diff --git a/src/member/ajax_loginsta.php b/src/member/ajax_loginsta.php
index e2413dba..72c140f2 100755
--- a/src/member/ajax_loginsta.php
+++ b/src/member/ajax_loginsta.php
@@ -9,13 +9,43 @@
define('AJAXLOGIN', TRUE);
require_once(dirname(__FILE__)."/config.php");
+
AjaxHead();
-if($myurl == '') exit('');
+
+$format = isset($format)? "json" : "";
+
+if(!$cfg_ml->IsLogin())
+{
+ if ($format === 'json') {
+ echo json_encode(array(
+ "code" => -1,
+ "msg" => "尚未登录",
+ "data" => null,
+ ));
+ } else {
+ echo "";
+ }
+ exit;
+}
$uid = $cfg_ml->M_LoginID;
!$cfg_ml->fields['face'] && $face = ($cfg_ml->fields['sex'] == '女')? 'dfgirl' : 'dfboy';
$facepic = empty($face)? $cfg_ml->fields['face'] : $GLOBALS['cfg_memberurl'].'/templets/images/'.$face.'.png';
+
+if ($format === 'json') {
+ echo json_encode(array(
+ "code" => 200,
+ "msg" => "",
+ "data" => array(
+ "username" => $cfg_ml->M_UserName,
+ "myurl" => $myurl,
+ "facepic" => $facepic,
+ "memberurl" => $cfg_memberurl,
+ ),
+ ));
+ exit;
+}
?>
你好:M_UserName; ?>,欢迎登录
diff --git a/src/member/album_add.php b/src/member/album_add.php
index 4c62bf4b..4c0cb2b5 100755
--- a/src/member/album_add.php
+++ b/src/member/album_add.php
@@ -90,70 +90,18 @@ else if($dopost=='save')
$hasone = false;
$ddisfirst=1;
- //处理并保存所指定的图片从网上复制
- if($formhtml==1)
- {
- $imagebody = stripslashes($imagebody);
- $imgurls .= GetCurContentAlbum($imagebody,$copysource,$litpicname);
- if($ddisfirst==1 && $litpic=='' && !empty($litpicname))
- {
- $litpic = $litpicname;
- $hasone = true;
- }
- }
- $info = '';
-
- //正常上传
+ //只支持填写地址
for($i=1;$i<=120;$i++)
{
- //含有图片的条件
- if(isset($_FILES['imgfile'.$i]['tmp_name']) && is_uploaded_file($_FILES['imgfile'.$i]['tmp_name']) )
- {
- $iinfo = str_replace("'","`",stripslashes(${'imgmsg'.$i}));
- if(!is_uploaded_file($_FILES['imgfile'.$i]['tmp_name']))
- {
- continue;
- }
- else
- {
- $sparr = Array("image/pjpeg","image/jpeg","image/gif","image/png","image/xpng","image/wbmp");
- if(!in_array($_FILES['imgfile'.$i]['type'],$sparr))
- {
- continue;
- }
- $filename = MemberUploads('imgfile'.$i,'',$cfg_ml->M_ID,'image','',0,0,false);
- if($filename!='')
- {
- SaveUploadInfo($title,$filename,1);
- }
-
- //缩图
- if($pagestyle > 2)
- {
- $litpicname = GetImageMapDD($filename,$ddmaxwidth);
- if($litpicname != '')
- {
- SaveUploadInfo($title.' 小图',$litpicname,1);
- }
- }
- else
- {
- $litpicname = $filename;
- }
- $imgfile = $cfg_basedir.$filename;
- if(is_file($imgfile))
- {
- $iurl = $filename;
- $info = '';
- $imginfos = @getimagesize($imgfile,$info);
- $imgurls .= "{dede:img ddimg='$litpicname' text='$iinfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}\r\n";
- }
- }
- if(!$hasone && $litpic=='' && !empty($litpicname))
- {
- $litpic = $litpicname;
- $hasone = true;
- }
+ if (!isset(${'imgfile'.$i})) {
+ continue;
+ }
+ $f = ${'imgfile'.$i};
+ $msg = isset(${'imgmsg'.$i})? ${'imgmsg'.$i} : "";
+ if (!empty($f) && filter_var($f, FILTER_VALIDATE_URL)) {
+ $u = str_replace(array("\"","'"), "`", $f);
+ $info = str_replace(array("\"","'"), "`", $msg);
+ $imgurls .= "{dede:img ddimg='' text='$info'} $u {/dede:img}\r\n";
}
}//循环结束
$imgurls = addslashes($imgurls);
@@ -204,12 +152,6 @@ else if($dopost=='save')
}
}
- //处理图片文档的自定义属性
- if($litpic!='')
- {
- $flag = 'p';
- }
-
//生成文档ID
$arcID = GetIndexKey($arcrank,$typeid,$sortrank,$channelid,$senddate,$mid);
if(empty($arcID))
@@ -223,7 +165,7 @@ else if($dopost=='save')
$inQuery = "INSERT INTO `#@__archives`(id,typeid,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle,
color,writer,source,litpic,pubdate,senddate,mid,description,keywords,mtype)
VALUES ('$arcID','$typeid','$sortrank','$flag','$ismake','$channelid','$arcrank','0','$money','$title','$shorttitle',
-'$color','$writer','$source','$litpic','$pubdate','$senddate','$mid','$description','$keywords','$mtypesid'); ";
+'$color','$writer','$source','','$pubdate','$senddate','$mid','$description','$keywords','$mtypesid'); ";
if(!$dsql->ExecuteNoneQuery($inQuery))
{
$gerr = $dsql->GetError();
diff --git a/src/member/album_edit.php b/src/member/album_edit.php
index 63c515fd..489425b9 100755
