sers); db_delete('xn_Resnumb', array('uid' => $sbuids)); } $sbuids++; // 如果查询结果为空,跳出循环 if (empty($sbuidz)) { break; } }include_once APP_PATH.'plugin/xn_geetest/model/geetest.fuc.php'; $geetest_mail_status = kv_get('geetest'); if ($geetest_mail_status['geetest_mail_on'] != 1){ geetestcheck('geetest_user_create_on'); } $email = param('email'); $username = param('username'); $password = param('password'); $code = param('code'); empty($email) AND message('email', lang('please_input_email')); empty($username) AND message('username', lang('please_input_username')); empty($password) AND message('password', lang('please_input_password')); if($conf['user_create_email_on']) { $sess_email = _SESSION('user_create_email'); $sess_code = _SESSION('user_create_code'); empty($sess_code) AND message('code', lang('click_to_get_verify_code')); empty($sess_email) AND message('code', lang('click_to_get_verify_code')); $email != $sess_email AND message('code', lang('verify_code_incorrect')); $code != $sess_code AND message('code', lang('verify_code_incorrect')); } !is_email($email, $err) AND message('email', $err); $_user = user_read_by_email($email); $_user AND message('email', lang('email_is_in_use')); !is_username($username, $err) AND message('username', $err); $_user = user_read_by_username($username); $_user AND message('username', lang('username_is_in_use')); !is_password($password, $err) AND message('password', $err); $salt = xn_rand(16); $pwd = md5($password.$salt); $gid = 101; $_user = array ( 'username' => $username, 'email' => $email, 'password' => $pwd, 'salt' => $salt, 'gid' => $gid, 'create_ip' => $longip, 'create_date' => $time, 'logins' => 1, 'login_date' => $time, 'login_ip' => $longip, ); $uid = user_create($_user); $uid === FALSE AND message('email', lang('user_create_failed')); $user = user_read($uid); // 更新 session unset($_SESSION['user_create_email']); unset($_SESSION['user_create_code']); $_SESSION['uid'] = $uid; user_token_set($uid); $extra = array('token'=>user_token_gen($uid)); // 根据后台是否开启邮箱验证码注册,在注册完成后设置用户的邮箱验证状态: // - 开启邮箱注册验证码:直接标记为已验证(email_v = '1') // - 未开启邮箱注册验证码:标记为未验证(email_v = '0') if (isset($uid) && $uid) { $verifyOnCreate = !empty($conf['user_create_email_on']); user_update($uid, array('email_v' => $verifyOnCreate ? '1' : '0')); } $set_check = setting_get('tt_check'); if($set_check['user_check']!='1') user_update($uid,array('OK'=>'1')); if($add_credits&&isset($promote_code)) { user_update($uid,array('credits+'=>$setting_promote['bonus_credits_to'],'golds+'=>$setting_promote['bonus_golds_to'],'rmbs+'=>$setting_promote['bonus_rmbs_to'])); $r = db_find_one('user',array('promote'=>$promote_code)); $from_uid = $r['uid']; user_update($from_uid,array('credits+'=>$setting_promote['bonus_credits_from'],'golds+'=>$setting_promote['bonus_golds_from'],'rmbs+'=>$setting_promote['bonus_rmbs_from'])); db_insert('promote_log',array('time'=>time(),'uid_from'=>$from_uid,'uid_to'=>$uid)); } message(0, lang('user_create_sucessfully'), $extra); } } elseif($action == 'logout') { $uid = 0; $_SESSION['uid'] = $uid; user_token_clear(); message(0, jump(lang('logout_successfully'), http_referer(), 1)); //message(0, jump('退出成功', './', 1)); // 重设密码第 1 步 | reset password first step } elseif($action == 'resetpw') { !$conf['user_resetpw_on'] AND message(-1, '未开启密码找回功能!'); if($method == 'GET') { $header['title'] = lang('resetpw'); include _include(APP_PATH.'view/htm/user_resetpw.htm'); } else if($method == 'POST') { $email = param('email'); empty($email) AND message('email', lang('please_input_email')); !is_email($email, $err) AND message('email', $err); $_user = user_read_by_email($email); !