDA_CALLBACK);   
  1278.             $accesstoken = $o->getSystemToken();        
  1279.             $aurl = $o->getAuthorizeURL();   
  1280.                
  1281.             include template('member''connect_snda');   
  1282.         }   
  1283.            
  1284.     }   
  1285.        
  1286.        
  1287.     /**  
  1288.      * QQ号码登录  
  1289.      * 该函数为QQ登录回调地址  
  1290.      */   
  1291.     public function public_qq_loginnew(){   
  1292.                 $appid = pc_base::load_config('system''qq_appid');   
  1293.                 $appkey = pc_base::load_config('system''qq_appkey');   
  1294.                 $callback = pc_base::load_config('system''qq_callback');   
  1295.                 pc_base::load_app_class('qqapi','',0);   
  1296.                 $info = new qqapi($appid,$appkey,$callback);   
  1297.                 $this->_session_start();   
  1298.                 if(!isset($_GET['oauth_token'])){   
  1299.                          $info->redirect_to_login();   
  1300.                 }else{   
  1301.                     $info->get_openid();//调取QQ openid值   
  1302.                     if(!emptyempty($_SESSION['openid'])){   
  1303.                         $r = $this->db->get_one(array('connectid'=>$_SESSION['openid'],'from'=>'qq'));   
  1304.                          if(!emptyempty($r)){   
  1305.                                 //QQ已存在于数据库,则直接转向登陆操作   
  1306.                                 $password = $r['password'];   
  1307.                                 $this->_init_phpsso();   
  1308.                                 $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);   
  1309.                                 $userid = $r['userid'];   
  1310.                                 $groupid = $r['groupid'];   
  1311.                                 $username = $r['username'];   
  1312.                                 $nickname = emptyempty($r['nickname']) ? $username : $r['nickname'];   
  1313.                                 $this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));   
  1314.                                 if(!$cookietime$get_cookietime = param::get_cookie('cookietime');   
  1315.                                 $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);   
  1316.                                 $cookietime = $_cookietime ? TIME + $_cookietime : 0;   
  1317.                                 $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  1318.                                 $phpcms_auth = sys_auth($userid."/t".$password'ENCODE'$phpcms_auth_key);   
  1319.                                 param::set_cookie('auth'$phpcms_auth$cookietime);   
  1320.                                 param::set_cookie('_userid'$userid$cookietime);   
  1321.                                 param::set_cookie('_username'$username$cookietime);   
  1322.                                 param::set_cookie('_groupid'$groupid$cookietime);   
  1323.                                 param::set_cookie('cookietime'$_cookietime$cookietime);   
  1324.                                 param::set_cookie('_nickname'$nickname$cookietime);   
  1325.                                 $forward = isset($_GET['forward']) && !emptyempty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';   
  1326.                                 showmessage(L('login_success').$synloginstr$forward);   
  1327.                         }else{     
  1328.                                 //未存在于数据库中,跳去完善资料页面。页面预置用户名(QQ返回是UTF8编码,如有需要进行转码)   
  1329.                                 $user = $info->get_user_info();   
  1330.                                 $_SESSION['connectid'] = $_SESSION['openid'];   
  1331.                                 $_SESSION['from'] = 'qq';   
  1332.                                 if(CHARSET != 'utf-8') {//转编码   
  1333.                                     $connect_username = iconv('utf-8', CHARSET, $user['nickname']);    
  1334.                                 }   
  1335.                                 include template('member''connect');   
  1336.                         }   
  1337.                     }   
  1338.                 }   
  1339.     }   
  1340.        
  1341.     /**  
  1342.      * QQ微博登录  
  1343.      */   
  1344.     public function public_qq_login() {   
  1345.         define('QQ_AKEY', pc_base::load_config('system''qq_akey'));   
  1346.         define('QQ_SKEY', pc_base::load_config('system''qq_skey'));   
  1347.         pc_base::load_app_class('qqoauth''' ,0);   
  1348.         $this->_session_start();   
  1349.         if(isset($_GET['callback']) && trim($_GET['callback'])) {   
  1350.             $o = new WeiboOAuth(QQ_AKEY, QQ_SKEY, $_SESSION['keys']['oauth_token'], $_SESSION['keys']['oauth_token_secret']);   
  1351.             $_SESSION['last_key'] = $o->getAccessToken($_REQUEST['oauth_verifier']);   
  1352.                
