gusucode.com > weenCompany闻名企业网站系统 4.0.0 繁体中英文 UTF8源码程序 > modules/m12_registration/register.php
<?php // +---------------------------------------------+ // | Copyright 2006 - 2008 weenCompany | // | http://www.weentech.com | // | This file may not be redistributed. | // +---------------------------------------------+ if(!defined('IN_WEENCOMPANY')) { die("File not found!"); } // ######################### FORGOT PASSWORD FORM ######################## function m12_ForgotPasswordForm($errors) { global $categoryid, $inputsize, $m12_language; if($errors) { foreach($errors as $key => $value) { echo $value . '<br /><br />'; } } echo '<form name="resetpwform" method="post" action="' . RewriteLink('index.php?categoryid='.$categoryid.'&m12_forgotpwd=1') . '"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td colspan="2"><input name="thisisweencompany" width="0" hight="0" size="0" style="visibility: hidden"></td> </tr> <tr> <td>' . $m12_language['email'] . '</td> <td><input name="m12_email" type="text" size="' . $inputsize . '" /> <input type="submit" name="m12_pwdreset" value="' . strip_tags($m12_language['pwd_reset']) . '" /></td> </tr> </table> </form>'; } // ########################## REGISTER USER ########################## function m12_ResetPassword() { global $DB, $mainsettings, $categoryid, $m12_language, $rootpath; // check to see if email address exists if($user = $DB->query_first("SELECT userid, username, password, email FROM " . TABLE_PREFIX . "users WHERE email = '$_POST[m12_email]'")) { $verification_code = md5($user['password'].$user['userid']) . '-' . $user['userid']; $verification_code_url = str_replace('&', '&', RewriteLink('index.php?categoryid=' . $categoryid . '&m12_verification_code=' . $verification_code)); // send email $fromname = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $mainsettings['websitetitle']))).'?='; $fromemail = $mainsettings['technicalemail']; $subject = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $m12_language['email_subject']))).'?='; $headers = "From: $fromname <$fromemail>" . EMAIL_CRLF; $headers .= "Reply-To: \"$fromname\" <$fromemail>" . EMAIL_CRLF; $headers .= "Content-type: text/plain; charset=utf-8" . EMAIL_CRLF; $message = $user['username'] . "," . EMAIL_CRLF . EMAIL_CRLF . $m12_language['email_message_resetpassword'] . EMAIL_CRLF . EMAIL_CRLF . $verification_code_url; if( $mainsettings['email_use_smtp'] == "1" ) { require_once $rootpath . "/includes/mail/class.phpmailer.php"; $mail = new PHPMailer(); $mail->IsSMTP(); $mail->Host = $mainsettings['email_smtp_host']; $mail->Port = $mainsettings['email_smtp_port']; $mail->CharSet = "utf8"; $mail->Encoding = "base64"; if( $mainsettings['email_smtp_require_auth'] == "1" ) { $mail->SMTPAuth = true; $mail->Username = $mainsettings['email_smtp_user']; $mail->Password = $mainsettings['email_smtp_pass']; } $mail->From = $fromemail; $mail->FromName = $mainsettings['websitetitle']; $mail->AddAddress($user['email']); $mail->Subject = $m12_language['email_subject']; $mail->Body = $message; if(!$mail->Send()) { echo $mail->ErrorInfo; return; } }else{ @mail($user['email'], $subject, $message, $headers); } echo $m12_language['password_reset_confirm']; } else { $errors[] = $m12_language['email_not_found'] . ' ' . $_POST['m12_email']; m12_ForgotPasswordForm($errors); } } function m12_ResetPasswordFinished($verification_code) { global $DB, $mainsettings, $m12_language, $rootpath; $id = explode("-", $verification_code); $thisuserid = $id[1]; // check to see if email address exists if($user = $DB->query_first("SELECT userid, username, password, email FROM " . TABLE_PREFIX . "users WHERE userid = '$thisuserid'")) { $verification_code_this = md5($user['password'].