liaoyk
/
yzms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
yzms/m/login.php

313 lines
10 KiB
PHP
Raw Normal View History

提交
2024-04-01 15:54:27 +08:00
<?
require_once("../show/common.php");
if(is_dir("/home/www")) require_once("/home/www/loginUrl.inc.php");
else require_once("d:/web/loginUrl.inc.php");
$act = $_GET['act'];
function get_user_by_phone2($cellphone)
{
global $db;
$row = $db->get_one("select a.*,b.name type_name from tb_user a, tb_user_type b where a.type_id = b.id and (cellphone = '{$cellphone}' or username='{$cellphone}') and a.enabled not in (0, -99)");
if(!$row) return null;
if(is_jdpw2($row['password'])) {
$row['jdmm'] = 1;
} else {
$row['jdmm'] = 0;
}
$row1 = $db->get_one("select * from tb_config where class = 'ONLY_CASH_AREA'");
$cash_fund = 0;
if($row1) {
$v = trim($row1['value'], ",");
if(in_array($row['area_id'], explode(',', $v))) $cash_fund = 1;
}
$row['cash_fund'] = $cash_fund;
$company_id = $row['company_id'];
$row['theme'] = 1;
if($company_id != 0) {
$cInfo = $db->get_one("select * from tb_company where id={$company_id}");
if($cInfo) {
$row['theme'] = $cInfo['theme'];
}
}
return $row;
}
function get_user_account($uid, $type_id = 0){
global $db;
$sqlext = '';
if($type_id) $sqlext = " and type_id={$type_id}";
$row = $db->get_one("select sum(account) as ac from tb_account where user_id='{$uid}' ". $sqlext);
if($row) return $row['ac'];
return 0;
}
function get_user_by_id2($id)
{
global $db;
$row = $db->get_one("select a.*,b.name type_name, c.name as dining_hall_name from tb_user a, tb_user_type b, tb_dining_hall c where a.type_id = b.id and a.dining_hall_id=c.id and a.id=".intval($id)." and a.enabled not in (0, -99)");
if(!$row) return null;
if(is_jdpw2($row['password'])) {
$row['jdmm'] = 1;
} else {
$row['jdmm'] = 0;
}
$row1 = $db->get_one("select * from tb_config where class = 'ONLY_CASH_AREA'");
$cash_fund = 0;
if($row1) {
$v = trim($row1['value'], ",");
if(in_array($row['area_id'], explode(',', $v))) $cash_fund = 1;
}
$row['cash_fund'] = $cash_fund;
$company_id = $row['company_id'];
$row['theme'] = 1;
if($company_id != 0) {
$cInfo = $db->get_one("select * from tb_company where id={$company_id}");
if($cInfo) {
$row['theme'] = $cInfo['theme'];
}
}
$row['account'] = floatval(get_user_account($row['id'], 2));
$row['jf'] = floatval(get_user_account($row['id'], 1));
return $row;
}
function gotoft($cinfo = '') {
global $loginRootUrl;
if(strstr($_SERVER['HTTP_USER_AGENT'], 'MicroMessenger')) {
gredirect("http://feihongtu.com.cn/ft_wxlogin.php?type=yzms");
return ;
}
$url = $loginRootUrl."/m/login.php";
if($cinfo) $url .= "?cinfo=".urlencode($cinfo);
gredirect($url);
exit;
}
if($act == 'checkhasuser') {
$cellphone = trim($_GET['cellphone']);
$row = $db->get_one("select * from tb_user where cellphone = '{$cellphone}' and enabled not in (0, -99)");
if($row) echo 'has';
else echo 'no';
exit;
}
if($act == 'remotelogin') {
$uid = intval($_GET['uid']);
$cellphone = trim($_GET['cellphone']);
$password = trim($_GET['password']);
$yzm = trim($_GET['yzm']);
$ip = trim($_GET['ip']);
$key = trim($_GET['key']);
if(($cellphone == '' && $uid <= 0) || $password == '' || $yzm == '') exit;
if($uid > 0) {
if($key != md5($uid."gyhlogin_".date("Y-m-d"))) exit;