  1353.             if(!emptyempty($_SESSION['last_key']['name'])) {   
  1354.                 //检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面   
  1355.                 $where = array('connectid'=>$_REQUEST['openid'], 'from'=>'qq');   
  1356.                 $r = $this->db->get_one($where);   
  1357.                    
  1358.                 //connect用户已经绑定本站用户   
  1359.                 if(!emptyempty($r)) {   
  1360.                     //读取本站用户信息,执行登录操作   
  1361.                     $password = $r['password'];   
  1362.                     $this->_init_phpsso();   
  1363.                     $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);   
  1364.                     $userid = $r['userid'];   
  1365.                     $groupid = $r['groupid'];   
  1366.                     $username = $r['username'];   
  1367.                     $nickname = emptyempty($r['nickname']) ? $username : $r['nickname'];   
  1368.                     $this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));   
  1369.                     if(!$cookietime$get_cookietime = param::get_cookie('cookietime');   
  1370.                     $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);   
  1371.                     $cookietime = $_cookietime ? TIME + $_cookietime : 0;   
  1372.                        
  1373.                     $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  1374.                     $phpcms_auth = sys_auth($userid."/t".$password'ENCODE'$phpcms_auth_key);   
  1375.                        
  1376.                     param::set_cookie('auth'$phpcms_auth$cookietime);   
  1377.                     param::set_cookie('_userid'$userid$cookietime);   
  1378.                     param::set_cookie('_username'$username$cookietime);   
  1379.                     param::set_cookie('_groupid'$groupid$cookietime);   
  1380.                     param::set_cookie('cookietime'$_cookietime$cookietime);   
  1381.                     param::set_cookie('_nickname'$nickname$cookietime);   
  1382.                     param::set_cookie('_from''snda');   
  1383.                     $forward = isset($_GET['forward']) && !emptyempty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';   
  1384.                     showmessage(L('login_success').$synloginstr$forward);   
  1385.                 } else {                   
  1386.                     //弹出绑定注册页面   
  1387.                     $_SESSION = array();   
  1388.                     $_SESSION['connectid'] = $_REQUEST['openid'];   
  1389.                     $_SESSION['from'] = 'qq';   
  1390.                     $connect_username = $_SESSION['last_key']['name'];   
  1391.    
  1392.                     //加载用户模块配置   
  1393.                     $member_setting = getcache('member_setting');   
  1394.                     if(!$member_setting['allowregister']) {   
  1395.                         showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login');   
  1396.                     }   
  1397.                        
  1398.                     //获取用户siteid   
  1399.                     $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;   
  1400.                     //过滤非当前站点会员模型   
  1401.                     $modellist = getcache('member_model''commons');   
  1402.                     foreach($modellist as $k=>$v) {   
  1403.                         if($v['siteid']!=$siteid || $v['disabled']) {   
  1404.                             unset($modellist[$k]);   
  1405.                         }   
  1406.                     }   
  1407.                     if(emptyempty($modellist)) {   
  1408.                         showmessage(L('site_have_no_model').L('deny_register'), HTTP_REFERER);   
  1409.                     }   
  1410.                        
  1411.                     $modelid = 10; //设定默认值   
  1412.                     if(array_key_exists($modelid$modellist)) {   
  1413.                         //获取会员模型表单   
  1414.                         require CACHE_MODEL_PATH.'member_form.class.php';   
  1415.                         $member_form = new member_form($modelid);   
  1416.                         $this->db->set_model($modelid);   
  1417.                         $forminfos = $forminfos_arr = $member_form->get();   
  1418.    
  1419.                         //万能字段过滤   
  1420.                         foreach($forminfos as $field=>$info) {   
  1421.                             if($info['isomnipotent']) {   
  1422.                                 unset($forminfos[$field]);   
  1423.                             } else {   
  1424.                                 if($info['formtype']=='omnipotent') {   
  1425.                                     foreach($forminfos_arr as $_fm=>$_fm_value) {   
  1426.                                         if($_fm_value['isomnipotent']) {   
  1427.                                             $info['form'] = str_replace('{'.$_fm.'}',$_fm_value['form'], $info['form']);   
  1428.                                         }   
  1429.                                     }   
  1430.                                     $forminfos[$field]['form'] = $info['form'];   
  1431.                                 }   
  1432.                             }   
  1433.                         }   
  1434.                            