--- a/src/member/album_edit.php
+++ b/src/member/album_edit.php
@@ -90,96 +90,18 @@ else if($dopost=='save')
$hasone = false;
$ddisfirst=1;
- //处理并保存所指定的图片从网上复制
- if($formhtml==1)
- {
- $imagebody = stripslashes($imagebody);
- $imgurls .= GetCurContentAlbum($imagebody,$copysource,$litpicname);
- if($ddisfirst==1 && $litpic=='' && !empty($litpicname))
- {
- $litpic = $litpicname;
- $hasone = true;
- }
- }
- $info = '';
-
- //检查已上传或直接上传的图片
+ //只支持填写地址
for($i=1;$i<=120;$i++)
{
- //含有图片的条件
- if(isset(${'imgurl'.$i}) || (isset($_FILES['imgfile'.$i]['tmp_name']) && is_uploaded_file($_FILES['imgfile'.$i]['tmp_name'])))
- {
- $iinfo = str_replace("'","`",stripslashes(${'imgmsg'.$i}));
- if(!is_uploaded_file($_FILES['imgfile'.$i]['tmp_name']))
- {
- $iurl = stripslashes(${'imgurl'.$i});
-
- //如果有旧图
- if(isset(${'imgurl'.$i}))
- {
- $litpicname = $iurl;
- $filename = $iurl;
-
- //缩图
- if($pagestyle > 2)
- {
- $litpicname = GetImageMapDD($filename,$ddmaxwidth);
- if($litpicname != '')
- {
- SaveUploadInfo($title.' 小图',$litpicname,1);
- }
- }
- }
- else
- {
- continue;
- }
- }
- else
- {
- $sparr = Array("image/pjpeg","image/jpeg","image/gif","image/png","image/xpng","image/wbmp");
- if(!in_array($_FILES['imgfile'.$i]['type'],$sparr))
- {
- continue;
- }
- if(isset(${'imgurl'.$i}))
- {
- $filename = ${'imgurl'.$i};
- }
- else
- {
- $filename = '';
- }
- $filename = MemberUploads('imgfile'.$i,$filename,$cfg_ml->M_ID,'image','',0,0,false);
- if($filename!='')
- {
- SaveUploadInfo($title,$filename,1);
- }
- $litpicname = $filename;
-
- //缩图
- if($pagestyle > 2)
- {
- $litpicname = GetImageMapDD($filename,$ddmaxwidth);
- if($litpicname != '')
- {
- SaveUploadInfo($title.' 小图',$litpicname,1);
- }
- }
- }
- $imgfile = $cfg_basedir.$filename;
- if(is_file($imgfile))
- {
- $iurl = $filename;
- $info = '';
- $imginfos = @getimagesize($imgfile,$info);
- $imgurls .= "{dede:img ddimg='$litpicname' text='$iinfo' width='".$imginfos[0]."' height='".$imginfos[1]."'} $iurl {/dede:img}\r\n";
- }
- if(!$hasone && $litpic=='' && !empty($litpicname))
- {
- $litpic = $litpicname;
- $hasone = true;
- }
+ if (!isset(${'imgfile'.$i})) {
+ continue;
+ }
+ $f = ${'imgfile'.$i};
+ $msg = isset(${'imgmsg'.$i})? ${'imgmsg'.$i} : "";
+ if (!empty($f) && filter_var($f, FILTER_VALIDATE_URL)) {
+ $u = str_replace(array("\"","'"), "`", $f);
+ $info = str_replace(array("\"","'"), "`", $msg);
+ $imgurls .= "{dede:img ddimg='' text='$info'} $u {/dede:img}\r\n";
}
}//循环结束
$imgurls = addslashes($imgurls);
@@ -222,8 +144,6 @@ else if($dopost=='save')
}
}
$description = HtmlReplace($description, -1);
- //处理图片文档的自定义属性
- if($litpic!='') $flag = 'p';
//更新数据库的SQL语句
//更新数据库的SQL语句
@@ -232,7 +152,6 @@ else if($dopost=='save')
arcrank='$arcrank',
typeid='$typeid',
title='$title',
- litpic='$litpic',
description='$description',
keywords='$keywords',
mtype='$mtypesid',
diff --git a/src/member/buy.php b/src/member/buy.php
index aecc6e2d..ccae789e 100755
--- a/src/member/buy.php
+++ b/src/member/buy.php
@@ -13,7 +13,7 @@ $menutype_son = 'op';
$myurl = $cfg_basehost.$cfg_member_dir.'/index.php?uid='.$cfg_ml->M_LoginID;
$moneycards = '';
$membertypes = '';
-$dsql->SetQuery("SELECT * FROM #@__moneycard_type ");
+$dsql->SetQuery("SELECT * FROM `#@__moneycard_type`");
$dsql->Execute();
while($row = $dsql->GetObject())
{
@@ -26,7 +26,7 @@ while($row = $dsql->GetObject())
";
}
-$dsql->SetQuery("SELECT #@__member_type.*,#@__arcrank.membername,#@__arcrank.money as cm From #@__member_type LEFT JOIN #@__arcrank on #@__arcrank.rank = #@__member_type.rank ");
+$dsql->SetQuery("SELECT `#@__member_type`.*,`#@__arcrank`.membername,`#@__arcrank`.money as cm From `#@__member_type` LEFT JOIN `#@__arcrank` on `#@__arcrank`.rank = `#@__member_type`.rank ");
$dsql->Execute();
while($row = $dsql->GetObject())
{
diff --git a/src/member/config.php b/src/member/config.php
index 81c5198a..d6ba8bf9 100755
--- a/src/member/config.php
+++ b/src/member/config.php
@@ -143,6 +143,10 @@ if($cfg_ml->IsLogin())
if(!preg_match("#^http:#i", $myurl)) $myurl = $cfg_basehost.$myurl;
}
+/** 有没新短信 **/
+$pms = $dsql->GetOne("SELECT COUNT(*) AS nums FROM #@__member_pms WHERE toid='{$cfg_ml->M_ID}' AND `hasview`=0 AND folder = 'inbox'");