$user['userid']) . '-' . $user['userid']; if($verification_code == $verification_code_this){ // generate new password $newpass = 'PWD' . str_pad(rand(1,999999), 6, '0'); $DB->query("UPDATE " . TABLE_PREFIX . "users SET password = '" . md5($newpass) . "' WHERE userid = " . $user['userid']); // send email $fromname = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $mainsettings['websitetitle']))).'?='; $fromemail = $mainsettings['technicalemail']; $subject = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $m12_language['email_subject']))).'?='; $headers = "From: $fromname <$fromemail>" . EMAIL_CRLF; $headers .= "Reply-To: \"$fromname\" <$fromemail>" . EMAIL_CRLF; $headers .= "Content-type: text/plain; charset=utf-8" . EMAIL_CRLF; $message = $user['username'] . "," . EMAIL_CRLF . EMAIL_CRLF . $m12_language['email_message'] . EMAIL_CRLF . EMAIL_CRLF . $newpass; if( $mainsettings['email_use_smtp'] == "1" ) { require_once $rootpath . "/includes/mail/class.phpmailer.php"; $mail = new PHPMailer(); $mail->IsSMTP(); $mail->Host = $mainsettings['email_smtp_host']; $mail->Port = $mainsettings['email_smtp_port']; $mail->CharSet = "utf8"; $mail->Encoding = "base64"; if( $mainsettings['email_smtp_require_auth'] == "1" ) { $mail->SMTPAuth = true; $mail->Username = $mainsettings['email_smtp_user']; $mail->Password = $mainsettings['email_smtp_pass']; } $mail->From = $fromemail; $mail->FromName = $mainsettings['websitetitle']; $mail->AddAddress($user['email']); $mail->Subject = $m12_language['email_subject']; $mail->Body = $message; if(!$mail->Send()) { echo $mail->ErrorInfo; return; } }else{ @mail($user['email'], $subject, $message, $headers); } echo $m12_language['password_reset_success']; }else{ $errors[] = $m12_language['invalid_link']; m12_ForgotPasswordForm($errors); } } else { $errors[] = $m12_language['invalid_link']; m12_ForgotPasswordForm($errors); } } // ########################## REGISTER USER ########################## function m12_Validation($validationKey) { global $DB, $mainsettings, $m12_language; // Regular expression to validate guid $regex = "{########-####-####-####-############}"; $regex = str_replace('#', '[0-9,A-F]', $regex); // check to see if validation key exists if(preg_match($regex, $validationKey) && $user = $DB->query_first("SELECT * FROM " . TABLE_PREFIX . "users WHERE validationkey = '$validationKey'")) { if($user['activated'] == 0) { $DB->query("UPDATE " . TABLE_PREFIX . "users SET activated = 1 WHERE userid = " . $user['userid']); echo $m12_language['validation_success']; } else { echo $m12_language['already_validated']; } } else { echo $m12_language['validation_key_not_found']; } } // end validation process // ########################## EMAIL VALIDATION ########################## function m12_PrintForm($errors) { global $DB, $categoryid, $rootpath, $inputsize, $m12_language, $m12_settings, $sdlanguage; $enablejavascript = $m12_settings['校驗方式']; $maxusername = $m12_settings['用戶名長度']; $maxpassword = $m12_settings['密碼長度']; if($m12_settings['關閉註冊'] == 1){ echo '<br />' . $m12_language['registration_turnoff'] . '<br /><br />'; }else{ if($enablejavascript == 1) { include($rootpath . 'modules/m12_registration/javascript.php'); $javascript = 'onsubmit="return CheckData()"'; } else { $javascript = ''; } if($errors) { foreach($errors as $key => $value) { echo $value . '<br /><br />'; } } echo '<form name="form" method="post" action="' . RewriteLink('index.php?categoryid=' . $categoryid) . '" '.$javascript.'> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="120">' . $m12_language['user_name'] . '<font color=red> * </font></td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_username" type="text" maxlength="'.$maxusername.'" size="'.