  1435.                         $formValidator = $member_form->formValidator;   
  1436.                     }      
  1437.                     include template('member''connect');   
  1438.                 }   
  1439.             } else {   
  1440.                 showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login');   
  1441.             }   
  1442.         } else {   
  1443.             $oauth_callback = APP_PATH.'index.php?m=member&c=index&a=public_qq_login&callback=1';   
  1444.             $oauth_nonce = md5(SYS_TIME);   
  1445.             $oauth_signature_method = 'HMAC-SHA1';   
  1446.             $oauth_timestamp = SYS_TIME;   
  1447.             $oauth_version = '1.0';   
  1448.    
  1449.             $url = "https://open.t.qq.com/cgi-bin/request_token?oauth_callback=$oauth_callback&oauth_consumer_key=".QQ_AKEY."&oauth_nonce=$oauth_nonce&oauth_signature=".QQ_SKEY."&oauth_signature_method=HMAC-SHA1&oauth_timestamp=$oauth_timestamp&oauth_version=$oauth_version";    
  1450.             $o = new WeiboOAuth(QQ_AKEY, QQ_SKEY);   
  1451.                
  1452.             $keys = $o->getRequestToken(array('callback'=>$oauth_callback));   
  1453.             $_SESSION['keys'] = $keys;   
  1454.             $aurl = $o->getAuthorizeURL($keys['oauth_token'] ,false , $oauth_callback);   
  1455.                
  1456.             include template('member''connect_qq');      
  1457.         }   
  1458.    
  1459.     }   
  1460.    
  1461.    
  1462.     //QQ登录功能   
  1463.     public function public_qq_login2(){   
  1464.                 $appid = pc_base::load_config('system''qq_appid');   
  1465.                 $appkey = pc_base::load_config('system''qq_appkey');   
  1466.                 $callback = pc_base::load_config('system''qq_callback');   
  1467.                 pc_base::load_app_class('qqapi','',0);   
  1468.                 $info = new qqapi($appid,$appkey,$callback);   
  1469.                 $this->_session_start();   
  1470.                 if(!isset($_GET['oauth_token'])){   
  1471.                         $info->redirect_to_login();   
  1472.                 }else{   
  1473.                         $info->get_openid();   
  1474.                         if(!emptyempty($_SESSION['openid'])){   
  1475.                                 $r = $this->db->get_one(array('connectid'=>$_SESSION['openid'],'from'=>'qq'));   
  1476.                                 if(!emptyempty($r)){   
  1477.                                         //登陆   
  1478.                                         $password = $r['password'];   
  1479.                                         $this->_init_phpsso();   
  1480.                                         $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);   
  1481.                                         $userid = $r['userid'];   
  1482.                                         $groupid = $r['groupid'];   
  1483.                                         $username = $r['username'];   
  1484.                                         $nickname = emptyempty($r['nickname']) ? $username : $r['nickname'];   
  1485.                                         $this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid));   
  1486.                                         if(!$cookietime$get_cookietime = param::get_cookie('cookietime');   
  1487.                                         $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime: 0);   
  1488.                                         $cookietime = $_cookietime ? TIME + $_cookietime : 0;   
  1489.                                         $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  1490.                                         $phpcms_auth = sys_auth($userid."/t".$password'ENCODE'$phpcms_auth_key);   
  1491.                                         param::set_cookie('auth'$phpcms_auth$cookietime);   
  1492.                                         param::set_cookie('_userid'$userid$cookietime);   
  1493.                                         param::set_cookie('_username'$username$cookietime);   
  1494.                                         param::set_cookie('_groupid'$groupid$cookietime);   
  1495.                                         param::set_cookie('cookietime'$_cookietime$cookietime);   
  1496.                                         param::set_cookie('_nickname'$nickname$cookietime);   
  1497.                                         $forward = isset($_GET['forward']) && !emptyempty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index';   
  1498.                                         showmessage(L('login_success').$synloginstr$forward);   
  1499.                                 }else{   
  1500.                                         $user = $info->get_user_info();   
  1501.                                         $_SESSION['connectid'] = $_SESSION['openid'];   
  1502.                                         $_SESSION['from'] = 'qq';   
  1503.                                         $connect_username = $user['nickname'];   
  1504.                                         include template('member''connect');   
  1505.                                 }   
  1506.                         }   
  1507.                 }   
  1508.         }      
  1509.     /**  
  1510.      * 找回密码  
  1511.      */   
  1512.     public function public_forget_password () {   
  1513.            