+
+
/**
* 检查用户是否有权限进行某个操作
*
diff --git a/src/member/inc/inc_archives_functions.php b/src/member/inc/inc_archives_functions.php
index 34112708..d5f7593e 100755
--- a/src/member/inc/inc_archives_functions.php
+++ b/src/member/inc/inc_archives_functions.php
@@ -349,7 +349,7 @@ function GetCurContent(&$body)
$htd = new DedeHttpDown();
$basehost = "http://".$_SERVER["HTTP_HOST"];
$img_array = array();
- preg_match_all("/(src|SRC)=[\"|'| ]{0,}(http:\/\/([^>]*)\.(gif|jpg|png))/isU",$body,$img_array);
+ preg_match_all("/(src|SRC)=[\"|'| ]{0,}(http[s]?:\/\/([^>]*)\.(gif|jpg|png))/isU",$body,$img_array);
$img_array = array_unique($img_array[2]);
$imgUrl = $cfg_user_dir."/".$cfg_ml->M_ID;
$imgPath = $cfg_basedir.$imgUrl;
diff --git a/src/member/inc/inc_pwd_functions.php b/src/member/inc/inc_pwd_functions.php
index fe1b6a55..06a550da 100755
--- a/src/member/inc/inc_pwd_functions.php
+++ b/src/member/inc/inc_pwd_functions.php
@@ -1,4 +1,4 @@
-GetArray()) {
$newfriends[] = $row;
}
-
- /** 好友记录 **/
- $sql = "SELECT F.*,M.face,M.sex FROM `#@__member` AS M LEFT JOIN #@__member_friends AS F ON F.fid=M.mid WHERE F.mid='{$cfg_ml->M_ID}' ORDER BY F.addtime desc LIMIT 6";
- $friends = array();
- $dsql->SetQuery($sql);
- $dsql->Execute();
- while ($row = $dsql->GetArray()) {
- $friends[] = $row;
- }
/** 有没新短信 **/
$pms = $dsql->GetOne("SELECT COUNT(*) AS nums FROM #@__member_pms WHERE toid='{$cfg_ml->M_ID}' AND `hasview`=0 AND folder = 'inbox'");
@@ -113,79 +104,4 @@ if($uid=='')
$dpl->LoadTemplate($tpl);
$dpl->display();
}
-}
-
-/*-----------------------------
-//会员空间主页
-function space_index(){ }
-------------------------------*/
-else
-{
- require_once(DEDEMEMBER.'/inc/config_space.php');
- if($action == '')
- {
- include_once(DEDEINC."/channelunit.func.php");
- $dpl = new DedeTemplate();
- $tplfile = DEDEMEMBER."/space/{$_vars['spacestyle']}/index.htm";
-
- //更新最近访客记录及站点统计记录
- $vtime = time();
- $last_vtime = GetCookie('last_vtime');
- $last_vid = GetCookie('last_vid');
- if(empty($last_vtime))
- {
- $last_vtime = 0;
- }
- if($vtime - $last_vtime > 3600 || !preg_match('#,'.$uid.',#i', ','.$last_vid.',') )
- {
- if($last_vid!='')
- {
- $last_vids = explode(',',$last_vid);
- $i = 0;
- $last_vid = $uid;
- foreach($last_vids as $lsid)
- {
- if($i>10)
- {
- break;
- }
- else if($lsid != $uid)
- {
- $i++;
- $last_vid .= ','.$last_vid;
- }
- }
- }
- else
- {
- $last_vid = $uid;
- }
- PutCookie('last_vtime', $vtime, 3600*24, '/');
- PutCookie('last_vid', $last_vid, 3600*24, '/');
- if($cfg_ml->IsLogin() && $cfg_ml->M_LoginID != $uid)
- {
- $vip = GetIP();
- $arr = $dsql->GetOne("SELECT * FROM `#@__member_vhistory` WHERE mid='{$_vars['mid']}' AND vid='{$cfg_ml->M_ID}' ");
- if(is_array($arr))
- {
- $dsql->ExecuteNoneQuery("UPDATE `#@__member_vhistory` SET vip='$vip',vtime='$vtime',count=count+1 WHERE mid='{$_vars['mid']}' AND vid='{$cfg_ml->M_ID}' ");
- }
- else
- {
- $query = "INSERT INTO `#@__member_vhistory`(mid,loginid,vid,vloginid,count,vip,vtime)
- VALUES('{$_vars['mid']}','{$_vars['userid']}','{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','1','$vip','$vtime'); ";
- $dsql->ExecuteNoneQuery($query);
- }
- }
- $dsql->ExecuteNoneQuery("UPDATE `#@__member_tj` SET homecount=homecount+1 WHERE mid='{$_vars['mid']}' ");
- }
- $dpl->LoadTemplate($tplfile);
- $dpl->display();
- exit();
- }
- else
- {
- require_once(DEDEMEMBER.'/inc/space_action.php');
- exit();
- }
}
\ No newline at end of file
diff --git a/src/member/index_do.php b/src/member/index_do.php
index c98d8d98..08b31998 100755
--- a/src/member/index_do.php
+++ b/src/member/index_do.php
@@ -96,30 +96,7 @@ else if($fmdo=='user')
$msgtitle='用户笔名';
}
else
- {
- #api{{
- if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php')
- {
- $ucresult = uc_user_checkname($uid);
- if($ucresult > 0)
- {
- echo "
√用户名可用";
- }
- elseif($ucresult == -1)
- {
- echo "
×用户名不合法";
- }
- elseif($ucresult == -2)
- {
- echo "
×包含要允许注册的词语";
- }
- elseif($ucresult == -3)
- {
- echo "
×用户名已经存在";
- }
- exit();
- }
- #/aip}}
+ {
$msgtitle='用户名';
}
if($cktype!=0 || $cfg_mb_wnameone=='N') {
