首页 发现 帮助
注册 登录
roobe
/
zijia
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
分支: online
分支列表 标签列表
zijia
/
source
/
plugin
/
myrepeats
/
switch.inc.php

switch.inc.php 6.6 KB
永久链接 文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  *      [Discuz!] (C)2001-2099 Comsenz Inc.
    5. 

  5.  *      This is NOT a freeware, use is subject to license terms
    6. 

  6.  *
    7. 

  7.  *      $Id: switch.inc.php 29558 2012-04-18 10:17:22Z monkey $
    8. 

  8.  */
    9. 

  9. 

  10. if(!defined('IN_DISCUZ')) {
    11. 

  11. 	exit('Access Denied');
    12. 

  12. }
    13. 

  13. 

  14. if(!$_G['uid']) {
    15. 

  15. 	showmessage('not_loggedin', NULL, array(), array('login' => 1));
    16. 

  16. }
    17. 

  17. 

  18. $myrepeatsusergroups = (array)dunserialize($_G['cache']['plugin']['myrepeats']['usergroups']);
    19. 

  19. 

  20. if(!empty($_GET['list'])) {
    21. 

  21. 	if(in_array('', $myrepeatsusergroups)) {
    22. 

  22. 		$myrepeatsusergroups = array();
    23. 

  23. 	}
    24. 

  24. 	$userlist = array();
    25. 

  25. 	if(!in_array($_G['groupid'], $myrepeatsusergroups)) {
    26. 

  26. 		$userlist = get_rrepeats($_G['username']);
    27. 

  27. 		$count = count($userlist);
    28. 

  28. 		if(!$count) {
    29. 

  29. 			unset($_G['setting']['plugins']['spacecp']['myrepeats:memcp']);
    30. 

  30. 		}
    31. 

  31. 	}
    32. 

  32. 

  33. 	foreach(C::t('#myrepeats#myrepeats')->fetch_all_by_uid($_G['uid']) as $user) {
    34. 

  34. 		$userlist[$user['username']] = $user['username'];
    35. 

  35. 	}
    36. 

  36. 	$list = '<ul>';
    37. 

  37. 	foreach($userlist as $user) {
    38. 

  38. 		if(!$user) {
    39. 

  39. 			continue;
    40. 

  40. 		}
    41. 

  41. 		$list .= '<li><a href="plugin.php?id=myrepeats:switch&username='.rawurlencode($user).'&formhash='.FORMHASH.'" onclick="showWindow(\'myrepeat\', this.href);return false;">'.$user.'</a></li>';
    42. 

  42. 	}
    43. 

  43. 	$list .= '<li><a href="home.php?mod=spacecp&ac=plugin&id=myrepeats:memcp">'.lang('plugin/myrepeats', 'memcp').'</a></li>';
    44. 

  44. 	include template('common/header_ajax');
    45. 

  45. 	echo $list;
    46. 

  46. 	include template('common/footer_ajax');
    47. 

  47. 	exit;
    48. 

  48. }
    49. 

  49. 

  50. if($_GET['formhash'] != FORMHASH) {
    51. 

  51. 	showmessage('undefined_action');
    52. 

  52. }
    53. 

  53. 

  54. $referer = dreferer();
    55. 

  55. 

  56. if(in_array('', $myrepeatsusergroups)) {
    57. 

  57. 	$myrepeatsusergroups = array();
    58. 

  58. }
    59. 

  59. if(!in_array($_G['groupid'], $myrepeatsusergroups)) {
    60. 

  60. 	$users = C::t('#myrepeats#myrepeats')->fetch_all_by_username($_G['username']);
    61. 

  61. 	if(!$users) {
    62. 

  62. 		showmessage('myrepeats:usergroup_disabled');
    63. 

  63. 	} else {
    64. 

  64. 		$permusers = array();
    65. 

  65. 		foreach($users as $user) {
    66. 

  66. 			$permusers[] = $user['uid'];
    67. 

  67. 		}
    68. 

  68. 		$member = C::t('common_member')->fetch_by_username($_GET['username']);
    69. 

