Browse Source

会员中心优化调整

tags/6.1.9
tianya 2 months ago
parent
commit
080b3e1f1d
7 changed files with 75 additions and 32 deletions
  1. +24
    -11
      src/admin/member_toadmin.php
  2. +1
    -2
      src/admin/templets/member_main.htm
  3. +1
    -2
      src/admin/templets/member_view.htm
  4. +1
    -1
      src/user/ajax_loginsta.php
  5. +28
    -8
      src/user/edit_baseinfo.php
  6. +9
    -3
      src/user/reg_new.php
  7. +11
    -5
      src/user/resetpassword.php

+ 24
- 11
src/admin/member_toadmin.php View File

@@ -32,17 +32,30 @@ if ($dopost == "toadmin") {
$pwdm = '';
if ($pwd != '') {
$inputpwd = ",pwd";
$inputpwdv = ",'".substr(md5($pwd), 5, 20)."'";
$pwdm = ",pwd='".md5($pwd)."'";
if (function_exists('password_hash')) {
$inputpwd = ",pwd_new";
$inputpwdv = ",'".password_hash($pwd, PASSWORD_BCRYPT)."'";
$pwdm = ",pwd_new='".password_hash($pwd, PASSWORD_BCRYPT)."'";
} else {
$inputpwdv = ",'".substr(md5($pwd), 5, 20)."'";
$pwdm = ",pwd='".md5($pwd)."'";
}
} else {
$row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");
$password = $row['pwd'];
$inputpwd = ",pwd";
$pwd = substr($password, 5, 20);
$inputpwdv = ",'".$pwd."'";
$pwdm = ",pwd='".$password."'";
$row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='$id'");
if (function_exists('password_hash')) {
$password = $row['pwd_new'];
$inputpwd = ",pwd_new";
$inputpwdv = ",'".$password."'";
$pwdm = ",pwd_new='".$password."'";
} else {
$password = $row['pwd'];
$inputpwd = ",pwd";
$pwd = substr($password, 5, 20);
$inputpwdv = ",'".$pwd."'";
$pwdm = ",pwd='".$password."'";
}
}
$typeids = (empty($typeids)) ? "" : $typeids;
$typeids = (empty($typeids)) ? array() : $typeids;
if ($typeids == '') {
ShowMsg("请为该管理员指定管理栏目", "member_toadmin.php?id={$id}");
exit();
@@ -83,11 +96,11 @@ $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=
$dsql->Execute('op');
while ($nrow = $dsql->GetObject('op')) {
$typeOptions .= "<option value='{$nrow->id}' class='btype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">{$nrow->typename}</option>\r\n";
$dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");
$dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");
$dsql->Execute('s');
while ($nrow = $dsql->GetObject('s')) {
$typeOptions .= "<option value='{$nrow->id}' class='stype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">—{$nrow->typename}</option>\r\n";
}
}
$row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");
$row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='$id'");
include DedeInclude('templets/member_toadmin.htm');

+ 1
- 2
src/admin/templets/member_main.htm View File

@@ -88,7 +88,7 @@
<tr height="26" align="center" onmousemove="javascript:this.bgColor='#F8FCF1';" onmouseout="javascript:this.bgColor='#ffffff';">
<td><input name="mid" type="checkbox" id="mid" value="{dede:field.mid/}" class="np"></td>
<td>{dede:field.mid/}</td>
<td><a href="../user/index.php?uid={dede:field.userid/}" target='_blank'>
<td>
<?php
echo ''.$fields['userid'].'';
if($fields['spacesta']==-2) echo "<span class='text-danger'>[禁言]</span>";
@@ -97,7 +97,6 @@
echo "<br><img src='{$fields['face']}' title='浏览会员空间' style='max-width:80px;height:auto'>";
}
?>
</a>
</td>
<td>{dede:field.email/}<br>
昵称:{dede:field.uname/}


+ 1
- 2
src/admin/templets/member_view.htm View File

@@ -171,9 +171,8 @@
<tr>
<td height="26" class="bline">特殊操作:</td>
<td height="26" class="bline">
<a href="member_do.php?dopost=memberlogin&id=<?php echo $row['mid']; ?>&jumpurl=../user/edit_fullinfo.php" target="_blank" class="btn btn-success btn-sm">修改资料</a>
<a href="member_do.php?dopost=memberlogin&id=<?php echo $row['mid']; ?>&jumpurl=../user/edit_baseinfo.php" target="_blank" class="btn btn-success btn-sm">修改资料</a>
<a href="member_do.php?dopost=memberlogin&id=<?php echo $row['mid']; ?>" target="_blank" class="btn btn-success btn-sm">登录此用户面板</a>
<a href="../user/index.php?uid=<?php echo $row['userid']; ?>" target="_blank" class="btn btn-success btn-sm">浏览此用户</a>
</td>
</tr>
<tr>


+ 1
- 1
src/user/ajax_loginsta.php View File

@@ -46,7 +46,7 @@ if ($format === 'json') {
</div>
<div class="uclink">
<a href="<?php echo $cfg_memberurl; ?>/index.php">会员中心</a> |
<a href="<?php echo $cfg_memberurl; ?>/edit_fullinfo.php">资料</a> |
<a href="<?php echo $cfg_memberurl; ?>/edit_baseinfo.php">资料</a> |
<a href="<?php echo $cfg_memberurl; ?>/index_do.php?fmdo=login&dopost=exit">退出登录</a>
</div>
</div><!-- /userinfo -->

