$uid); $member = C::t('user_profile')->get_userprofile_by_uid($_G['uid']); //$openid= C::t('user_qqconnect')->fetch_bindstatus_by_uid($uid); if ($do == 'editpass') { $navtitle = lang('password_edit'); $strongpw = ($_G['setting']['strongpw']) ? json_encode($_G['setting']['strongpw']) : ''; if (isset($_GET['editpass'])) { //验证提交是否合法，阻止外部非法提交 chk_submitroule($type); //验证码 if (!check_seccode($_GET['seccodeverify'], $_GET['sechash'])) { showTips(array('error' => lang('submit_seccode_invalid')), $type); } //验证原密码 $password0 = $_GET['password0']; if (md5(md5("") . $member['salt']) != $member['password']) { if (md5(md5($password0) . $member['salt']) != $member['password']) { showTips(array('error' => lang('password_error')), $type); } } if ($_GET['password'] != addslashes($_GET['password'])) { showTips(array('error' => lang('profile_passwd_illegal')), $type); } if ($_GET['password'] && $_G['setting']['pwlength']) { if (strlen($_GET['password']) < $_G['setting']['pwlength']) { showTips(array('error' => lang('profile_password_tooshort'), 'pwlength' => $_G['setting']['pwlength']), $type); } } //验证密码强度 if ($_GET['password'] && $_G['setting']['strongpw']) { $strongpw_str = array(); if (in_array(1, $_G['setting']['strongpw']) && !preg_match("/\d+/", $_GET['password'])) { $strongpw_str[] = lang('strongpw_1'); } if (in_array(2, $_G['setting']['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) { $strongpw_str[] = lang('strongpw_2'); } if (in_array(3, $_G['setting']['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) { $strongpw_str[] = lang('strongpw_3'); } if (in_array(4, $_G['setting']['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) { $strongpw_str[] = lang('strongpw_4'); } if ($strongpw_str) { showTips(array('error' => lang('password_weak') . implode(',', $strongpw_str)), $type); } } if ($_GET['password'] && $_GET['password'] !== $_GET['password2']) { showTips(array('error' => lang('profile_passwd_notmatch')), $type); } $setarr = array(); if ($_GET['password']) { $password = preg_match('/^\w{32}$/', $_GET['password']) ? $_GET['password'] : md5($_GET['password']); $password = md5($password . $member['salt']); } if ($password && C::t('user')->update_password($_G['uid'], $password)) { showTips(array('success' => lang('update_password_success')), $type); exit(); } } } elseif ($do == 'login') { $navtitle = '登录记录'; function get_log_files($logdir = '', $action = 'action') { $dir = opendir($logdir); $files = array(); while ($entry = readdir($dir)) { $files[] = $entry; } closedir($dir); if ($files) { sort($files); $logfile = $action; $logfiles = array(); $ym = ''; foreach ($files as $file) { if (strpos($file, $logfile) !== FALSE) { if (substr($file, 0, 6) != $ym) { $ym = substr($file, 0, 6); } $logfiles[$ym][] = $file; } } if ($logfiles) { $lfs = array(); foreach ($logfiles as $ym => $lf) { $lastlogfile = $lf[0]; unset($lf[0]); $lf[] = $lastlogfile; $lfs = array_merge($lfs, $lf); } return $lfs; } return array(); } return array(); } !isset($_GET['page']) && $_GET['page'] = 1; $lpp = empty($_GET['lpp']) ? 20 : $_GET['lpp']; $checklpp = array(); $checklpp[$lpp] = 'selected="selected"'; $keyword = "uid=" . $_G['uid']; $extrainput = ''; $operation = "loginlog"; $page = (isset($_GET['page'])) ? intval($_GET['page']) : 1; $start = ($page - 1) * $lpp; $gets = array( 'mod' => MOD_NAME, 'op' => $_GET['op'], 'do' => $_GET['do'] ); $theurl = BASESCRIPT . "?" . url_implode($gets); $logdir = DZZ_ROOT . './data/log/'; $logfiles = get_log_files($logdir, $operation); if ($logfiles) $logfiles = array_reverse($logfiles); $firstlogs = file($logdir . $logfiles[0]); $firstlogsnum = count($firstlogs); $countlogfile = count($logfiles); $logs = array(); $jishu = 4000;//每个日志文件最多行数 $start = ($page - 1) * $lpp; $lastlog = $last_secondlog = ""; $newdata = array(); foreach ($logfiles as $k => $v) { $nowfilemaxnum = ($jishu * ($k + 1)) - ($jishu - $firstlogsnum); $startnum = ($nowfilemaxnum - $jishu) <= 0 ? 