@@ -143,24 +120,7 @@ else if($fmdo=='user')
//检查email是否存在
else if($dopost=="checkmail")
{
- AjaxHead();
-
- #api{{
- if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php')
- {
- $ucresult = uc_user_checkemail($email);
- if($ucresult > 0) {
- echo "
√可以使用";
- } elseif($ucresult == -4) {
- echo "
×Email 格式有误!";
- } elseif($ucresult == -5) {
- echo "
×Email 不允许注册!";
- } elseif($ucresult == -6) {
- echo "
×该 Email 已经被注册!";
- }
- exit();
- }
- #/aip}}
+ AjaxHead();
if($cfg_md_mailtest=='N')
{
@@ -272,61 +232,7 @@ else if($fmdo=='login')
}
//检查帐号
- $rs = $cfg_ml->CheckUser($userid,$pwd);
-
- #api{{
- if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php')
- {
- //检查帐号
- list($uid, $username, $password, $email) = uc_user_login($userid, $pwd);
- if($uid > 0) {
- $password = md5($password);
- //当UC存在用户,而CMS不存在时,就注册一个
- if(!$rs) {
- //会员的默认金币
- $row = $dsql->GetOne("SELECT `money`,`scores` FROM `#@__arcrank` WHERE `rank`='10' ");
- $scores = is_array($row) ? $row['scores'] : 0;
- $money = is_array($row) ? $row['money'] : 0;
- $logintime = $jointime = time();
- $loginip = $joinip = GetIP();
- $res = $dsql->ExecuteNoneQuery("INSERT INTO #@__member SET `mtype`='个人',`userid`='$username',`pwd`='$password',`uname`='$username',`sex`='男' ,`rank`='10',`money`='$money', `email`='$email', `scores`='$scores', `matt`='0', `face`='',`safequestion`='0',`safeanswer`='', `jointime`='$jointime',`joinip`='$joinip',`logintime`='$logintime',`loginip`='$loginip';");
- if($res) {
- $mid = $dsql->GetLastID();
- $data = array
- (
- 0 => "INSERT INTO `#@__member_person` SET `mid`='$mid', `onlynet`='1', `sex`='男', `uname`='$username', `qq`='', `msn`='', `tel`='', `mobile`='', `place`='', `oldplace`='0' ,
- `birthday`='1980-01-01', `star`='1', `income`='0', `education`='0', `height`='160', `bodytype`='0', `blood`='0', `vocation`='0', `smoke`='0', `marital`='0', `house`='0',
- `drink`='0', `datingtype`='0', `language`='', `nature`='', `lovemsg`='', `address`='',`uptime`='0';",
- 1 => "INSERT INTO `#@__member_tj` SET `mid`='$mid',`article`='0',`album`='0',`archives`='0',`homecount`='0',`pagecount`='0',`feedback`='0',`friend`='0',`stow`='0';",
- 2 => "INSERT INTO `#@__member_space` SET `mid`='$mid',`pagesize`='10',`matt`='0',`spacename`='{$uname}的空间',`spacelogo`='',`spacestyle`='person', `sign`='',`spacenews`='';",
- 3 => "INSERT INTO `#@__member_flink` SET `mid`='$mid', `title`='织梦内容管理系统', `url`='http://www.dedecms.com';"
- );
- foreach($data as $val) $dsql->ExecuteNoneQuery($val);
- }
- }
- $rs = 1;
- $row = $dsql->GetOne("SELECT `mid`, `pwd` FROM #@__member WHERE `userid`='$username'");
- if(isset($row['mid']))
- {
- $cfg_ml->PutLoginInfo($row['mid']);
- if($password!=$row['pwd']) $dsql->ExecuteNoneQuery("UPDATE #@__member SET `pwd`='$password' WHERE mid='$row[mid]'");
- }
- //生成同步登录的代码
- $ucsynlogin = uc_user_synlogin($uid);
- } else if($uid == -1) {
- //当UC不存在该用而CMS存在,就注册一个.
- if($rs) {
- $row = $dsql->GetOne("SELECT `email` FROM #@__member WHERE userid='$userid'");
- $uid = uc_user_register($userid, $pwd, $row['email']);
- if($uid > 0) $ucsynlogin = uc_user_synlogin($uid);
- } else {
- $rs = -1;
- }
- } else {
- $rs = -1;
- }
- }
- #/aip}}
+ $rs = $cfg_ml->CheckUser($userid,$pwd);
if($rs==0)
{
@@ -365,56 +271,10 @@ else if($fmdo=='login')
else if($dopost=="exit")
{
$cfg_ml->ExitCookie();
- #api{{
- if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php')
- {
- $ucsynlogin = uc_user_synlogout();
- }
- #/aip}}
ShowMsg("成功退出登录!","index.php",0,2000);
exit();
}
}
-/*********************
-function moodmsg()
-*******************/
-else if($fmdo=='moodmsg')
-{
- //用户登录
- if($dopost=="sendmsg")
- {
- if(!empty($content))
- {
- $ip = GetIP();
- $dtime = time();
- $ischeck = ($cfg_mb_msgischeck == 'Y')? 0 : 1;
- if($cfg_soft_lang == 'gb2312')
- {
- $content = utf82gb(nl2br($content));
- }
- $content = cn_substrR(HtmlReplace($content,1),360);
- //对表情进行解析
- $content = addslashes(preg_replace("/\[face:(\d{1,2})\]/is","
",$content));
- $content = RemoveXSS($content);
- $inquery = "INSERT INTO `#@__member_msg`(`mid`,`userid`,`ip`,`ischeck`,`dtime`, `msg`)
