cf-platform/uc_client/control/user.php

<?php

/*
	[UCenter] (C)2001-2099 Comsenz Inc.
	This is NOT a freeware, use is subject to license terms

	$Id: user.php 1082 2011-04-07 06:42:14Z svn_project_zhangjie $
*/

!defined('IN_UC') && exit('Access Denied');

define('UC_USER_CHECK_USERNAME_FAILED', -1);
define('UC_USER_USERNAME_BADWORD', -2);
define('UC_USER_USERNAME_EXISTS', -3);
define('UC_USER_EMAIL_FORMAT_ILLEGAL', -4);
define('UC_USER_EMAIL_ACCESS_ILLEGAL', -5);
define('UC_USER_EMAIL_EXISTS', -6);

class usercontrol extends base {


	function __construct() {
		$this->usercontrol();
	}

	function usercontrol() {
		parent::__construct();
		$this->load('user');
		$this->app = $this->cache['apps'][UC_APPID];
	}

	// -1 Î´¿ªÆô
	function onsynlogin() {
		$this->init_input();
		$uid = $this->input('uid');
		if($this->app['synlogin']) {
			if($this->user = $_ENV['user']->get_user_by_uid($uid)) {
				$synstr = '';
				foreach($this->cache['apps'] as $appid => $app) {
					if($app['synlogin'] && $app['appid'] != $this->app['appid']) {
						$synstr .= '<script type="text/javascript" src="'.$app['url'].'/api/uc.php?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogin&username='.$this->user['username'].'&uid='.$this->user['uid'].'&password='.$this->user['password']."&time=".$this->time, 'ENCODE', $app['authkey'])).'"></script>';
					}
				}
				return $synstr;
			}
		}
		return '';
	}

	function onsynlogout() {
		$this->init_input();
		if($this->app['synlogin']) {
			$synstr = '';
			foreach($this->cache['apps'] as $appid => $app) {
				if($app['synlogin'] && $app['appid'] != $this->app['appid']) {
					$synstr .= '<script type="text/javascript" src="'.$app['url'].'/api/uc.php?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogout&time='.$this->time, 'ENCODE', $app['authkey'])).'"></script>';
				}
			}
			return $synstr;
		}
		return '';
	}

	function onregister() {
		$this->init_input();
		$username = $this->input('username');
		$password =  $this->input('password');
		$promote_id =  $this->input('promote_id');
		$promote_account =  $this->input('promote_account');
		$game_id =  $this->input('game_id');
		$game_name =  $this->input('game_name');
		$version =  $this->input('version');
		$email = $this->input('email');
		$questionid = $this->input('questionid');
		$answer = $this->input('answer');
		$regip = $this->input('regip');
		$platform=$this->input('platform');
		if(($status = $this->_check_username($username)) < 0) {
			return $status;
		}
		// if(($status = $this->_check_email($email)) < 0) {
		// 	return $status;
		// }
		$uid = $_ENV['user']->add_user($username, $password,$email,$promote_id,$promote_account,$game_id,$game_name,$version, 0, $questionid, $answer, $regip,$platform);
		return $uid;
	}

	function onedit() {
		$this->init_input();
		$username = $this->input('username');
		$oldpw = $this->input('oldpw');
		$newpw = $this->input('newpw');
		$email = $this->input('email');
		$ignoreoldpw = $this->input('ignoreoldpw');
		$questionid = $this->input('questionid');
		$answer = $this->input('answer');

		if(!$ignoreoldpw && $email && ($status = $this->_check_email($email, $username)) < 0) {
			return $status;
		}
		$status = $_ENV['user']->edit_user($username, $oldpw, $newpw, $email, $ignoreoldpw, $questionid, $answer);