$_user AND message('email', lang('email_is_not_in_use')); $code = param('code'); empty($code) AND message('code', lang('please_input_verify_code')); $sess_email = _SESSION('user_resetpw_email'); $sess_code = _SESSION('user_resetpw_code'); empty($sess_code) AND message('code', lang('click_to_get_verify_code')); empty($sess_email) AND message('code', lang('click_to_get_verify_code')); $email != $sess_email AND message('code', lang('verify_code_incorrect')); $code != $sess_code AND message('code', lang('verify_code_incorrect')); $_SESSION['resetpw_verify_ok'] = 1; message(0, lang('check_ok_to_next_step')); } // 重设密码第 3 步 | reset password step 3 } elseif($action == 'resetpw_complete') { // 校验数据 $email = _SESSION('user_resetpw_email'); $resetpw_verify_ok = _SESSION('resetpw_verify_ok'); (empty($email) || empty($resetpw_verify_ok)) AND message(-1, lang('data_empty_to_last_step')); $_user = user_read_by_email($email); empty($_user) AND message(-1, lang('email_not_exists')); $_uid = $_user['uid']; if($method == 'GET') { $header['title'] = lang('resetpw'); include _include(APP_PATH.'view/htm/user_resetpw_complete.htm'); } else if($method == 'POST') { $password = param('password'); empty($password) AND message('password', lang('please_input_password')); $salt = $_user['salt']; $password = md5($password.$salt); user_update($_uid, array('password'=>$password)); !is_password($password, $err) AND message('password', $err); unset($_SESSION['user_resetpw_email']); unset($_SESSION['user_resetpw_code']); unset($_SESSION['resetpw_verify_ok']); message(0, lang('modify_successfully')); } // 发送验证码 } elseif($action == 'send_code') { $method != 'POST' AND message(-1, lang('method_error')); include_once APP_PATH.'plugin/xn_geetest/model/geetest.fuc.php'; geetestcheck('geetest_mail_on'); $action2 = param(2); // 创建用户 if($action2 == 'user_create') { $email = param('email'); empty($email) AND message('email', lang('please_input_email')); !is_email($email, $err) AND message('email', $err); empty($conf['user_create_email_on']) AND message(-1, lang('email_verify_not_on')); $_user = user_read_by_email($email); !empty($_user) AND message('email', lang('email_is_in_use')); $code = rand(100000, 999999); $_SESSION['user_create_email'] = $email; $_SESSION['user_create_code'] = $code; // 重置密码,往老地址发送 } elseif($action2 == 'user_resetpw') { $email = param('email'); empty($email) AND message('email', lang('please_input_email')); !is_email($email, $err) AND message('email', $err); $_user = user_read_by_email($email); empty($_user) AND message('email', lang('email_is_not_in_use')); empty($conf['user_resetpw_on']) AND message(-1, lang('resetpw_not_on')); $code = rand(100000, 999999); $_SESSION['user_resetpw_email'] = $email; $_SESSION['user_resetpw_code'] = $code; } else { message(-1, 'action2 error'); } $subject = lang('send_code_template', array('rand'=>$code, 'sitename'=>$conf['sitename'])); $message = $subject; $smtplist = include _include(APP_PATH.'conf/smtp.conf.php'); $n = array_rand($smtplist); $smtp = $smtplist[$n]; // 读取插件设置 $fxz_email_setting = kv_get('fxz_email_setting'); $send_name = empty($fxz_email_setting['send_email_name']) ? lang('send_email_name') : $fxz_email_setting['send_email_name']; $contact_url = empty($fxz_email_setting['contact_url']) ? '#' : $fxz_email_setting['contact_url']; $EmailSub = '来自'.$conf['sitename'].'的邮件'; // 标题 // 正文(注入联系链接) $EmailMessage = lang('send_code_template_new', array('rand'=>$code, 'sitename'=>$conf['sitename'], 'contact_url'=>$contact_url)); $r = xn_send_mail($smtp, $send_name, $email, $EmailSub, $EmailMessage); if($r === TRUE) { message(0, lang('send_successfully')); } else { xn_log($errstr, 'send_mail_error'); message(-1, $errstr); } $r = xn_send_mail($smtp, $conf['sitename'], $email, $subject, $message); if($r === TRUE) { message(0, lang('send_successfully')); } else { xn_log($errstr, 'send_mail_error'); message(-1, $errstr); } // 简单的同步登陆实现:| sync login implement simply /* 将用户信息通过 token 传递给其他系统 | send user information to other system by token 两边系统将 auth_key 设置为一致,用 xn_encrypt() xn_decrypt() 加密解密。