phpcms中会员ajax登陆手机修改密码,需根据项目情况调整

Phpcms 会员 ajax 登陆，自定义 http_user_agent = $_SERVERHTTP_USER_AGENT; function public_Login() $this-_session_start(); /获取用户 siteid $siteid = isset($_REQUESTsiteid) /定义站点 id 常量 if (!defined(SITEID) define(SITEID, $siteid); if(isset($_POSTdosubmit) / if(empty($_SESSIONconnectid) / /判断验证码 / $code = isset($_POSTcode) ; / if ($_SESSIONcode != strtolower($code) / $this-msg(1101,验证码错误); / / $username = isset($_POSTusername) $password = isset($_POSTpassword) $cookietime = intval($_POSTcookietime)?$_POSTcookietime:3600*2;/1 小时 $synloginstr = ; /同步登陆 js 代码 if(pc_base:load_config(system, phpsso) $this-_init_phpsso(); /手机登陆判断 if(preg_match(“/(1)0-910$/“, $username) /这里有无限想象 $u=$this-db-get_one(array(“mobile“=$username); if($u) $username=$uusername; $status = $this-client-ps_member_login($username, $password); $memberinfo = unserialize($status); if(isset($memberinfouid) /查询帐号 $r = $this-db-get_one(array(phpssouid=$memberinfouid); if(!$r) /插入会员详细信息，会员不存在 插入会员 $info = array( phpssouid=$memberinfouid, username=$memberinfousername, password=$memberinfopassword, encrypt=$memberinforandom, email=$memberinfoemail, regip=$memberinforegip, regdate=$memberinforegdate, lastip=$memberinfolastip, lastdate=$memberinfolastdate, groupid=$this-_get_usergroup_bypoint(), /会 员默认组 modelid=10, /普通会员 ); /如果是 connect 用户 if(!empty($_SESSIONconnectid) $userinfoconnectid = $_SESSIONconnectid; if(!empty($_SESSIONfrom) $userinfofrom = $_SESSIONfrom; unset($_SESSIONconnectid, $_SESSIONfrom); $this-db-insert($info); unset($info); $r = $this-db- get_one(array(phpssouid=$memberinfouid); $password = $rpassword; $synloginstr = $this-client-ps_member_synlogin($rphpssouid); else if($status = -1) /用户不存在 $this-msg(1103,L(用户名或账号密码错误 ), index.php?m=member elseif($status = -2) /密码错误 /*记录错误次数*/ $this-times_db = pc_base:load_model(times_model); $rtime = $this-times_db- get_one(array(username=$username); if($rtimetimes 4) / $minute = 60 - floor(SYS_TIME - $rtimelogintime) / 60); / showmessage(, array(minute=$minute); $this-msg(1104,登录次数错误过多，账号已被锁定，请 联系管理员重新开通,index.php?m=member $ip = ip(); if($rtime else $this-times_db-insert(array(username=$username, ip=$ip, logintime=SYS_TIME, times=1); $times = 5; $this-msg(1104,L(password_error).“还可以尝试“.($times-1).“次 “,index.php?m=member $this- msg(1104,L(password_error),index.php?m=member else $this-msg(L(login_failure), index.php?m=member else /如果用户被锁定 if($rislock) $this-msg(1105,L(user_is_lock); $userid = $ruserid; $groupid = $rgroupid; $username = $rusername; $nickname = empty($rnickname) ? $username : $rnickname; $updatearr = array(lastip=ip(), lastdate=SYS_TIME); /vip 过期，更新 vip 和会员组 if($roverduedate = 0 if(!empty($grouplist$rgroupidallowupgrade) $check_groupid = $this-_get_usergroup_bypoint($rpoint); if($check_groupid != $rgroupid) $updatearrgroupid = $groupid = $check_groupid; /如果是 connect 用户 if(!empty($_SESSIONconnectid) $updatearrconnectid = $_SESSIONconnectid; if(!empty($_SESSIONfrom) $updatearrfrom = $_SESSIONfrom; unset($_SESSIONconnectid, $_SESSIONfrom); $this-db-update($updatearr, array(userid=$userid); if(!isset($cookietime) $get_cookietime = param:get_cookie(cookietime); $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? SYS_TIME + $_cookietime : 0; $phpcms_auth_key = md5(pc_base:load_config(system, auth_key).$this- http_user_agent); $phpcms_auth = sys_auth($userid.“t“.