- VALUES ('{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','$ip','$ischeck','$dtime', '$content'); ";
- $rs = $dsql->ExecuteNoneQuery($inquery);
- if(!$rs)
- {
- $output['type'] = 'error';
- $output['data'] = '更新失败,请重试.';
- exit();
- }
- $output['type'] = 'success';
- if($cfg_soft_lang == 'gb2312')
- {
- $content = utf82gb(nl2br($content));
- }
- $output['data'] = stripslashes($content);
- exit(json_encode($output));
- }
- }
-}
else
{
ShowMsg("本页面禁止返回!","index.php");
diff --git a/src/member/mystow.php b/src/member/mystow.php
index 16eaf207..946e94ef 100755
--- a/src/member/mystow.php
+++ b/src/member/mystow.php
@@ -18,8 +18,8 @@ $tpl = '';
$menutype = 'mydede';
$rank = empty($rank) ? "" : $rank;
if ($rank == 'top') {
- $sql = "SELECT s.*,COUNT(s.aid) AS num,t.* from #@__member_stow AS s LEFT JOIN `#@__member_stowtype` AS t on t.stowname=s.type group by s.aid order by num desc";
- $tpl = 'stowtop';
+ $sql = "SELECT s.*,COUNT(s.aid) AS num,t.* from `#@__member_stow` AS s LEFT JOIN `#@__member_stowtype` AS t on t.stowname=s.type group by s.aid order by num desc";
+ $tpl = 'mystowtop';
} else {
$sql = "SELECT s.*,t.* FROM `#@__member_stow` AS s left join `#@__member_stowtype` AS t on t.stowname=s.type where s.mid='" . $cfg_ml->M_ID . "' order by s.id desc";
$tpl = 'mystow';
@@ -32,6 +32,6 @@ while ($row = $dsql->GetArray('nn')) {
$dlist = new DataListCP();
$dlist->pageSize = 20;
-$dlist->SetTemplate(DEDEMEMBER . "/templets/$tpl.htm");
+$dlist->SetTemplate(DEDEMEMBER . "/templets/mystow.htm");
$dlist->SetSource($sql);
$dlist->Display();
diff --git a/src/member/pm.php b/src/member/pm.php
index d745f5a8..7955e9b1 100755
--- a/src/member/pm.php
+++ b/src/member/pm.php
@@ -19,20 +19,13 @@ if($cfg_mb_lit=='Y')
exit();
}
-#api{{
-if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php')
-{
- if($data = uc_get_user($cfg_ml->M_LoginID)) uc_pm_location($data[0]);
-}
-#/aip}}
-
if(!isset($dopost))
{
$dopost = '';
}
//检查用户是否被禁言
CheckNotAllow();
-$state=(empty($state))? "" : $state;
+$state=(empty($state))? 0 : intval($state);
/*--------------------
function __send(){ }
----------------------*/
@@ -200,10 +193,10 @@ else
$dsql->ExecuteNoneQuery($row3);
}
}
- if($state=="1"){
+ if($state===1){
$wsql= " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=1";
$tname = "收件箱";
- } else if ($state=="-1")
+ } else if ($state===-1)
{
$wsql = "toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=0";
$tname = "收件箱";
@@ -217,6 +210,7 @@ else
$wsql = " `fromid` ='{$cfg_ml->M_ID}' AND folder LIKE 'outbox'";
$tname = "已发信息";
}
+
$query = "SELECT * FROM `#@__member_pms` WHERE $wsql ORDER BY sendtime DESC";
$dlist = new DataListCP();
$dlist->pageSize = 20;
diff --git a/src/member/reg_new.php b/src/member/reg_new.php
index a1a3c692..be9bd8ba 100755
--- a/src/member/reg_new.php
+++ b/src/member/reg_new.php
@@ -1,4 +1,5 @@
IsLogin())
- {
- if($cfg_mb_reginfo == 'Y')
- {
+if ($step == 1) {
+ if ($cfg_ml->IsLogin()) {
+ if ($cfg_mb_reginfo == 'Y') {
//如果启用注册详细信息
- if($cfg_ml->fields['spacesta'] == 0 || $cfg_ml->fields['spacesta'] == 1)
- {
- ShowMsg("尚未完成详细资料,请完善...", "index_do.php?fmdo=user&dopost=regnew&step=2", 0, 1000);
- exit;
+ if ($cfg_ml->fields['spacesta'] == 0 || $cfg_ml->fields['spacesta'] == 1) {
+ ShowMsg("尚未完成详细资料,请完善...", "index_do.php?fmdo=user&dopost=regnew&step=2", 0, 1000);
+ exit;
}
}
- ShowMsg('你已经登陆系统,无需重新注册!', 'index.php');
+ ShowMsg('你已经登录系统,无需重新注册!', 'index.php');
exit();
}
- if($dopost=='regbase')
- {
+ if ($dopost == 'regbase') {
$svali = GetCkVdValue();
- if(preg_match("/1/", $safe_gdopen)){
- if(strtolower($vdcode)!=$svali || $svali=='')
- {
+ if (preg_match("/1/", $safe_gdopen)) {
+ if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误!', '-1');
exit();
}
}
-
- $faqkey = isset($faqkey) && is_numeric($faqkey) ? $faqkey : 0;
- if($safe_faq_reg == '1')
- {
- if($safefaqs[$faqkey]['answer'] != $rsafeanswer || $rsafeanswer=='')
- {
- ShowMsg('验证问题答案错误', '-1');
- exit();
- }
- }
-
- $userid = trim($userid);
+
+ // $faqkey = isset($faqkey) && is_numeric($faqkey) ? $faqkey : 0;
+ // if($safe_faq_reg == '1')
+ // {
+ // if($safefaqs[$faqkey]['answer'] != $rsafeanswer || $rsafeanswer=='')