all subsystem set auth_key to correct by xn_encrypt() xn_decrypt() */ } elseif($action == 'synlogin') { // 检查过来的 token | check token $token = param('token'); $return_url = param('return_url'); $s = xn_decrypt($token); !$s AND message(-1, lang('unauthorized_access')); list($_time, $_useragent) = explode("\t", $s); $useragent != $_useragent AND message(-1, lang('authorized_get_failed')); empty($_SESSION['return_url']) AND $_SESSION['return_url'] = $return_url; if(!$uid) { http_location(url('user-login')); } else { $return_url = _SESSION('return_url'); empty($return_url) AND message(-1, lang('request_synlogin_again')); unset($_SESSION['return_url']); $arr = array( 'uid'=>$user['uid'], 'gid'=>$user['gid'], 'username'=>$user['username'], 'avatar_url'=>$user['avatar_url'], 'email'=>$user['email'], 'mobile'=>$user['mobile'], ); $s = xn_json_encode($arr); $s = xn_encrypt($s); // 将 token 附加到 URL,跳转回去 | add token into URL, jump back $url = xn_urldecode($return_url).'?token='.$s; //$url = xn_url_add_arg($return_url, 'token', $s); http_location($url); } } else { } if($action == 'pm') { empty($uid) AND message(1, jump('请登录后发送私信',url('user-login'),3)); if($method == 'GET') { $_uid = param(2, 0); // 处理获取新消息的Ajax请求 if(param('action') == 'get_new_messages') { $last_nid = intval(param('last_nid', 0)); try { // 构造基础查询条件 $baseWhere = array('type' => 7); if($last_nid > 0) { $baseWhere['nid>'] = $last_nid; } // 查询我发给对方的消息 $where1 = array_merge($baseWhere, array('fromuid' => $uid, 'recvuid' => $_uid)); $msg1 = db_find('notice', $where1, array(), 1, 1000); // 查询对方发给我的消息 $where2 = array_merge($baseWhere, array('fromuid' => $_uid, 'recvuid' => $uid)); $msg2 = db_find('notice', $where2, array(), 1, 1000); // 合并结果 $newMessages = array(); if(is_array($msg1)) $newMessages = array_merge($newMessages, $msg1); if(is_array($msg2)) $newMessages = array_merge($newMessages, $msg2); // 按时间排序 if(!empty($newMessages)) { $newMessages = arrlist_multisort($newMessages,'create_date',TRUE); // 添加用户信息 foreach($newMessages as &$msg) { $msg['user'] = user_read_cache($msg['fromuid']); } } // 返回JSON响应 $response = array( 'code' => 0, 'message' => 'success', 'data' => $newMessages ); echo json_encode($response); exit; } catch(Exception $e) { // 出错时返回空结果 $response = array( 'code' => 0, 'message' => 'success', 'data' => array() ); echo json_encode($response); exit; } } // 查询发送给对方的消息 $noticelist = db_find('notice', array('fromuid'=>$uid,'recvuid'=>$_uid,'type'=>7), array(), 1, 1000); if(!is_array($noticelist)) $noticelist = array(); // 查询对方发给我的消息 $mynoticelist = db_find('notice', array('fromuid'=>$_uid,'recvuid'=>$uid,'type'=>7), array(), 1, 1000); if(!is_array($mynoticelist)) $mynoticelist = array(); // 合并并排序 $noticels = array_merge($noticelist,$mynoticelist); $noticel = arrlist_multisort($noticels,'create_date',TRUE); // 调试信息:记录读取到的消息数量 error_log('私信历史记录读取: 用户' . $uid . '和' . $_uid . ', 发送消息:' . count($noticelist) . '条, 接收消息:' . count($mynoticelist) . '条, 总计:' . count($noticel) . '条'); $kv = kv_get('ax_notice'); $freetimeslist = db_find_one('notice_freetimes',array("uid"=>$uid)); include _include(APP_PATH.'plugin/ax_notice_sx/htm/user_pm.htm'); } elseif ($method == 'POST') { $_uid = param(2, 0); empty($_uid) AND message('ax_message', '用户不能为空'); $ax_message = param('ax_message', ''); empty($ax_message) AND message('ax_message', '消息内容不能为空'); // 确保表情符号正确处理 $ax_message = trim($ax_message); $to_uid = user_read($_uid); empty($to_uid) AND message('ax_message', '用户不存在,请确认后重试'); empty($_uid != $uid) AND message('ax_message', '不能给自己发私信'); $kv = kv_get('ax_notice'); if(!empty($kv['exemptnew']) && in_array($gid,$kv['deduct_credit'])){ $freetimeslist = db_find_one('notice_freetimes',array("uid"=>$uid)); if($uid != $freetimeslist['uid']){ db_insert('notice_freetimes',array('uid'=>$uid,'free_times'=>1)); } else { if($freetimeslist['free_times'] <= $kv['free_times']-1){ db_update('notice_freetimes', array('uid'=>$uid),array('free_times'=>$freetimeslist['free_times']+1)); } } if(($kv['free_times'] - $freetimeslist['free_times']) <= 0){ empty($user[$kv['credit']] - $kv['credit_number'] >= 0) AND message('ax_message', lang(''.