		if($newpw && $status > 0) {
			$this->load('note');
			$_ENV['note']->add('updatepw', 'username='.urlencode($username).'&password=');
			$_ENV['note']->send();
		}
		return $status;
	}
	function onget_user_by_username($username){
		$this->init_input();
		$user = $_ENV['user']->get_user_by_username($username);
		return $user;
	}
	function onget_user_by_uid($uid){
		$this->init_input();
		$user = $_ENV['user']->get_user_by_uid($uid);
		return $user;
	}
	function onlogin() {
		$this->init_input();
		$isuid = $this->input('isuid');
		$username = $this->input('username');
		$password = $this->input('password');
		$checkques = $this->input('checkques');
		$questionid = $this->input('questionid');
		$answer = $this->input('answer');
		if($isuid == 1) {
			$user = $_ENV['user']->get_user_by_uid($username);
		} elseif($isuid == 2) {
			$user = $_ENV['user']->get_user_by_email($username);
		} else {
			$user = $_ENV['user']->get_user_by_username($username);
		}

		$passwordmd5 = preg_match('/^\w{32}$/', $password) ? $password : md5($password);
		if(empty($user)) {
			$status = -1;
		} elseif($user['password'] != md5($passwordmd5.$user['salt'])) {
			$status = -2;
		} elseif($checkques && $user['secques'] != '' && $user['secques'] != $_ENV['user']->quescrypt($questionid, $answer)) {
			$status = -3;
		} else {
			$status = $user['uid'];
		}
		$merge = $status != -1 && !$isuid && $_ENV['user']->check_mergeuser($username) ? 1 : 0;
		return array($status, $user['username'], $password, $user['email'], $merge);
	}

	function oncheck_email() {
		$this->init_input();
		$email = $this->input('email');
		return $this->_check_email($email);
	}

	function oncheck_username() {
		$this->init_input();
		$username = $this->input('username');
		if(($status = $this->_check_username($username)) < 0) {
			return $status;
		} else {
			return 1;
		}
	}

	function onget_user() {
		$this->init_input();
		$username = $this->input('username');
		if(!$this->input('isuid')) {
			$status = $_ENV['user']->get_user_by_username($username);
		} else {
			$status = $_ENV['user']->get_user_by_uid($username);
		}
		if($status) {
			return array($status['uid'],$status['username'],$status['email']);
		} else {
			return 0;
		}
	}


	function ongetprotected() {
		$protectedmembers = $this->db->fetch_all("SELECT uid,username FROM ".UC_DBTABLEPRE."protectedmembers GROUP BY username");
		return $protectedmembers;
	}

	function ondelete() {
		$this->init_input();
		$uid = $this->input('uid');
		return $_ENV['user']->delete_user($uid);
	}

	function onaddprotected() {
		$this->init_input();
		$username = $this->input('username');
		$admin = $this->input('admin');
		$appid = $this->app['appid'];
		$usernames = (array)$username;
		foreach($usernames as $username) {
			$user = $_ENV['user']->get_user_by_username($username);
			$uid = $user['uid'];
			$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."protectedmembers SET uid='$uid', username='$username', appid='$appid', dateline='{$this->time}', admin='$admin'", 'SILENT');
		}
		return $this->db->errno() ? -1 : 1;
	}

	function ondeleteprotected() {
		$this->init_input();
		$username = $this->input('username');
		$appid = $this->app['appid'];
		$usernames = (array)$username;
		foreach($usernames as $username) {
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."protectedmembers WHERE username='$username' AND appid='$appid'");
		}
		return $this->db->errno() ? -1 : 1;
	}

	function onmerge() {
		$this->init_input();
		$oldusername = $this->input('oldusername');
		$newusername = $this->input('newusername');
		$uid = $this->input('uid');
		$password = $this->input('password');
		$email = $this->input('email');
		if(($status = $this->_check_username($newusername)) < 0) {
			return $status;
		}
		$uid = $_ENV['user']->add_user($newusername, $password, $email, $uid);
		$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->app['appid']."' AND username='$oldusername'");
		return $uid;
	}