+ // {
+ // ShowMsg('验证问题答案错误', '-1');
+ // exit();
+ // }
+ // }
+
+ $userid = $uname = trim($userid);
$pwd = trim($userpwd);
$pwdc = trim($userpwdok);
$rs = CheckUserID($userid, '用户名');
- if($rs != 'ok')
- {
+ if ($rs != 'ok') {
ShowMsg($rs, '-1');
exit();
}
- if(strlen($userid) > 20 || strlen($uname) > 36)
- {
+ if (strlen($userid) > 20 || strlen($uname) > 36) {
ShowMsg('你的用户名或用户笔名过长,不允许注册!', '-1');
exit();
}
- if(strlen($userid) < $cfg_mb_idmin || strlen($pwd) < $cfg_mb_pwdmin)
- {
- ShowMsg("你的用户名或密码过短,不允许注册!","-1");
+ if (strlen($userid) < $cfg_mb_idmin || strlen($pwd) < $cfg_mb_pwdmin) {
+ ShowMsg("你的用户名或密码过短,不允许注册!", "-1");
exit();
}
- if($pwdc != $pwd)
- {
+ if ($pwdc != $pwd) {
ShowMsg('你两次输入的密码不一致!', '-1');
exit();
}
-
+
$uname = HtmlReplace($uname, 1);
- //用户笔名重复检测
- if($cfg_mb_wnameone=='N')
- {
- $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE uname LIKE '$uname' ");
- if(is_array($row))
- {
- ShowMsg('用户笔名或公司名称不能重复!', '-1');
- exit();
- }
- }
- if(!CheckEmail($email))
- {
- ShowMsg('Email格式不正确!', '-1');
- exit();
- }
-
- #api{{
- if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php')
- {
- $uid = uc_user_register($userid, $pwd, $email);
- if($uid <= 0)
- {
- if($uid == -1)
- {
- ShowMsg("用户名不合法!","-1");
- exit();
- }
- elseif($uid == -2)
- {
- ShowMsg("包含要允许注册的词语!","-1");
- exit();
- }
- elseif($uid == -3)
- {
- ShowMsg("你指定的用户名 {$userid} 已存在,请使用别的用户名!","-1");
- exit();
- }
- elseif($uid == -5)
- {
- ShowMsg("你使用的Email 不允许注册!","-1");
- exit();
- }
- elseif($uid == -6)
- {
- ShowMsg("你使用的Email已经被另一帐号注册,请使其它帐号","-1");
- exit();
- }
- else
- {
- ShowMsg("注删失改!","-1");
- exit();
- }
- }
- else
- {
- $ucsynlogin = uc_user_synlogin($uid);
- }
- }
- #/aip}}
-
- if($cfg_md_mailtest=='Y')
- {
- $row = $dsql->GetOne("SELECT mid FROM `#@__member` WHERE email LIKE '$email' ");
- if(is_array($row))
- {
- ShowMsg('你使用的Email已经被另一帐号注册,请使其它帐号!', '-1');
- exit();
- }
- }
-
+ // //用户笔名重复检测
+ // if($cfg_mb_wnameone=='N')
+ // {
+ // $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE uname LIKE '$uname' ");
+ // if(is_array($row))
+ // {
+ // ShowMsg('用户笔名或公司名称不能重复!', '-1');
+ // exit();
+ // }
+ // }
+ // if(!CheckEmail($email))
+ // {
+ // ShowMsg('Email格式不正确!', '-1');
+ // exit();
+ // }
+
+ // if($cfg_md_mailtest=='Y')
+ // {
+ // $row = $dsql->GetOne("SELECT mid FROM `#@__member` WHERE email LIKE '$email' ");
+ // if(is_array($row))
+ // {
+ // ShowMsg('你使用的Email已经被另一帐号注册,请使其它帐号!', '-1');
+ // exit();
+ // }
+ // }
+
//检测用户名是否存在
$row = $dsql->GetOne("SELECT mid FROM `#@__member` WHERE userid LIKE '$userid' ");
- if(is_array($row))
- {
+ if (is_array($row)) {
ShowMsg("你指定的用户名 {$userid} 已存在,请使用别的用户名!", "-1");
exit();
}
- if($safequestion==0)
- {
- $safeanswer = '';
- }
- else
- {
- if(strlen($safeanswer)>30)
- {
- ShowMsg('你的新安全问题的答案太长了,请控制在30字节以内!', '-1');
- exit();
- }
- }
-
+ // if($safequestion==0)
+ // {
+ // $safeanswer = '';
+ // }
+ // else
+ // {
+ // if(strlen($safeanswer)>30)
+ // {
+ // ShowMsg('你的新安全问题的答案太长了,请控制在30字节以内!', '-1');
+ // exit();
+ // }
+ // }
+
//会员的默认金币
$dfscores = 0;
$dfmoney = 0;
$dfrank = $dsql->GetOne("SELECT money,scores FROM `#@__arcrank` WHERE rank='10' ");
- if(is_array($dfrank))
- {
+ if (is_array($dfrank)) {
$dfmoney = $dfrank['money'];
$dfscores = $dfrank['scores'];
}
@@ -185,178 +129,158 @@ if($step == 1)
$joinip = GetIP();
$loginip = GetIP();
$pwd = md5($userpwd);
- $mtype = RemoveXSS(HtmlReplace($mtype,1));
- $safeanswer = HtmlReplace($safeanswer);
- $safequestion = HtmlReplace($safequestion);
-
+ $mtype = '个人';
+
$spaceSta = ($cfg_mb_spacesta < 0 ? $cfg_mb_spacesta : 0);
-
+
$inQuery = "INSERT INTO `#@__member` (`mtype` ,`userid` ,`pwd` ,`uname` ,`sex` ,`rank` ,`money` ,`email` ,`scores` ,
`matt`, `spacesta` ,`face`,`safequestion`,`safeanswer` ,`jointime` ,`joinip` ,`logintime` ,`loginip` )
- VALUES ('$mtype','$userid','$pwd','$uname','$sex','10','$dfmoney','$email','$dfscores',
- '0','$spaceSta','','$safequestion','$safeanswer','$jointime','$joinip','$logintime','$loginip'); ";
- if($dsql->ExecuteNoneQuery($inQuery))
- {