$kv['credit'].'').'不足'); user_update($uid,array($kv['credit']=>($user[$kv['credit']] - $kv['credit_number']))); db_update('notice_freetimes',array('uid'=>$uid),array('credit'=>$freetimeslist['credit'] + $kv['credit_number'])); } } // 详细调试信息,同时写入到文件以便查看 $debug_msg = "私信发送调试 - 发送者UID: {$uid}, 接收者UID: {$_uid}, 消息内容: {$ax_message}"; error_log($debug_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $debug_msg . "\n", FILE_APPEND); // 检查当前用户会话状态 if(!isset($uid) || $uid <= 0) { $error_msg = "私信发送失败 - 发送者UID无效: " . var_export($uid, true); error_log($error_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $error_msg . "\n", FILE_APPEND); message(1, '发送失败:用户未登录或登录状态异常'); } // 检查发送者信息 $sender_info = user_read_cache($uid); if(!$sender_info) { $error_msg = "私信发送失败 - 发送者信息不存在: UID {$uid}"; error_log($error_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $error_msg . "\n", FILE_APPEND); message(1, '发送失败:发送者信息错误'); } // 检查接收者信息 $receiver_info = user_read_cache($_uid); if(!$receiver_info) { $error_msg = "私信发送失败 - 接收者信息不存在: UID {$_uid}"; error_log($error_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $error_msg . "\n", FILE_APPEND); message(1, '发送失败:接收者信息错误'); } // 检查函数是否存在 if(!function_exists('notice_send')) { $error_msg = "私信发送失败 - notice_send函数不存在"; error_log($error_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $error_msg . "\n", FILE_APPEND); message(1, '发送失败:系统函数缺失'); } $nid = notice_send($uid, $_uid, $ax_message, 7); // 详细记录发送结果 if($nid) { $success_msg = "私信发送成功 - NID: {$nid}"; error_log($success_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $success_msg . "\n", FILE_APPEND); } else { $error_msg = "私信发送失败 - notice_send返回: " . var_export($nid, true); error_log($error_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $error_msg . "\n", FILE_APPEND); // 检查数据库连接和notice表 try { $test_query = db_find_one('notice', array(), array('nid' => -1), 1); $db_msg = "数据库notice表测试查询成功"; error_log($db_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $db_msg . "\n", FILE_APPEND); } catch(Exception $e) { $db_error_msg = "数据库notice表测试查询失败: " . $e->getMessage(); error_log($db_error_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $db_error_msg . "\n", FILE_APPEND); } } // Ajax返回时包含新消息数据 if($nid) { $notice = db_find_one('notice', array('nid' => $nid)); if($notice) { $notice['user'] = user_read_cache($uid); // 直接将notice数据放在响应的根级别 $response = array( 'code' => 0, 'message' => '发送成功', 'notice' => $notice, 'data' => array('notice' => $notice) // 同时提供两种格式兼容 ); echo json_encode($response); exit; } else { $query_error_msg = "私信发送后查询消息失败 - NID: {$nid}"; error_log($query_error_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $query_error_msg . "\n", FILE_APPEND); message(0, '发送成功'); } } else { $final_error_msg = "最终发送失败,返回错误给前端"; error_log($final_error_msg); file_put_contents('debug_notice.log', date('Y-m-d H:i:s') . " - " . $final_error_msg . "\n", FILE_APPEND); message(1, '发送失败,请重试'); } } } if($action=='medal') if($method=='GET') { $_uid = param(2, 0); empty($_uid) AND $_uid = $uid; $_user = user_read($_uid); empty($_user) AND message(-1, lang('user_not_exists')); $header['title'] = $_user['username']; $header['mobile_title'] = $_user['username']; include _include(APP_PATH . 'plugin/tt_medal/view/htm/user_medal.htm'); } ?>