	function onmerge_remove() {
		$this->init_input();
		$username = $this->input('username');
		$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->app['appid']."' AND username='$username'");
		return NULL;
	}

	function _check_username($username) {
		$username = addslashes(trim(stripslashes($username)));
		if(!$_ENV['user']->check_username($username)) {
			return UC_USER_CHECK_USERNAME_FAILED;
		} elseif(!$_ENV['user']->check_usernamecensor($username)) {
			return UC_USER_USERNAME_BADWORD;
		} elseif($_ENV['user']->check_usernameexists($username)) {
			return UC_USER_USERNAME_EXISTS;
		}
		return 1;
	}

	function _check_email($email, $username = '') {
		if(empty($this->settings)) {
			$this->settings = $this->cache('settings');
		}
		if(!$_ENV['user']->check_emailformat($email)) {
			return UC_USER_EMAIL_FORMAT_ILLEGAL;
		} elseif(!$_ENV['user']->check_emailaccess($email)) {
			return UC_USER_EMAIL_ACCESS_ILLEGAL;
		} elseif(!$this->settings['doublee'] && $_ENV['user']->check_emailexists($email, $username)) {
			return UC_USER_EMAIL_EXISTS;
		} else {
			return 1;
		}
	}

	function onuploadavatar() {
	}

	function onrectavatar() {
	}
	function flashdata_decode($s) {
	}
}

?>
initial 5 years ago			`<?php`

			`/*`
			`[UCenter] (C)2001-2099 Comsenz Inc.`
			`This is NOT a freeware, use is subject to license terms`

			$Id: user.php 1082 2011-04-07 06:42:14Z svn_project_zhangjie $
			`*/`

			`!defined('IN_UC') && exit('Access Denied');`

			`define('UC_USER_CHECK_USERNAME_FAILED', -1);`
			`define('UC_USER_USERNAME_BADWORD', -2);`
			`define('UC_USER_USERNAME_EXISTS', -3);`
			`define('UC_USER_EMAIL_FORMAT_ILLEGAL', -4);`
			`define('UC_USER_EMAIL_ACCESS_ILLEGAL', -5);`
			`define('UC_USER_EMAIL_EXISTS', -6);`

			`class usercontrol extends base {`


			`function __construct() {`
			`$this->usercontrol();`
			`}`

			`function usercontrol() {`
			`parent::__construct();`
			`$this->load('user');`
			`$this->app = $this->cache['apps'][UC_APPID];`
			`}`

			`// -1 Î´¿ªÆô`
			`function onsynlogin() {`
			`$this->init_input();`
			`$uid = $this->input('uid');`
			`if($this->app['synlogin']) {`
			`if($this->user = $_ENV['user']->get_user_by_uid($uid)) {`
			`$synstr = '';`
			`foreach($this->cache['apps'] as $appid => $app) {`
			`if($app['synlogin'] && $app['appid'] != $this->app['appid']) {`
			`$synstr .= '<script type="text/javascript" src="'.$app['url'].'/api/uc.php?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogin&username='.$this->user['username'].'&uid='.$this->user['uid'].'&password='.$this->user['password']."&time=".$this->time, 'ENCODE', $app['authkey'])).'"></script>';`
			`}`
			`}`
			`return $synstr;`
			`}`
			`}`
			`return '';`
			`}`

			`function onsynlogout() {`
			`$this->init_input();`
			`if($this->app['synlogin']) {`
			`$synstr = '';`
			`foreach($this->cache['apps'] as $appid => $app) {`
			`if($app['synlogin'] && $app['appid'] != $this->app['appid']) {`
			`$synstr .= '<script type="text/javascript" src="'.$app['url'].'/api/uc.php?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogout&time='.$this->time, 'ENCODE', $app['authkey'])).'"></script>';`
			`}`
			`}`
			`return $synstr;`
			`}`
			`return '';`
			`}`