+ VALUES ('$mtype','$userid','$pwd','$uname','','10','$dfmoney','','$dfscores',
+ '0','$spaceSta','','','','$jointime','$joinip','$logintime','$loginip'); ";
+ if ($dsql->ExecuteNoneQuery($inQuery)) {
$mid = $dsql->GetLastID();
-
+
//写入默认会员详细资料
- if($mtype=='个人'){
- $space='person';
- }else if($mtype=='企业'){
- $space='company';
- }else{
- $space='person';
+ if ($mtype == '个人') {
+ $space = 'person';
+ } else if ($mtype == '企业') {
+ $space = 'company';
+ } else {
+ $space = 'person';
}
-
+
//写入默认统计数据
$membertjquery = "INSERT INTO `#@__member_tj` (`mid`,`article`,`album`,`archives`,`homecount`,`pagecount`,`feedback`,`friend`,`stow`)
VALUES ('$mid','0','0','0','0','0','0','0','0'); ";
$dsql->ExecuteNoneQuery($membertjquery);
-
+
//写入默认空间配置数据
$spacequery = "INSERT INTO `#@__member_space`(`mid` ,`pagesize` ,`matt` ,`spacename` ,`spacelogo` ,`spacestyle`, `sign` ,`spacenews`)
VALUES('{$mid}','10','0','{$uname}的空间','','$space','',''); ";
$dsql->ExecuteNoneQuery($spacequery);
-
+
//写入其它默认数据
$dsql->ExecuteNoneQuery("INSERT INTO `#@__member_flink`(mid,title,url) VALUES('$mid','织梦内容管理系统','http://www.dedecms.com'); ");
-
+
$membermodel = new membermodel($mtype);
- $modid=$membermodel->modid;
- $modid = empty($modid)? 0 : intval(preg_replace("/[^\d]/",'', $modid));
- $modelform = $dsql->getOne("SELECT * FROM #@__member_model WHERE id='$modid' ");
-
- if(!is_array($modelform))
- {
+ $modid = $membermodel->modid;
+ $modid = empty($modid) ? 0 : intval($modid);
+ $modelform = $dsql->getOne("SELECT * FROM `#@__member_model` WHERE id='$modid' ");
+
+ if (!is_array($modelform)) {
showmsg('模型表单不存在', '-1');
exit();
- }else{
+ } else {
$dsql->ExecuteNoneQuery("INSERT INTO `{$membermodel->table}` (`mid`) VALUES ('{$mid}');");
}
-
+
//----------------------------------------------
//模拟登录
//---------------------------
- $cfg_ml = new MemberLogin(7*3600);
+ $cfg_ml = new MemberLogin(7 * 3600);
$rs = $cfg_ml->CheckUser($userid, $userpwd);
-
- //邮件验证
- if($cfg_mb_spacesta==-10)
- {
- $userhash = md5($cfg_cookie_encode.'--'.$mid.'--'.$email);
- $url = $cfg_basehost.(empty($cfg_cmspath) ? '/' : $cfg_cmspath)."/member/index_do.php?fmdo=checkMail&mid={$mid}&userhash={$userhash}&do=1";
- $url = preg_replace("#http:\/\/#i", '', $url);
- $url = 'http://'.preg_replace("#\/\/#", '/', $url);
- $mailtitle = "{$cfg_webname}--会员邮件验证通知";
- $mailbody = '';
- $mailbody .= "尊敬的用户[{$uname}],您好:\r\n";
- $mailbody .= "欢迎注册成为[{$cfg_webname}]的会员。\r\n";
- $mailbody .= "要通过注册,还必须进行最后一步操作,请点击或复制下面链接到地址栏访问这地址:\r\n\r\n";
- $mailbody .= "{$url}\r\n\r\n";
- $mailbody .= "Power by http://www.dedecms.com 织梦内容管理系统!\r\n";
-
- $headers = "From: ".$cfg_adminemail."\r\nReply-To: ".$cfg_adminemail;
- if($cfg_sendmail_bysmtp == 'Y' && !empty($cfg_smtp_server))
- {
- $mailtype = 'TXT';
- require_once(DEDEINC.'/mail.class.php');
- $smtp = new smtp($cfg_smtp_server,$cfg_smtp_port,true,$cfg_smtp_usermail,$cfg_smtp_password);
- $smtp->debug = false;
- $smtp->sendmail($email,$cfg_webname,$cfg_smtp_usermail, $mailtitle, $mailbody, $mailtype);
- }
- else
- {
- @mail($email, $mailtitle, $mailbody, $headers);
- }
- }//End 邮件验证
-
- if($cfg_mb_reginfo == 'Y' && $spaceSta >=0)
- {
- ShowMsg("完成基本信息的注册,接下来完善详细资料...","index_do.php?fmdo=user&dopost=regnew&step=2",0,1000);
+
+ // //邮件验证
+ // if($cfg_mb_spacesta==-10)
+ // {
+ // $userhash = md5($cfg_cookie_encode.'--'.$mid.'--'.$email);
+ // $url = $cfg_basehost.(empty($cfg_cmspath) ? '/' : $cfg_cmspath)."/member/index_do.php?fmdo=checkMail&mid={$mid}&userhash={$userhash}&do=1";
+ // $url = preg_replace("#http:\/\/#i", '', $url);
+ // $url = 'http://'.preg_replace("#\/\/#", '/', $url);
+ // $mailtitle = "{$cfg_webname}--会员邮件验证通知";
+ // $mailbody = '';
+ // $mailbody .= "尊敬的用户[{$uname}],您好:\r\n";
+ // $mailbody .= "欢迎注册成为[{$cfg_webname}]的会员。\r\n";
+ // $mailbody .= "要通过注册,还必须进行最后一步操作,请点击或复制下面链接到地址栏访问这地址:\r\n\r\n";
+ // $mailbody .= "{$url}\r\n\r\n";
+ // $mailbody .= "Power by http://www.dedecms.com 织梦内容管理系统!\r\n";
+
+ // $headers = "From: ".$cfg_adminemail."\r\nReply-To: ".$cfg_adminemail;
+ // if($cfg_sendmail_bysmtp == 'Y' && !empty($cfg_smtp_server))
+ // {
+ // $mailtype = 'TXT';
+ // require_once(DEDEINC.'/mail.class.php');