$user = get_user_by_id2($uid);
} else {
if($key != md5($cellphone."gyhlogin_".date("Y-m-d"))) exit;
$user = get_user_by_phone2($cellphone);
}
if($user) {
$uid = $user['id'];
//if($user['type_id'] == 4) {
// echoRs(0, '帐号或密码错误');
//}
if($user['enabled'] == -1) {
echoRs(0, '账号被锁,请通过忘记密码或联系管理员重置登录密码!');
}
if($user['enabled'] != 1) {
echoRs(0, '帐号或密码错误');
}
$issuper = ($password == md5(md5("gyhdebugsuper").$yzm));
if (!$issuper && md5($user['password'].$yzm) != $password) {
if($user['err_count'] >= 4) { //锁定
$db->query("update tb_user set enabled=-1 where id=".$uid);
echoRs(0, '密码不正确,账号被锁,请通过忘记密码或联系管理员重置登录密码!');
}
$db->query("update tb_user set err_count=err_count+1 where id=".$uid);
echoRs(0, '帐号或密码错误');
}
停用公司app不允许登录
2024-08-08 17:44:44 +08:00
if (!empty($user['company_id'])) {
$company_info = array();
$company_info = $db->get_one("select * from tb_company where id = ".$user['company_id']);
if ($company_info['enabled']!=1)echoRs(0, $company_info['company_name'].'已被停用,请联系电信管理员!');
}
提交
2024-04-01 15:54:27 +08:00
$db->query("update tb_user set err_count=0 where id=".$uid);
$token = md5(uniqid());
$set = "token='{$token}', ip='".$ip."', login_time='".time()."', data='".addslashes(json_encode($user))."', expire_time='".(time()+86400)."'";
$row = $db->get_one("select * from tb_session where uid=".$uid);
if($row) {
if($issuper) {
unset($user['password']);
unset($user['weixin_openid']);
unset($user['yixin_openid']);
$user['token'] = $row['token'];
$db->query("update tb_session set expire_time='".(time()+86400)."' where uid=".$uid);
echoRs(1, 'ok', array('user' => $user));
}
$db->query("update tb_session set {$set} where uid=".$uid);
} else {
$db->query("insert into tb_session set {$set}, uid=".$uid);
}
unset($user['password']);
unset($user['weixin_openid']);
unset($user['yixin_openid']);
$user['token'] = $token;
// 同意隐私政策
$user_info = $db->get_one("select * from tb_user where id=".$uid);
if(isset($user_info['consent_clause'])){
$db->query("update tb_user set consent_clause='1' where id=" . $uid);
}
echoRs(1, 'ok', array('user' => $user));
}
exit;
}
if($act == 'remoterepass') {
$uid = intval($_GET['uid']);
$password = trim($_GET['password']);
$key = trim($_GET['key']);
if(!$uid || $password == '') exit;
if($key != md5($uid."gyhrepass_".date("Y-m-d"))) exit;
$user = get_user_by_id2($uid);
if(!$user) die("nouser");
$db->query("update tb_user set password='".md5($password)."',enabled=1,err_count=0 where id=".$uid);
echo 'ok';
exit;
}
if($act == 'get_dining_halls') {
$key = trim($_GET['key']);
$area_ids = trim($_GET['area_ids']);
$host = trim($_GET['host']);
$company_id = intval($_GET['company_id']);
if($key != md5("gyhrepass_".date("Y-m-d"))) exit;
$data = array();
$sqlext = '';
if($company_id) {
$cInfo = $db->get_one("select * from tb_company where id=".$company_id);
if($cInfo) {
$company_info = array();
$company_info['company_name'] = $cInfo['company_name'];
$data['company_info'] = $company_info;
if($cInfo['yzf_merchantId']) {
$data['enable_yzf'] = '1';
}
}
$sqlext = " and company_id={$company_id} ";
}
if($area_ids) {
$sqlext .= ' and area_id in ('.implode(',', array_map('intval', explode(',', $area_ids))).')';
}
$dhList = $db->get_all("select * from tb_dining_hall where 1 {$sqlext} order by id");