$inputsize.'" /></td> </tr> <tr> <td width="120">' . $m12_language['password'] . '<font color=red> * </font></td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_password" type="password" maxlength="'.$maxpassword.'" size="'.$inputsize.'" /></td> </tr> <tr> <td nowrap="nowrap">' . $m12_language['password_again'] . '<font color=red> * </font></td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_passwordconfirm" type="password" maxlength="'.$maxpassword.'" size="'.$inputsize.'" /></td> </tr> <tr> <td width="120">' . $m12_language['email'] . '<font color=red> * </font></td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_email" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr> <tr> <td nowrap="nowrap">' . $m12_language['email_again'] . '<font color=red> * </font></td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_emailconfirm" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; if($m12_settings['顯示姓名']){ echo ' <tr> <td width="120">' . $m12_language['user_fullname'] . '</td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_userfullname" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; } if($m12_settings['顯示單位']){ echo ' <tr> <td width="120">' . $m12_language['user_company'] . '</td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_usercompany" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; } if($m12_settings['顯示地址']){ echo ' <tr> <td width="120">' . $m12_language['user_add'] . '</td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_useradd" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; } if($m12_settings['顯示郵編']){ echo ' <tr> <td width="120">' . $m12_language['user_postcode'] . '</td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_userpostcode" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; } if($m12_settings['顯示電話']){ echo ' <tr> <td width="120">' . $m12_language['user_tel'] . '</td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_usertel" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; } if($m12_settings['顯示傳真']){ echo ' <tr> <td width="120">' . $m12_language['user_fax'] . '</td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_userfax" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; } if($m12_settings['顯示在線聯繫']){ echo ' <tr> <td width="120">' . $m12_language['user_online'] . '</td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_useronline" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; } if($m12_settings['顯示網址']){ echo ' <tr> <td width="120">' . $m12_language['user_website'] . '</td> <td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_userwebsite" type="text" maxlength="58" size="'.$inputsize.'" /></td> </tr>'; } if($m12_settings['驗證碼'] == 1) { $vvcid = CreateVisualVerifyCode(); echo '<tr> <td width="120"></td> <td style="padding-left: 10px; padding-bottom: 10px;"><input type="hidden" name="m12_vvcid" value="' . $vvcid . '"/> <img src="includes/vvc.php?vvcid=' . $vvcid . '"/></td> </tr> <tr> <td colspan="2">' . $sdlanguage['enter_verify_code'] . '</td> </tr> <tr> <td width="120"></td> <td style="padding-left: 10px; padding-bottom: 10px;"><input type="text" size="'.$inputsize.'" name="m12_verifycode"/></td> </tr>'; } echo '<tr> <td colspan="2"><hr noshade="noshade" /></td> </tr> <tr> <td width="120"></td> <td style="padding-left: 10px; padding-bottom: 10px;"> <input type="submit" name="m12_register" value="' . strip_tags($m12_language['register']) . '" /> <input type="reset" value="' . strip_tags($m12_language['reset_form']) . '" /> </td> </tr> </table> </form>'; } } // ########################## REGISTER USER ########################## function m12_RegisterUser() { global $DB, $mainsettings, $categoryid, $m12_language, $m12_settings, $sdlanguage, $rootpath; if($m12_settings['驗證碼'] == 