<?php
require_once './include/common.inc.php';
require_once DISCUZ_ROOT . './uc_client/client.php';
// COOKIE验证
if ($_COOKIE["UserInfo"]) {
//用户如果已经登录过,下面用统一通行证的cookie处理方法解析出用户信息
$username = .....;
$password = ......;
$email = ......;
$ResultCode = "0";
} else {
// 如果从论坛登录,则需要统一通行证验证
$username = $_POST["username"];
$password = $_POST["password"];
// 验证
$ResultCode = ....//如果验证成功返回0
$email = ....;//从通行证取到用户email
}
if ($ResultCode == "0") {
// 先看DZ用户表里是否有这条,如果有,且密码不一样,则更新密码(防止出现通行证用户修改密码后,DZ不能登陆);没有新插入一条
if ($loginfield == 'uid') {
$isuid = 1;
} elseif ($loginfield == 'email') {
$isuid = 2;
} else {
$isuid = 0;
}
$ucresult = uc_user_login($username, $password, $isuid, 1, $questionid, $answer);
list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($ucresult, 1);
$ucresult = $tmp;
if ($duplicate && $ucresult['uid'] > 0) {
if ($olduid = $db -> result_first("SELECT uid FROM {$tablepre}members WHERE username='" . addslashes($ucresult['username']) . "'")) {
require_once DISCUZ_ROOT . './include/membermerge.func.php';
membermerge($olduid, $ucresult['uid']);
uc_user_merge_remove($ucresult['username']);
} else {
return 0;
}
}
if ($ucresult['uid'] == -1) {
// 用户不存在,或者被删除
$uid = uc_user_register($username, $password, $email, $questionid, $answer, $onlineip);
if ($uid <= 0) {
fail();
}
$inviteconfig = array();
$query = $db -> query("SELECT * FROM {$tablepre}settings WHERE variable IN ('bbrules', 'bbrulestxt', 'welcomemsg', 'welcomemsgtitle', 'welcomemsgtxt', 'inviteconfig')");
while ($setting = $db -> fetch_array($query)) {
$$setting['variable'] = $setting['value'];
}
$invitecode = $regstatus > 1 && $invitecode ? dhtmlspecialchars($invitecode) : '';
if ($regstatus > 1) {
$inviterewardcredit = $inviteaddcredit = $invitedaddcredit = '';
@extract(unserialize($inviteconfig));
}
$groupinfo = $db -> fetch_first("SELECT groupid, allownickname, allowcstatus, allowcusbbcode, allowsigbbcode, allowsigimgcode, maxsigsize FROM {$tablepre}usergroups WHERE " . ($regverify ? "groupid='8'" : "creditshigher<=" . intval($initcredits) . " AND " . intval($initcredits) . "<creditslower LIMIT 1"));
$secques = $questionid > 0 ? random(8) : '';
$idstring = random(6);
$authstr = $regverify == 1 ? "$timestamp\t2\t$idstring" : '';
$password = md5(random(10));
$db -> query("INSERT INTO {$tablepre}members (uid, username, password, secques, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, email, showemail, timeoffset, pmsound, invisible, newsletter)
VALUES ('$uid', '$username', '$password', '$secques', '0', '$groupinfo[groupid]', '$onlineip', '$timestamp', '$timestamp', '$timestamp', '0', $initcredits, '$email', '0', '9999', '1', '0', '1')");
$db -> query("REPLACE INTO {$tablepre}memberfields (uid, authstr $fieldadd1) VALUES ('$uid', '$authstr' $fieldadd2)");
} elseif ($ucresult['uid'] == -2) {
// 密码错
if (!uc_user_edit($username, '', $password, $email, 1)) {
fail();
}
list($uid, $username, $email) = uc_get_user($username);
} else {
$uid = $ucresult['uid'];
}
$member = $db -> fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,
m.email, m.adminid, m.groupid, m.styleid, m.lastvisit, m.lastpost, u.allowinvisible
FROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid)
WHERE m.uid='$ucresult[uid]'");
if (!$member) {
// 需要激活
fail();
}
$member['discuz_userss'] = $member['discuz_user'];
$member['discuz_user'] = addslashes($member['discuz_user']);
foreach($member as $var => $value) {
$GLOBALS[$var] = $value;
}
if (addslashes($member['email']) != $ucresult['email']) {
$db -> query("UPDATE {$tablepre}members SET email='$ucresult[email]' WHERE uid='$ucresult[uid]'");
}
if ($questionid > 0 && empty($member['discuz_secques'])) {
$GLOBALS['discuz_secques'] = random(8);
$db -> query("UPDATE {$tablepre}members SET secques='$GLOBALS[discuz_secques]' WHERE uid='$ucresult[uid]'");
}
$GLOBALS['styleid'] = $member['styleid'] ? $member['styleid'] : $_DCACHE['settings']['styleid'];
$cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : 0);
dsetcookie('cookietime', $cookietime, 31536000);
dsetcookie('auth', authcode("$member[discuz_pw]\t$member[discuz_secques]\t$member[discuz_uid]", 'ENCODE'), $cookietime, 1, true);
dsetcookie('loginuser');
dsetcookie('activationauth');
dsetcookie('pmnum');
$GLOBALS['sessionexists'] = 0;
if ($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') {
$GLOBALS['extrahead'] .= '<script>if(top != self) {parent.leftmenu.location.reload();}</script>';
}
$ucsynlogin = $allowsynlogin ? uc_user_synlogin($discuz_uid) : '';
if (!empty($inajax)) {
$msgforward = unserialize($msgforward);
$mrefreshtime = intval($msgforward['refreshtime']) * 1000;
include_once DISCUZ_ROOT . './forumdata/cache/cache_usergroups.php';
$usergroups = $_DCACHE['usergroups'][$groupid]['grouptitle'];
$message = 1;
include template('login');
} else {
if ($groupid == 8) {
showmessage('login_succeed_inactive_member', 'memcp.php');
} else {
showmessage('login_succeed', dreferer());
}
}
} else {
fail();
}
function fail() {
showmessage('undefined_action', null, 'HALTED');
}
?> |