+ 28
- 8
src/user/edit_baseinfo.php View File

@@ -22,19 +22,39 @@ if ($dopost == 'save') {
ShowMsg('验证码错误', '-1');
exit();
}
if (!is_array($row) || $row['pwd'] != md5($oldpwd)) {
ShowMsg('您输入的旧密码错误或没填写,不允许修改资料', '-1');
exit();
if (function_exists('password_hash')) {
if (!is_array($row) || !password_verify($oldpwd, $row['pwd_new'])) {
ShowMsg('您输入的旧密码错误或没填写,不允许修改资料', '-1');
exit();
}
} else {
if (!is_array($row) || $row['pwd'] != md5($oldpwd)) {
ShowMsg('您输入的旧密码错误或没填写,不允许修改资料', '-1');
exit();
}
}
if ($userpwd != $userpwdok) {
ShowMsg('您两次输入的新密码不一致', '-1');
exit();
}
$pp = "pwd";
if ($userpwd == '') {
$pwd = $row['pwd'];
if (function_exists('password_hash')) {
$pp = "pwd_new";
$pwd = $row['pwd_new'];
} else {
$pwd = $row['pwd'];
}
} else {
$pwd = md5($userpwd);
$pwd2 = substr(md5($userpwd), 5, 20);
if (function_exists('password_hash'))
{
$pp = "pwd_new";
$pwd = password_hash($userpwd, PASSWORD_BCRYPT);
$pwd2 = password_hash($userpwd, PASSWORD_BCRYPT);
} else {
$pwd = md5($userpwd);
$pwd2 = substr(md5($userpwd), 5, 20);
}
}
$addupquery = '';
//修改安全问题或Email
@@ -78,11 +98,11 @@ if ($dopost == 'save') {
ShowMsg('请选择正常的性别', '-1');
exit();
}
$query1 = "UPDATE `#@__member` SET pwd='$pwd',sex='$sex'{$addupquery} where mid='".$cfg_ml->M_ID."' ";
$query1 = "UPDATE `#@__member` SET $pp='$pwd',sex='$sex'{$addupquery} where mid='".$cfg_ml->M_ID."' ";
$dsql->ExecuteNoneQuery($query1);
//如果是管理员,修改其后台密码
if ($cfg_ml->fields['matt'] == 10 && $pwd2 != "") {
$query2 = "UPDATE `#@__admin` SET pwd='$pwd2' where id='".$cfg_ml->M_ID."' ";
$query2 = "UPDATE `#@__admin` SET $pp='$pwd2' where id='".$cfg_ml->M_ID."' ";
$dsql->ExecuteNoneQuery($query2);
}
//清除会员缓存


+ 9
- 3
src/user/reg_new.php View File

@@ -67,11 +67,17 @@ if ($step == 1) {
$logintime = time();
$joinip = GetIP();
$loginip = GetIP();
$pwd = password_hash($userpwd, PASSWORD_BCRYPT);
$pp = "pwd";
if (function_exists('password_hash')) {
$pp = "pwd_new";
$pwd = password_hash($userpwd, PASSWORD_BCRYPT);
} else {
$pwd = md5($userpwd);
}
$mtype = '个人';
$spaceSta = ($cfg_mb_spacesta < 0 ? $cfg_mb_spacesta : 0);
$inQuery = "INSERT INTO `#@__member` (`mtype` ,`userid` ,`pwd`, `pwd_new` ,`uname` ,`sex` ,`rank` ,`money` ,`email` ,`scores` ,`matt`, `spacesta` ,`face`,`safequestion`,`safeanswer` ,`jointime` ,`joinip` ,`logintime` ,`loginip` )
VALUES ('$mtype','$userid','','$pwd','$uname','','10','$dfmoney','','$dfscores','0','$spaceSta','','','','$jointime','$joinip','$logintime','$loginip'); ";
$inQuery = "INSERT INTO `#@__member` (`mtype` ,`userid` ,`$pp`,`uname` ,`sex` ,`rank` ,`money` ,`email` ,`scores` ,`matt`, `spacesta` ,`face`,`safequestion`,`safeanswer` ,`jointime` ,`joinip` ,`logintime` ,`loginip` )
VALUES ('$mtype','$userid','$pwd','$uname','','10','$dfmoney','','$dfscores','0','$spaceSta','','','','$jointime','$joinip','$logintime','$loginip'); ";
if ($dsql->ExecuteNoneQuery($inQuery)) {
$mid = $dsql->GetLastID();
//写入默认会员详细资料


+ 11
- 5
src/user/resetpassword.php View File

@@ -93,20 +93,26 @@ if ($dopost == "") {
if ($row['pwd'] == $sn) {
if ($pwd != "") {
if ($pwd == $pwdok) {
$pwdok = md5($pwdok);
$pp = "pwd";
if (function_exists('password_hash')) {
$pp = "pwd_new";
$pwdok = password_hash($pwdok, PASSWORD_BCRYPT);
} else {
$pwdok = md5($pwdok);
}
$sql = "DELETE FROM `#@__pwd_tmp` WHERE `mid` = '$id';";
$db->executenonequery($sql);
$sql = "UPDATE `#@__member` SET `pwd` = '$pwdok' WHERE `mid` = '$id';";
$sql = "UPDATE `#@__member` SET `$pp` = '$pwdok' WHERE `mid` = '$id';";
if ($db->executenonequery($sql)) {
showmsg('修改密码成功,请牢记新密码', 'login.php');
ShowMsg('修改密码成功,请牢记新密码', 'login.php');
exit;
}
}
}
showmsg('对不起,新密码为空或填写不一致', '-1');
ShowMsg('对不起,新密码为空或填写不一致', '-1');
exit;
}
showmsg('对不起,临时密码错误', '-1');
ShowMsg('对不起,临时密码错误', '-1');
exit;
}
}

Loading…
Cancel
Save