1) { $vvcid = $_POST['m12_vvcid']; $code = $_POST['m12_verifycode']; if(!ValidVisualVerifyCode($vvcid, $code)) { $errors[] = $sdlanguage['incorrect_vvc_code']; } } // check the username if(!eregi("^[[:alnum:]]+$", $_POST['m12_username'])) { $errors[] = $m12_language['enter_alnum_username']; } // check to make sure the password is long enough and of the right format if(!eregi("^[[:alnum:]]+$", $_POST['m12_password'])) { $errors[] = $m12_language['enter_alnum_password']; } // check to make sure that the password matches the confirmed password. if($_POST['m12_password'] != $_POST['m12_passwordconfirm']) { $errors[] = $m12_language['password_unmatched']; } // check to make sure they entered a valid email address if(!ereg("^(([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$", $_POST['m12_email'])) { $errors[] = $m12_language['unvalid_email']; } // check to make sure that the email matches the confirmed email. if($_POST['m12_email'] != $_POST['m12_emailconfirm']) { $errors[] = $m12_language['email_unmatched']; } // check to see if username already exists if($DB->query_first("SELECT username FROM " . TABLE_PREFIX . "users WHERE username = '$_POST[m12_username]'")) { $errors[] = $_POST['m12_username'] . ' ' . $m12_language['username_exists']; } // check to see if email already exists if($DB->query_first("SELECT email FROM " . TABLE_PREFIX . "users WHERE email = '$_POST[m12_email]'")) { $errors[] = $_POST['m12_email'] . ' ' . $m12_language['email_exists']; } // check to see if the email address is banned if(m12_EmailBanned($_POST['m12_email'])) { $errors[] = $_POST['m12_email'] . ' ' . $m12_language['email_banned']; } // register if there are no errors if(!$errors) { if($m12_settings['人工審核'] > 0){ $DB->query("INSERT INTO " . TABLE_PREFIX . "users (usergroupid, username, password, email, activated, joindate, userfullname, usercompany, useradd, userpostcode, usertel, userfax, useronline, userwebsite) VALUES (3, '".$_POST['m12_username']."','".md5($_POST['m12_password'])."','".$_POST['m12_email']."',0,'".time()."', '".$_POST['m12_userfullname']."', '".$_POST['m12_usercompany']."', '".$_POST['m12_useradd']."', '".$_POST['m12_userpostcode']."', '".$_POST['m12_usertel']."', '".$_POST['m12_userfax']."', '".$_POST['m12_useronline']."', '".$_POST['m12_userwebsite']."')"); echo $m12_language['activation_required_manual']; }else if($m12_settings['郵件驗證'] > 0) { $key = CreateGuid(); $validateurl = str_replace('&', '&', RewriteLink('index.php?categoryid=' . $categoryid . '&m12_val=' . $key)); $DB->query("INSERT INTO " . TABLE_PREFIX . "users (usergroupid, username, password, email, activated, validationkey, joindate, userfullname, usercompany, useradd, userpostcode, usertel, userfax, useronline, userwebsite) VALUES (3, '".$_POST['m12_username']."','".md5($_POST['m12_password'])."','".$_POST['m12_email']."', 0, '$key','".time()."', '".$_POST['m12_userfullname']."', '".$_POST['m12_usercompany']."', '".$_POST['m12_useradd']."', '".$_POST['m12_userpostcode']."', '".$_POST['m12_usertel']."', '".$_POST['m12_userfax']."', '".$_POST['m12_useronline']."', '".$_POST['m12_userwebsite']."')"); // send email $fromname = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $mainsettings['websitetitle']))).'?='; $fromemail = $mainsettings['technicalemail']; $subject = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $m12_language['email_subject_activation']))).'?='; $headers = "From: $fromname <$fromemail>" . EMAIL_CRLF; $headers .= "Reply-To: \"$fromname\" <$fromemail>" . EMAIL_CRLF; $headers .