op.php
上传用户:m68239277
上传日期:2014-10-12
资源大小:824k
文件大小:4k
- <?php
- /*
- 法律声明:本软件仅面对香港地区使用,若在大陆使用而引起的法律问题,程序开发者将不付任何法律责任,
- 由于软件开发难免会有缺陷,若由于程序缺陷而造成的任何损失程序开发者将不负任何责任!
- 特此声明!
- 声明内容请勿去除,它的存在并不影响程序的运行速度!
- */
- set_time_limit(1800);
- session_start();
- include("inc/conn.php");
- $sql_odate=mysql_query("select * from ptime where now_sign='1'",$conn); //update open date
- $open_time=mysql_result($sql_odate,0,"open_time");
- $downdate=mysql_result($sql_odate,0,"dates");
- $opendate=substr($open_time,0,10);
- $utime=str_replace("-","",$opendate);
- mysql_query("update ptime set open_date='$utime' where dates='$downdate'",$conn);
- $_SESSION["downdate"]=$downdate;
- $_SESSION["opendate"]=$opendate;
- if(isset($_POST['login'])&&isset($_POST['pass'])&&isset($_POST['code']))
- { $user_account=chop($_POST['login']);
- $user=$user_account;
- $user_password=md5(chop($_POST['pass']));
- $yzcode=$_SESSION["yzcode"];
- char($user_account);
- char($user_password);
- char($yzcode);
- if(isset($yzcode)&&isset($_POST["code"]))
- {
- if($_POST["code"]==$yzcode)
- {
- checkuser($user_account,$user_password);
- include("pro.php");
- }else outscript("alert('验证码错误,请重新输入!');history.back(1);");
- }
- }else
- {
- outscript("alert('请输入完整的信息!');history.back(1);");
- }
- function checkuser($user_account,$user_password)
- { global $conn;
- $sql=mysql_query("select * from member where user_account='$user_account'",$conn);
- if(mysql_num_rows($sql)==0)
- {
- outscript("alert('该账号不存在!');history.back(1);");
- }else
- {
- $sqls=mysql_query("select * from member where user_account='$user_account' and user_password='$user_password'",$conn);
- if(mysql_num_rows($sqls)==0)
- {
- mysql_query("update member set login_err=login_err+1 where user_account='$user_account'",$conn);
- outscript("alert('密码错误,请重新输入!');history.back(1);");
- }else
- {
- $deleted=mysql_result($sqls,0,"deleted");
- if($deleted==1)
- {
- outscript("alert('您的账户已被停用!');history.back(1)");
- }else
- {
- $names=mysql_result($sqls,0,"user_name");
- $users=mysql_result($sqls,0,"user_account");
- $_SESSION["name"]=$names;
- $_SESSION["user"]=$users;
- $_SESSION["type"]=mysql_result($sqls,0,"user_plate");
- $_SESSION["plate"]=mysql_result($sqls,0,"user_plate");
- $_SESSION["credit"]=mysql_result($sqls,0,"user_credit");
- $_SESSION["used"]=mysql_result($sqls,0,"used_credit");
- $_SESSION["agent"]=mysql_result($sqls,0,"agent");
- $_SESSION["all_agent"]=mysql_result($sqls,0,"all_agent");
- $_SESSION["super_agent"]=mysql_result($sqls,0,"super_agent");
- mysql_query("update member set online='0' where user_account='$users'",$conn);
- $sqlf=mysql_query("select * from online where user_account='$users'",$conn);
- $have=mysql_num_rows($sqlf);
- $ip=$_SERVER['REMOTE_ADDR'];
- $tm=date(YmdHis);
- mysql_query("update member set login_num=login_num+1,login_time='$tm',ip='$ip' where user_account='$user_account'",$conn);
- if($have==0) mysql_query("insert into online(user_type,user_name,user_account,ip,login_time,active_time)values('1','$names','$users','$ip','$tm','$tm')",$conn);
- if($have>0)
- {
- $_SESSION["onyes"]=1;
- mysql_query("insert into onuser(user_account,sign)values('$users','1')",$conn);//别处登录
- }
- }
- }
- }
- }
- function char($arr)
- {
- $ay="<,>,?,/,,$,@,',*,!,#,%,^,&,(,),;,~,],[";
- $sa=split(",",$ay);
- for($i=1;$i<count($sa)-1;$i++)
- {
- if(strstr($arr,$sa[$i])) outscript("alert('请不要输入非法字符!');history.back(1);");
- }
- }
- function outscript($arr)
- {
- echo "<script language='javascript'>".$arr."</script>";
- }
- ?>
English