			`function onregister() {`
			`$this->init_input();`
			`$username = $this->input('username');`
			`$password = $this->input('password');`
			`$promote_id = $this->input('promote_id');`
			`$promote_account = $this->input('promote_account');`
			`$game_id = $this->input('game_id');`
			`$game_name = $this->input('game_name');`
			`$version = $this->input('version');`
			`$email = $this->input('email');`
			`$questionid = $this->input('questionid');`
			`$answer = $this->input('answer');`
			`$regip = $this->input('regip');`
			`$platform=$this->input('platform');`
			`if(($status = $this->_check_username($username)) < 0) {`
			`return $status;`
			`}`
			`// if(($status = $this->_check_email($email)) < 0) {`
			`// return $status;`
			`// }`
			`$uid = $_ENV['user']->add_user($username, $password,$email,$promote_id,$promote_account,$game_id,$game_name,$version, 0, $questionid, $answer, $regip,$platform);`
			`return $uid;`
			`}`

			`function onedit() {`
			`$this->init_input();`
			`$username = $this->input('username');`
			`$oldpw = $this->input('oldpw');`
			`$newpw = $this->input('newpw');`
			`$email = $this->input('email');`
			`$ignoreoldpw = $this->input('ignoreoldpw');`
			`$questionid = $this->input('questionid');`
			`$answer = $this->input('answer');`

			`if(!$ignoreoldpw && $email && ($status = $this->_check_email($email, $username)) < 0) {`
			`return $status;`
			`}`
			`$status = $_ENV['user']->edit_user($username, $oldpw, $newpw, $email, $ignoreoldpw, $questionid, $answer);`

			`if($newpw && $status > 0) {`
			`$this->load('note');`
			`$_ENV['note']->add('updatepw', 'username='.urlencode($username).'&password=');`
			`$_ENV['note']->send();`
			`}`
			`return $status;`
			`}`
			`function onget_user_by_username($username){`
			`$this->init_input();`
			`$user = $_ENV['user']->get_user_by_username($username);`
			`return $user;`
			`}`
			`function onget_user_by_uid($uid){`
			`$this->init_input();`
			`$user = $_ENV['user']->get_user_by_uid($uid);`
			`return $user;`
			`}`
			`function onlogin() {`
			`$this->init_input();`
			`$isuid = $this->input('isuid');`
			`$username = $this->input('username');`
			`$password = $this->input('password');`
			`$checkques = $this->input('checkques');`
			`$questionid = $this->input('questionid');`
			`$answer = $this->input('answer');`
			`if($isuid == 1) {`
			`$user = $_ENV['user']->get_user_by_uid($username);`
			`} elseif($isuid == 2) {`
			`$user = $_ENV['user']->get_user_by_email($username);`
			`} else {`
			`$user = $_ENV['user']->get_user_by_username($username);`
			`}`

			`$passwordmd5 = preg_match('/^\w{32}$/', $password) ? $password : md5($password);`
			`if(empty($user)) {`
			`$status = -1;`
			`} elseif($user['password'] != md5($passwordmd5.$user['salt'])) {`
			`$status = -2;`
			`} elseif($checkques && $user['secques'] != '' && $user['secques'] != $_ENV['user']->quescrypt($questionid, $answer)) {`
			`$status = -3;`
			`} else {`
			`$status = $user['uid'];`
			`}`
			`$merge = $status != -1 && !$isuid && $_ENV['user']->check_mergeuser($username) ? 1 : 0;`
			`return array($status, $user['username'], $password, $user['email'], $merge);`
			`}`

			`function oncheck_email() {`
			`$this->init_input();`
			`$email = $this->input('email');`
			`return $this->_check_email($email);`
			`}`

			`function oncheck_username() {`
			`$this->init_input();`
			`$username = $this->input('username');`
			`if(($status = $this->_check_username($username)) < 0) {`
			`return $status;`
			`} else {`
			`return 1;`
			`}`
			`}`