= "Content-type: text/plain; charset=utf-8" . EMAIL_CRLF; $message = $_POST['m12_username'] . "," . EMAIL_CRLF . EMAIL_CRLF . $m12_language['email_message_activation'] . EMAIL_CRLF . EMAIL_CRLF . $validateurl; if( $mainsettings['email_use_smtp'] == "1" ) { require_once $rootpath . "/includes/mail/class.phpmailer.php"; $mail = new PHPMailer(); $mail->IsSMTP(); $mail->Host = $mainsettings['email_smtp_host']; $mail->Port = $mainsettings['email_smtp_port']; $mail->CharSet = "utf8"; $mail->Encoding = "base64"; if( $mainsettings['email_smtp_require_auth'] == "1" ) { $mail->SMTPAuth = true; $mail->Username = $mainsettings['email_smtp_user']; $mail->Password = $mainsettings['email_smtp_pass']; } $mail->From = $fromemail; $mail->FromName = $mainsettings['websitetitle']; $mail->AddAddress($_POST['m12_email']); $mail->Subject = $m12_language['email_subject_activation']; $mail->Body = $message; if(!$mail->Send()) { echo $mail->ErrorInfo; return; } }else{ @mail($_POST['m12_email'], $subject, $message, $headers); } echo $m12_language['activation_required']; } else { $DB->query("INSERT INTO " . TABLE_PREFIX . "users (usergroupid, username, password, email, activated, joindate, userfullname, usercompany, useradd, userpostcode, usertel, userfax, useronline, userwebsite) VALUES (3, '".$_POST['m12_username']."','".md5($_POST['m12_password'])."','".$_POST['m12_email']."',1,'".time()."', '".$_POST['m12_userfullname']."', '".$_POST['m12_usercompany']."', '".$_POST['m12_useradd']."', '".$_POST['m12_userpostcode']."', '".$_POST['m12_usertel']."', '".$_POST['m12_userfax']."', '".$_POST['m12_useronline']."', '".$_POST['m12_userwebsite']."')"); // registration successfull echo $m12_language['register_success']; } } else { m12_PrintForm($errors); } } // end registration proccess function m12_EmailBanned($newEmail) { global $DB, $m12_settings; $newEmail = trim(strtolower($newEmail)); $addresses = explode(' ', preg_replace("/[[:space:]]+/", " ", trim($m12_settings['禁止Email地址'])) ); if(count($addresses) > 0) { foreach ( $addresses as $email ) { $email = trim(strtolower(ereg_replace('\.', '\\.', $email))); if(strstr($email, "@")) { if(ereg('^@', $email)) { // Any user @host? // Expand the match expression to catch hosts and // sub-domains $email = ereg_replace('^@', '[@\\.]', $email); if(ereg("$email$", $newEmail)) return true; } } elseif(ereg('@$', $email)) { // User at any host? if(ereg("^$email", $newEmail)) return true; } else { // User@host if(strtolower($email) == $newEmail) return true; } } } return false; } // ########################## CALL FUNCTIONS ########################## $m12_language = GetLanguage(12); // get settings $getsettings = $DB->query("SELECT title, value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 12 ORDER BY displayorder"); while($settings = $DB->fetch_array($getsettings)) { $m12_settings[$settings['title']] = $settings['value']; } $m12_usersystem = $DB->query_first("SELECT name FROM " . TABLE_PREFIX . "usersystems WHERE activated = '1'"); if($userinfo['loggedin'] != 1) { if($m12_usersystem['name'] == 'weenCompany') { if(isset($_GET['m12_val'])) { m12_Validation($_GET['m12_val']); } else if(isset($_GET['m12_verification_code'])) { m12_ResetPasswordFinished($_GET['m12_verification_code']); } else if(isset($_POST['m12_register'])) { m12_RegisterUser(); } else if(isset($_POST['m12_pwdreset'])) { m12_ResetPassword(); } else if(isset($_GET['m12_forgotpwd'])) { m12_ForgotPasswordForm(NULL); } else { m12_PrintForm(NULL); } } else { // $regpath already has been through RewriteLink in the integration file (or $weenurl added) echo '<a href="' . ForumLink(1) . '">' . $m12_language['register_now'] . '</a>'; } } else { echo $m12_language['already_logged_in'] . ' ' . $userinfo['username'] . '<br /> <a href="' . RewriteLink('index.php?categoryid=' . $categoryid . '&logout=1') . '">' . $m12_language['logout'] . '</a>'; } unset($m12_language, $m12_usersystem, $m12_settings); ?>