$password, ENCODE, $phpcms_auth_key); param:set_cookie(auth, $phpcms_auth, $cookietime); param:set_cookie(_userid, $userid, $cookietime); param:set_cookie(_username, $username, $cookietime); param:set_cookie(_groupid, $groupid, $cookietime); param:set_cookie(_nickname, $nickname, $cookietime); /param:set_cookie(cookietime, $_cookietime, $cookietime); $forward = isset($_POSTforward) /验证用户密码,登录成功删除密码错误信息 $this-times_db = pc_base:load_model(times_model); $this-times_db-delete(array(username=$username); $this-msg(1,“登陆成功“, “?m=member else echo json_encode(array(“code“=0,msg=登录失败); public function public_checkmobile() $this-_session_start(); $userid=param:get_cookie(_userid); if($userid) if($_POSTdosubmit) $code=$_POSTcode; $sms_report_db = pc_base:load_model(sms_report_model); $mobile_verify =$code; if(!$mobile_verify | preg_match(“/a-z0-9+/i“,$mobile_verify) exit(); $mobile=$_SESSIONmobile; $posttime = SYS_TIME-600; $where = “mobile=$mobile AND posttime$posttime“; $r = $sms_report_db-get_one($where,id,id_code,id DESC); if($r /*成功后写入 cookie*/ $this-msg(1,“验证成功“,“?m=member else /*正式测试时放入上出注释*/ $phpcms_auth_key = md5(pc_base:load_config(system, auth_key).$this-http_user_agent); $r = $this-db-get_one(array(phpssouid=$userid); $phpcms_auth = sys_auth($userid.“t“.$rpassword, ENCODE, $phpcms_auth_key); $cookietime=param:get_cookie(cookietime); param:set_cookie(auth, $phpcms_auth,SYS_TIME+3600*2); /*正式测试时放入上出注释*/ $this-msg(0,“验证失败 “.$cookietime.“/“.$phpcms_auth.“/“.$phpcms_auth_key ,“?m=member else $r = $this-db-get_one(array(phpssouid=$userid); $_SESSIONmobile=$rmobile; echo json_encode(array(code=1,phone=substr($rmobile, 0,3).“*“.substr($rmobile, -2); else $this-msg(1101,“先输入用户名和密码“,index.php?m=member /* *$code int 错误号 *$msg string 提示消息 *$url string 跳转地址 *$data array 额外信息 */ protected function msg($code=1,$msg=操作成功,$url,$data=array() $datas=array( code=$code, msg=$msg, redictto=$url, data=$data ); echo json_encode($datas); die; /* *根据积分算出用户组 * param $point int 积分数 */ protected function _get_usergroup_bypoint($point=0) $groupid = 2; if(empty($point) $member_setting = getcache(member_setting); $point = $member_settingdefualtpoint ? $member_settingdefualtpoint : 0; $grouplist = getcache(grouplist); foreach ($grouplist as $k=$v) $grouppointlist$k = $vpoint; arsort($grouppointlist); /如果超出用户组积分设置则为积分最高的用户组 if($point max($grouppointlist) $groupid = key($grouppointlist); else foreach ($grouppointlist as $k=$v) if($point = $v) $groupid = $tmp_k; break; $tmp_k = $k; return $groupid; /* * 开启 session * */ private function _session_start() $session_storage = session_.pc_base:load_config(system,session_storage); pc_base:load_sys_class($session_storage); /* * 初始化 phpsso * about phpsso, include client and client configure * return string phpsso_api_url phpsso 地址 */ private function _init_phpsso() pc_base:load_app_class(client, , 0); define(APPID, pc_base:load_config(system, phpsso_appid); $phpsso_api_url = pc_base:load_config(system, phpsso_api_url); $phpsso_auth_key = pc_base:load_config(system, phpsso_auth_key); $this-client = new client($phpsso_api_url, $phpsso_auth_key); return $phpsso_api_url; public function public_forgetmobile() $this-_session_start(); $code=$_POSTyzcode; $step=$_POSTstep?intval($_POSTstep):1; if($_SESSIONcode != strtolower($code) else /获取当前装填 if($step=1) $mobile=$_POSTphone; if(!preg_match(/1(0-910)$/,$mobile) echo json_encode(array(code =-3 ,msg=手机号不正确); return ; $memberinfo=$this-db-get_one(array(mobile=$mobile); if($memberinfo) $_SESSIONmobile=$mobile; $_SESSIONusername=$memberinfousername; echo json_encode(array(code =1 ,msg=“用户验证成功 “,step=$step+1); else echo json_encode(array(code =0 ,msg=“此手机号未注册 “,step=$step+1); elseif($step=2) $code=$_POSTcode; $sms_report_db = pc_base:load_model(sms_report_model); $mobile_verify =$code; if(!$mobile_verify | preg_match(“/a-z0-9+/i“,$mobile_verify) exit(); $mobile=$_SESSIONmobile; $posttime = SYS_TIME-600; $where = “mobile=$mobile AND posttime$posttime“; $r = $sms_report_db-get_one($where,id,id_code,id DESC); if(!$r |$rid_code=$mobile_verify) if($_GETjscheck!=1) /验证通过后，将验证码置为空，防止重复 利用！ $sms_re