  69. 		if(!$member || !in_array($member['uid'], $permusers)) {
    70. 

  70. 			showmessage('myrepeats:usergroup_disabled');
    71. 

  71. 		}
    72. 

  72. 	}
    73. 

  73. }
    74. 

  74. 

  75. require_once libfile('function/member');
    76. 

  76. 

  77. $_G['myrepeats_loginperm'] = logincheck($_GET['username']);
    78. 

  78. if(!$_G['myrepeats_loginperm']) {
    79. 

  79. 	showmessage('myrepeats:login_strike', '', array('loginperm' => $_G['myrepeats_loginperm']));
    80. 

  80. }
    81. 

  81. 

  82. if(!empty($_GET['authorfirst']) && submitcheck('myrepeatssubmit')) {
    83. 

  83. 	$result = userlogin($_GET['username'], $_GET['password'], $_GET['questionid'], $_GET['answer'], 'username', $_G['clientip']);
    84. 

  84. 	$_G['myrepeats_ucresult'] = $result['ucresult'];
    85. 

  85. 	if($result['status'] > 0) {
    86. 

  86. 		$logindata = addslashes(authcode($_GET['password']."\t".$_GET['questionid']."\t".$_GET['answer'], 'ENCODE', $_G['config']['security']['authkey']));
    87. 

  87. 		if(C::t('#myrepeats#myrepeats')->count_by_uid_username($_G['uid'], $_GET['username'])) {
    88. 

  88. 			C::t('#myrepeats#myrepeats')->update_logindata_by_uid_username($_G['uid'], $_GET['username'], $logindata);
    89. 

  89. 		} else {
    90. 

  90. 			C::t('#myrepeats#myrepeats')->insert(array(
    91. 

  91. 				'uid' => $_G['uid'],
    92. 

  92. 				'username' => $_GET[username],
    93. 

  93. 				'logindata' => $logindata,
    94. 

  94. 				'comment' => ''
    95. 

  95. 			));
    96. 

  96. 		}
    97. 

  97. 	} else {
    98. 

  98. 		myrepeats_loginfailure($_GET['username'], $_GET['password'], $_GET['questionid'], $_GET['answer']);
    99. 

  99. 	}
    100. 

  100. }
    101. 

  101. 

  102. $user = C::t('#myrepeats#myrepeats')->fetch_all_by_uid_username($_G['uid'], $_GET['username']);
    103. 

  103. $user = current($user);
    104. 

  104. $olddiscuz_uid = $_G['uid'];
    105. 

  105. $olddiscuz_user = $_G['username'];
    106. 

  106. $olddiscuz_userss = $_G['member']['username'];
    107. 

  107. 

  108. if(!$user) {
    109. 

  109. 	$newuid = C::t('common_member')->fetch_uid_by_username($_GET['username']);
    110. 

  110. 	if(C::t('#myrepeats#myrepeats')->count_by_uid_username($newuid, $olddiscuz_userss)) {
    111. 

  111. 		$username = htmlspecialchars($_GET['username']);
    112. 

  112. 		include template('myrepeats:switch_login');
    113. 

  113. 		exit;
    114. 

  114. 	}
    115. 

  115. 	showmessage('myrepeats:user_nonexistence');
    116. 

  116. } elseif($user['locked']) {
    117. 

  117. 	showmessage('myrepeats:user_locked', '', array('user' => $_GET['username']));
    118. 

  118. }
    119. 

  119. 

  120. list($password, $questionid, $answer) = explode("\t", authcode($user['logindata'], 'DECODE', $_G['config']['security']['authkey']));
    121. 

  121. 

  122. $result = userlogin($_GET['username'], $password, $questionid, $answer, 'username', $_G['clientip']);
    123. 

  123. $_G['myrepeats_ucresult'] = $result['ucresult'];
    124. 

  124. if($result['status'] > 0) {
    125. 

  125. 	setloginstatus($result['member'], 2592000);
    126. 

