@@ -17,24 +17,6 @@ AjaxHead(); | |||||
helper('cache'); | helper('cache'); | ||||
$action = isset($action) && in_array($action, array('is_need_check_code', 'has_new_version', 'get_changed_files', 'update_backup', 'get_update_versions', 'update')) ? $action : ''; | $action = isset($action) && in_array($action, array('is_need_check_code', 'has_new_version', 'get_changed_files', 'update_backup', 'get_update_versions', 'update')) ? $action : ''; | ||||
$curDir = dirname(GetCurUrl()); //当前目录 | $curDir = dirname(GetCurUrl()); //当前目录 | ||||
/** | |||||
* 表中是否存在某个字段 | |||||
* | |||||
* @param mixed $tablename 表名称 | |||||
* @param mixed $field 字段名 | |||||
* @return void | |||||
*/ | |||||
function TableHasField($tablename,$field) | |||||
{ | |||||
global $dsql; | |||||
$dsql->GetTableFields($tablename,"tfd"); | |||||
while ($r = $dsql->GetFieldObject("tfd")) { | |||||
if ($r->name === $field) { | |||||
return true; | |||||
} | |||||
} | |||||
return false; | |||||
} | |||||
/** | /** | ||||
* 登录鉴权 | * 登录鉴权 | ||||
* | * | ||||
@@ -87,7 +69,7 @@ if ($action === 'is_need_check_code') { | |||||
if (!TableHasField("#@__arctype", "cnoverview")) { | if (!TableHasField("#@__arctype", "cnoverview")) { | ||||
$unQueryVer[] = "6.1.10"; | $unQueryVer[] = "6.1.10"; | ||||
} | } | ||||
if (!TableHasField("#@__admin", "loginerr")) { | |||||
if (!TableHasField("#@__admin", "loginerr") || !TableHasField("#@__member", "loginerr")) { | |||||
$unQueryVer[] = "6.2.0"; | $unQueryVer[] = "6.2.0"; | ||||
} | } | ||||
if (count($unQueryVer) > 0) { | if (count($unQueryVer) > 0) { | ||||
@@ -372,6 +372,24 @@ function ShowMsg($msg, $gourl, $onlymsg = 0, $limittime = 0) | |||||
} | } | ||||
echo $msg; | echo $msg; | ||||
} | } | ||||
/** | |||||
* 表中是否存在某个字段 | |||||
* | |||||
* @param mixed $tablename 表名称 | |||||
* @param mixed $field 字段名 | |||||
* @return void | |||||
*/ | |||||
function TableHasField($tablename,$field) | |||||
{ | |||||
global $dsql; | |||||
$dsql->GetTableFields($tablename,"tfd"); | |||||
while ($r = $dsql->GetFieldObject("tfd")) { | |||||
if ($r->name === $field) { | |||||
return true; | |||||
} | |||||
} | |||||
return false; | |||||
} | |||||
/** | /** | ||||
* 获取验证码的session值 | * 获取验证码的session值 | ||||
* | * | ||||
@@ -465,6 +465,9 @@ class MemberLogin | |||||
if ($rs != 'ok') { | if ($rs != 'ok') { | ||||
return -1; | return -1; | ||||
} | } | ||||
if (!TableHasField("#@__member", "loginerr")) { | |||||
return 0; | |||||
} | |||||
$row = $dsql->GetOne("SELECT loginerr,logintime FROM `#@__member` WHERE userid LIKE '$loginuser'"); | $row = $dsql->GetOne("SELECT loginerr,logintime FROM `#@__member` WHERE userid LIKE '$loginuser'"); | ||||
if (is_array($row)) { | if (is_array($row)) { | ||||
//1分钟内如果输错3次则需要验证码 | //1分钟内如果输错3次则需要验证码 | ||||
@@ -266,6 +266,9 @@ class userLogin | |||||
function getLoginError($username) | function getLoginError($username) | ||||
{ | { | ||||
global $dsql; | global $dsql; | ||||
if (!TableHasField("#@__admin", "loginerr")) { | |||||
return 0; | |||||
} | |||||
$this->userName = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $username); | $this->userName = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $username); | ||||
$row = $dsql->GetOne("SELECT loginerr,logintime FROM `#@__admin` WHERE userid LIKE '$this->userName'"); | $row = $dsql->GetOne("SELECT loginerr,logintime FROM `#@__admin` WHERE userid LIKE '$this->userName'"); | ||||
if (is_array($row)) { | if (is_array($row)) { | ||||