0 : ($nowfilemaxnum - $jishu + 1); $newdata[] = array("file" => $v, "start" => $startnum, "end" => $nowfilemaxnum); } //print_R($newdata); //查询当前分页数据位于哪个日志文件 $lastlog = $last_secondlog = ""; foreach ($newdata as $k => $v) { if ($start <= $v["end"]) { $lastlog = $v; if (($start + $lpp) < $v["end"]) { } else { if (isset($newdata[$k + 1])) { $last_secondlog = $newdata[$k + 1]; } } break; } } $j = 0; for ($i = $lastlog["start"]; $i < $lastlog["end"]; $i++) { if ($start <= ($lastlog["start"] + $j)) { break; } $j++; } //获取数据开始 $logs = file($logdir . $lastlog["file"]); $logs = array_reverse($logs); foreach ($logs as $key => $value) { if (!empty($keyword) && strpos($value, $keyword) === FALSE) { unset($logs[$key]); } } $count = count($logs); if ($lastlog["file"] != $logfiles[0]) { $j++; } $logs = array_slice($logs, $j, $lpp); $onecountget = count($logs); $jj = 0; if ($last_secondlog) { for ($i = $last_secondlog["start"]; $i < $last_secondlog["end"]; $i++) { if (($jj) >= ($lpp - $onecountget)) { break; } $jj++; } } if ($last_secondlog) { $logs2 = file($logdir . $last_secondlog["file"]); $logs2 = array_reverse($logs2); $end = $lpp - count($logs); $logs2 = array_slice($logs2, 0, $jj); $logs = array_merge($logs, $logs2); } $usergroup = array(); foreach (C::t('usergroup')->range() as $group) { $usergroup[$group['groupid']] = $group['grouptitle']; } $list = array(); foreach ($logs as $k => $logrow) { $log = explode("\t", $logrow); if (empty($log[1])) { continue; } $log[1] = dgmdate($log[1], 'y-n-j H:i:s'); $log[2] = ($log[2] != $_G['member']['username'] ? "$log[2]" : $log[2]); $log[3] = $usergroup[$log[3]]; $list[$k] = $log; } $multi = multi($count, $lpp, $page, $theurl, 'pull-right'); } elseif ($do == 'changeemail') { $navtitle = lang('bindemail_subject'); $emailchange = $member['emailstatus']; $bindemail = isset($_GET['newemail']) ? $_GET['newemail'] : ''; if (!empty($bindemail)) { if (C::t('user')->chk_email_by_uid($bindemail, $uid)) { showTips(array('error' => lang('profile_email_duplicate')), $type); } $idstring = random(6); $type = $_GET['returnType']; $siteurl = $_G['siteurl']; $confirmurl = C::t('shorturl')->getShortUrl("user.php?mod=profile&op=password&do=changeemail&uid={$uid}&id=$idstring&email={$bindemail}"); $email_bind_message = lang('bindemail_message', array( 'username' => $_G['member']['username'], 'sitename' => $_G['setting']['sitename'], 'siteurl' => $_G['siteurl'], 'url' => $confirmurl )); if (!sendmail("$member[username] <$bindemail>", lang('bindemail_subject'), $email_bind_message)) { runlog('sendmail', "$bindemail sendmail failed."); showTips(array('error' => lang('setting_mail_send_error')), $type); } else { $updatearr = array("emailsenddate" => $idstring . '_' . time()); C::t('user')->update($uid, $updatearr); showTips(array('success' => array('email' => $bindemail)), $type); } } } elseif ($do == 'bindqq') {//绑定qq @session_start(); if ($_G['setting']['qq_login'] != '1') { showTips(array('lang' => lang('qq_login_closed'), 'referer' => $_G['siteurl']), 'html'); } require_once DZZ_ROOT . "./user/api_qqlogin/qqConnectAPI.php"; $inurl = $_SERVER["HTTP_REFERER"]; //来路 $_SESSION['bindqq'] = true; $_SESSION['bind_ref'] = $inurl; $qc = new QC(); $qc->qq_login(); } elseif ($do == 'unbindqq') {//取消qq绑定 if (C::t('user_qqconnect')->delete($_GET['openid'])) { showmessage(lang('qq_unbind_success'), dreferer(), array(), array('alert' => 'right')); } else { showmessage(lang('qq_unbind_failed'), dreferer(), array(), array('alert' => 'right')); } } //三方登录未设置密码时不需要输入原密码 $showoldpassword = 1; if (md5(md5("") . $member['salt']) == $member['password']) { $showoldpassword = 0; } include template('pass_safe'); exit();