  126. 	C::t('#myrepeats#myrepeats')->update_lastswitch_by_uid_username($olddiscuz_uid, $_GET['username'], TIMESTAMP);
    127. 

  127. 	$ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
    128. 

  128. 	dsetcookie('mrn', '');
    129. 

  129. 	dsetcookie('mrd', '');
    130. 

  130. 	$comment = $user['comment'] ? '('.$user['comment'].') ' : '';
    131. 

  131. 	showmessage('myrepeats:login_succeed', $referer, array('user' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'comment' => $comment), array('showmsg' => 1, 'showdialog' => 1, 'locationtime' => 3, 'extrajs' => $ucsynlogin));
    132. 

  132. } elseif($result['status'] == -1) {
    133. 

  133. 	clearcookies();
    134. 

  134. 	$_G['myrepeats_ucresult']['username'] = addslashes($_G['myrepeats_ucresult']['username']);
    135. 

  135. 	$_G['username'] = '';
    136. 

  136. 	$_G['uid'] = 0;
    137. 

  137. 	$auth = authcode($_G['myrepeats_ucresult']['username']."\t".formhash(), 'ENCODE');
    138. 

  138. 	showmessage('myrepeats:login_activation', 'member.php?mod='.$_G['setting']['regname'].'&action=activation&auth='.rawurlencode($auth).'&referer='.rawurlencode($referer), array('user' => $_G['myrepeats_ucresult']['username']), array('showmsg' => 1, 'showdialog' => 1, 'locationtime' => 3));
    139. 

  139. } else {
    140. 

  140. 	myrepeats_loginfailure($_GET['username'], $password, $questionid, $answer);
    141. 

  141. }
    142. 

  142. 

  143. function myrepeats_loginfailure($username, $password, $questionid, $answer) {
    144. 

  144. 	global $_G;
    145. 

  145. 	$password = preg_replace("/^(.{".round(strlen($password) / 4)."})(.+?)(.{".round(strlen($password) / 6)."})$/s", "\\1***\\3", $password);
    146. 

  146. 	$errorlog = dhtmlspecialchars(
    147. 

  147. 		TIMESTAMP."\t".
    148. 

  148. 		($_G['myrepeats_ucresult']['username'] ? $_G['myrepeats_ucresult']['username'] : stripslashes($username))."\t".
    149. 

  149. 		$password."\t".
    150. 

  150. 		"Ques #".intval($questionid)."\t".
    151. 

  151. 		$_G['clientip']);
    152. 

  152. 	writelog('illegallog', $errorlog);
    153. 

  153. 	loginfailed($username);
    154. 

  154. 	$fmsg = $_G['myrepeats_ucresult']['uid'] == '-3' ? (empty($questionid) || $answer == '' ? 'login_question_empty' : 'login_question_invalid') : 'login_invalid';
    155. 

  155. 	if($_G['myrepeats_loginperm'] > 1) {
    156. 

  156. 		showmessage('myrepeats:'.$fmsg, '', array('loginperm' => $_G['myrepeats_loginperm']));
    157. 

  157. 	} elseif($_G['myrepeats_loginperm'] == -1) {
    158. 

  158. 		showmessage('myrepeats:login_password_invalid');
    159. 

  159. 	} else {
    160. 

  160. 		showmessage('myrepeats:login_strike');
    161. 

  161. 	}
    162. 

  162. }
    163. 

  163. 

  164. function get_rrepeats($username) {
    165. 

  165. 	$users = C::t('#myrepeats#myrepeats')->fetch_all_by_username($username);
    166. 

  166. 	$uids = array();
    167. 

  167. 	foreach($users as $user) {
    168. 

  168. 		$uids[] = $user['uid'];
    169. 

  169. 	}
    170. 

  170. 	$userlist = array();
    171. 

  171. 	foreach(C::t('common_member')->fetch_all($uids) as $user) {
    172. 

  172. 		$userlist[$user['username']] = $user['username'];
    173. 

  173. 	}
    174. 

  174. 	return $userlist;
    175. 

  175. }
    176. 

  176. 

  177. ?>
    178.