  1514.         $email_config = getcache('common''commons');   
  1515.         //SMTP MAIL 二种发送模式   
  1516.         if($email_config['mail_type'] == '1'){   
  1517.             if(emptyempty($email_config['mail_user']) || emptyempty($email_config['mail_password'])) {   
  1518.                 showmessage(L('email_config_empty'), HTTP_REFERER);   
  1519.             }   
  1520.         }   
  1521.         $this->_session_start();   
  1522.         $member_setting = getcache('member_setting');   
  1523.         if(isset($_POST['dosubmit'])) {   
  1524.             if ($_SESSION['code'] != strtolower($_POST['code'])) {   
  1525.                 showmessage(L('code_error'), HTTP_REFERER);   
  1526.             }   
  1527.                
  1528.             $memberinfo = $this->db->get_one(array('email'=>$_POST['email']));   
  1529.             if(!emptyempty($memberinfo['email'])) {   
  1530.                 $email = $memberinfo['email'];   
  1531.             } else {   
  1532.                 showmessage(L('email_error'), HTTP_REFERER);   
  1533.             }   
  1534.                
  1535.             pc_base::load_sys_func('mail');   
  1536.             $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  1537.    
  1538.             $code = sys_auth($memberinfo['userid']."/t".SYS_TIME, 'ENCODE'$phpcms_auth_key);   
  1539.    
  1540.             $url = APP_PATH."index.php?m=member&c=index&a=public_forget_password&code=$code";   
  1541.             $message = $member_setting['forgetpassword'];   
  1542.             $message = str_replace(array('{click}','{url}'), array('<a href="'.$url.'">'.L('please_click').'</a>',$url), $message);   
  1543.             //获取站点名称   
  1544.             $sitelist = getcache('sitelist''commons');   
  1545.                
  1546.             if(isset($sitelist[$memberinfo['siteid']]['name'])) {   
  1547.                 $sitename = $sitelist[$memberinfo['siteid']]['name'];   
  1548.             } else {   
  1549.                 $sitename = 'PHPCMS_V9_MAIL';   
  1550.             }   
  1551.             sendmail($email, L('forgetpassword'), $message''''$sitename);   
  1552.             showmessage(L('operation_success'), 'index.php?m=member&c=index&a=login');   
  1553.         } elseif($_GET['code']) {   
  1554.             $phpcms_auth_key = md5(pc_base::load_config('system''auth_key').$this->http_user_agent);   
  1555.             $hour = date('y-m-d h', SYS_TIME);   
  1556.             $code = sys_auth($_GET['code'], 'DECODE'$phpcms_auth_key);   
  1557.             $code = explode("/t"$code);   
  1558.    
  1559.             if(is_array($code) && is_numeric($code[0]) && date('y-m-d h', SYS_TIME) == date('y-m-d h'$code[1])) {   
  1560.                 $memberinfo = $this->db->get_one(array('userid'=>$code[0]));   
  1561.                    
  1562.                 if(emptyempty($memberinfo['phpssouid'])) {   
  1563.                     showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');   
  1564.                 }   
  1565.                    
  1566.                 $password = random(8);   
  1567.                 $updateinfo['password'] = password($password$memberinfo['encrypt']);   
  1568.                    
  1569.                 $this->db->update($updateinfoarray('userid'=>$code[0]));   
  1570.                 if(pc_base::load_config('system''phpsso')) {   
  1571.                     //初始化phpsso   
  1572.                     $this->_init_phpsso();   
  1573.                     $this->client->ps_member_edit(''$email''$password$memberinfo['phpssouid'], $memberinfo['encrypt']);   
  1574.                 }   
  1575.        
  1576.                 showmessage(L('operation_success').L('newpassword').':'.$password);   
  1577.    
  1578.             } else {   
  1579.                 showmessage(L('operation_failure'), 'index.php?m=member&c=index&a=login');   
  1580.             }   
  1581.    
  1582.         } else {   
  1583.             $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;   
  1584.             $siteinfo = siteinfo($siteid);   
  1585.                
  1586.             include template('member''forget_password');   
  1587.         }   
  1588.     }   
  1589. }   
  1590. ?>   

 

发表评论 共有条评论
用户名: 密码:
验证码: 匿名发表