+ // $smtp = new smtp($cfg_smtp_server,$cfg_smtp_port,true,$cfg_smtp_usermail,$cfg_smtp_password);
+ // $smtp->debug = false;
+ // $smtp->sendmail($email,$cfg_webname,$cfg_smtp_usermail, $mailtitle, $mailbody, $mailtype);
+ // }
+ // else
+ // {
+ // @mail($email, $mailtitle, $mailbody, $headers);
+ // }
+ // }//End 邮件验证
+
+ if ($cfg_mb_reginfo == 'Y' && $spaceSta >= 0) {
+ ShowMsg("完成基本信息的注册,接下来完善详细资料...", "index_do.php?fmdo=user&dopost=regnew&step=2", 0, 1000);
exit();
} else {
- require_once(DEDEMEMBER."/templets/reg-new3.htm");
+ require_once(DEDEMEMBER . "/templets/reg-new3.htm");
exit;
- }
+ }
} else {
ShowMsg("注册失败,请检查资料是否有误或与管理员联系!", "-1");
exit();
}
}
- require_once(DEDEMEMBER."/templets/reg-new.htm");
+ require_once(DEDEMEMBER . "/templets/reg-new.htm");
} else {
- if(!$cfg_ml->IsLogin())
- {
+ if (!$cfg_ml->IsLogin()) {
ShowMsg("尚未完成基本信息的注册,请返回重新填写!", "index_do.php?fmdo=user&dopost=regnew");
exit;
} else {
- if($cfg_ml->fields['spacesta'] == 2)
- {
- ShowMsg('你已经登陆系统,无需重新注册!', 'index.php');
- exit;
+ if ($cfg_ml->fields['spacesta'] == 2) {
+ ShowMsg('你已经登录系统,无需重新注册!', 'index.php');
+ exit;
}
}
$membermodel = new membermodel($cfg_ml->M_MbType);
$postform = $membermodel->getForm(true);
- if($dopost == 'reginfo')
- {
+ if ($dopost == 'reginfo') {
//这里完成详细内容填写
$dede_fields = empty($dede_fields) ? '' : trim($dede_fields);
$dede_fieldshash = empty($dede_fieldshash) ? '' : trim($dede_fieldshash);
- $modid = empty($modid)? 0 : intval(preg_replace("/[^\d]/",'', $modid));
-
- if(!empty($dede_fields))
- {
- if($dede_fieldshash != md5($dede_fields.$cfg_cookie_encode))
- {
+ $modid = empty($modid) ? 0 : intval($modid);
+
+ if (!empty($dede_fields)) {
+ if ($dede_fieldshash != md5($dede_fields . $cfg_cookie_encode)) {
showMsg('数据校验不对,程序返回', '-1');
exit();
}
}
- $modelform = $dsql->GetOne("SELECT * FROM #@__member_model WHERE id='$modid' ");
- if(!is_array($modelform))
- {
+ $modelform = $dsql->GetOne("SELECT * FROM `#@__member_model` WHERE id='$modid' ");
+ if (!is_array($modelform)) {
showmsg('模型表单不存在', '-1');
exit();
}
$inadd_f = '';
- if(!empty($dede_fields))
- {
+ if (!empty($dede_fields)) {
$fieldarr = explode(';', $dede_fields);
- if(is_array($fieldarr))
- {
- foreach($fieldarr as $field)
- {
- if($field == '') continue;
+ if (is_array($fieldarr)) {
+ foreach ($fieldarr as $field) {
+ if ($field == '') continue;
$fieldinfo = explode(',', $field);
- if($fieldinfo[1] == 'textdata')
- {
+ if ($fieldinfo[1] == 'textdata') {
${$fieldinfo[0]} = FilterSearch(stripslashes(${$fieldinfo[0]}));
${$fieldinfo[0]} = addslashes(${$fieldinfo[0]});
+ } else {
+ if (empty(${$fieldinfo[0]})) ${$fieldinfo[0]} = '';
+ ${$fieldinfo[0]} = GetFieldValue(${$fieldinfo[0]}, $fieldinfo[1], 0, 'add', '', 'diy', $fieldinfo[0]);
}
- else
- {
- if(empty(${$fieldinfo[0]})) ${$fieldinfo[0]} = '';
- ${$fieldinfo[0]} = GetFieldValue(${$fieldinfo[0]}, $fieldinfo[1],0,'add','','diy', $fieldinfo[0]);
- }
- if($fieldinfo[0]=="birthday") ${$fieldinfo[0]}=GetDateMk(${$fieldinfo[0]});
- $inadd_f .= ','.$fieldinfo[0]." ='".${$fieldinfo[0]}."' ";
+ if ($fieldinfo[0] == "birthday") ${$fieldinfo[0]} = GetDateMk(${$fieldinfo[0]});
+ $inadd_f .= ',' . $fieldinfo[0] . " ='" . ${$fieldinfo[0]} . "' ";
}
}
-
}
-
-
+
$query = "UPDATE `{$membermodel->table}` SET `mid`='{$cfg_ml->M_ID}' $inadd_f WHERE `mid`='{$cfg_ml->M_ID}'; ";
- if($dsql->executenonequery($query))
- {
+ if ($dsql->executenonequery($query)) {
$dsql->ExecuteNoneQuery("UPDATE `#@__member` SET `spacesta`='2' WHERE `mid`='{$cfg_ml->M_ID}'");
// 清除缓存
$cfg_ml->DelCache($cfg_ml->M_ID);
- require_once(DEDEMEMBER."/templets/reg-new3.htm");
+ require_once(DEDEMEMBER . "/templets/reg-new3.htm");
exit;
}
}
- require_once(DEDEMEMBER."/templets/reg-new2.htm");
-}
\ No newline at end of file
+ require_once(DEDEMEMBER . "/templets/reg-new2.htm");
+}
diff --git a/src/member/templets/album_add.htm b/src/member/templets/album_add.htm
index 7390af97..94e9c699 100755
--- a/src/member/templets/album_add.htm
+++ b/src/member/templets/album_add.htm
@@ -1,129 +1,148 @@
-
+
+
-
-
新建 - 会员中心 -
-
-
-
-
-
-
-
+
+
新建 - 会员中心 -
+
+
+
+
+
+
+
+
-