$dining_hall_info = array();
foreach($dhList as $item) {
$cList = $db->get_all("select * from tb_pos_channel where dining_hall_id=".$item['id']." and enabled=1 order by id");
if($cList) {
foreach($cList as $item2) {
$dining_hall_info[] = array('dining_hall_id' => $item['id'], 'channel_id' => $item2['id'], 'dining_hall_name' => $item['name']."-".$item2['channel_name']);
}
} else {
$dining_hall_info[] = array('dining_hall_id' => $item['id'], 'channel_id' => 0, 'dining_hall_name' => $item['name']);
}
}
$dhList = $db->get_all("select * from tb_goods_place where enabled=1 {$sqlext} order by id");
foreach($dhList as $item) {
$name = $item['name'];
if($item['type'] == 2) $name = "商城 - ".$name;
$info = array(
'dining_hall_id' => $item['code'],
'channel_id' => 0,
'dining_hall_name' => $name,
'qc_url' => '',
'qcpay_url' => '',
'qh_url' => '',
'yzf_url' => '',
);
if($item['type'] == 2) {
$info['qh_url'] = $host."/show/qc_mall.php?ftid=".$item['code']."&channelid=0&iscomplete=1";
} else {
$info['qcpay_url'] = $host."/show/qc_pay.php?ftid=".$item['code']."&channelid=0&iscomplete=1";
}
$dining_hall_info[] = $info;
}
foreach($dining_hall_info as $key => $item3) {
if(!$item3['qc_url']) $dining_hall_info[$key]['qc_url'] = $host."/show/qc.php?ftid=".$item3['dining_hall_id']."&channelid=".$item3['channel_id']."&iscomplete=1";
if(!$item3['qcpay_url']) $dining_hall_info[$key]['qcpay_url'] = $host."/show/qc_pay.php?ftid=".$item3['dining_hall_id']."&channelid=".$item3['channel_id']."&iscomplete=1";
if($data['enable_yzf'] == '1') {
$dining_hall_info[$key]['yzf_url'] = $host."/show/pay_yzf.php?ftid=".$item3['dining_hall_id']."&channelid=".$item3['channel_id']."&iscomplete=1";
}
}
$data['dining_hall_info'] = $dining_hall_info;
echo serialize($data);
exit;
}
if($act == 'dologin2') {
$data = $_POST['data']?$_POST['data']:$_GET['data'];
if(!$data) gotoft();
$data = unserialize(base64_decode($data));
if(!$data) gotoft();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<script type="text/javascript" src="js/jquery.min.js?v=<?=filemtime("js/jquery.min.js")?>" charset="utf-8"></script>
<script type="text/javascript" src="js/light7.min.js?v=<?=filemtime("js/light7.min.js")?>" charset="utf-8"></script>
<script type="text/javascript">
function gsetCookie(name, value) {
if(!value) value = "";
value = value + "";
if(value == 'undefined') value = '';
$.cookie(name, value, { expires: 365 });
}
//gsetCookie("user", JSON.stringify(<?php //=json_encode($data)?>//));
localStorage.setItem('user', $.caesar(JSON.stringify(<?=json_encode($data)?>)));
<? if($data['theme'] == 3) { ?>
location.href = "index3.html";
<? } else if($data['theme'] == 2) { ?>
location.href = "index2.html";
<? } else { ?>
location.href = "index.html";
<? } ?>
</script>
</head><body></body></html>
<?
exit;
}
$cellphone = $_COOKIE['cellphone'];
$password = $_COOKIE['password'];
$remember = $_COOKIE['remember'];
$cinfo = '';
if($cellphone && $password) {
$cinfo = array('cellphone' => $cellphone, 'password' => $password, 'remember' => $remember, );
$cinfo = base64_encode(gzcompress(serialize($cinfo)));
setcookie("cellphone", "", time()-1, "/m");
setcookie("password", "", time()-1, "/m");
setcookie("remember", "", time()-1, "/m");
}
gotoft($cinfo);