			`function onget_user() {`
			`$this->init_input();`
			`$username = $this->input('username');`
			`if(!$this->input('isuid')) {`
			`$status = $_ENV['user']->get_user_by_username($username);`
			`} else {`
			`$status = $_ENV['user']->get_user_by_uid($username);`
			`}`
			`if($status) {`
			`return array($status['uid'],$status['username'],$status['email']);`
			`} else {`
			`return 0;`
			`}`
			`}`


			`function ongetprotected() {`
			`$protectedmembers = $this->db->fetch_all("SELECT uid,username FROM ".UC_DBTABLEPRE."protectedmembers GROUP BY username");`
			`return $protectedmembers;`
			`}`

			`function ondelete() {`
			`$this->init_input();`
			`$uid = $this->input('uid');`
			`return $_ENV['user']->delete_user($uid);`
			`}`

			`function onaddprotected() {`
			`$this->init_input();`
			`$username = $this->input('username');`
			`$admin = $this->input('admin');`
			`$appid = $this->app['appid'];`
			`$usernames = (array)$username;`
			`foreach($usernames as $username) {`
			`$user = $_ENV['user']->get_user_by_username($username);`
			`$uid = $user['uid'];`
			`$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."protectedmembers SET uid='$uid', username='$username', appid='$appid', dateline='{$this->time}', admin='$admin'", 'SILENT');`
			`}`
			`return $this->db->errno() ? -1 : 1;`
			`}`

			`function ondeleteprotected() {`
			`$this->init_input();`
			`$username = $this->input('username');`
			`$appid = $this->app['appid'];`
			`$usernames = (array)$username;`
			`foreach($usernames as $username) {`
			`$this->db->query("DELETE FROM ".UC_DBTABLEPRE."protectedmembers WHERE username='$username' AND appid='$appid'");`
			`}`
			`return $this->db->errno() ? -1 : 1;`
			`}`

			`function onmerge() {`
			`$this->init_input();`
			`$oldusername = $this->input('oldusername');`
			`$newusername = $this->input('newusername');`
			`$uid = $this->input('uid');`
			`$password = $this->input('password');`
			`$email = $this->input('email');`
			`if(($status = $this->_check_username($newusername)) < 0) {`
			`return $status;`
			`}`
			`$uid = $_ENV['user']->add_user($newusername, $password, $email, $uid);`
			`$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->app['appid']."' AND username='$oldusername'");`
			`return $uid;`
			`}`

			`function onmerge_remove() {`
			`$this->init_input();`
			`$username = $this->input('username');`
			`$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->app['appid']."' AND username='$username'");`
			`return NULL;`
			`}`

			`function _check_username($username) {`
			`$username = addslashes(trim(stripslashes($username)));`
			`if(!$_ENV['user']->check_username($username)) {`
			`return UC_USER_CHECK_USERNAME_FAILED;`
			`} elseif(!$_ENV['user']->check_usernamecensor($username)) {`
			`return UC_USER_USERNAME_BADWORD;`
			`} elseif($_ENV['user']->check_usernameexists($username)) {`
			`return UC_USER_USERNAME_EXISTS;`
			`}`
			`return 1;`
			`}`

			`function _check_email($email, $username = '') {`
			`if(empty($this->settings)) {`
			`$this->settings = $this->cache('settings');`
			`}`
			`if(!$_ENV['user']->check_emailformat($email)) {`
			`return UC_USER_EMAIL_FORMAT_ILLEGAL;`
			`} elseif(!$_ENV['user']->check_emailaccess($email)) {`
			`return UC_USER_EMAIL_ACCESS_ILLEGAL;`
			`} elseif(!$this->settings['doublee'] && $_ENV['user']->check_emailexists($email, $username)) {`
			`return UC_USER_EMAIL_EXISTS;`
			`} else {`
			`return 1;`
			`}`
			`}`

			`function onuploadavatar() {`
			`}`

			`function onrectavatar() {`
			`}`
			`function flashdata_decode($s) {`
			`}`
			`}`

			`?>`