fenglin/bbs/user_service_login.php

<?php
        require_once "../lib/db_open.inc.php";
        require_once "../lib/lml.inc.php";
        require_once "../lib/passwd.inc.php";
        require_once "../lib/vn_gif.inc.php";
        require_once "../lib/client_addr.inc.php";
        require_once "../lib/ip_mask.inc.php";
        require_once "./session_init.inc.php";
        require_once "./user_login.inc.php";

        $data = json_decode(file_get_contents("php://input"), true);

        $username = (isset($data["username"]) ? trim($data["username"]) : "");
        $password = (isset($data["password"]) ? trim($data["password"]) : "");
        $ch_passwd = (isset($data["ch_passwd"]) && $data["ch_passwd"] == "1" ? 1 : 0);
        $password_new = (isset($data["password_new"]) ? trim($data["password_new"]) : "");
        $agreement = (isset($data["agreement"]) && $data["agreement"] == "1");
        $mfa = (isset($data["mfa"]) && $data["mfa"] == "1" ? 1 : 0);
        $vn_str = (isset($data["vn_str"]) ? trim($data["vn_str"]) : "");

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        if (!preg_match("/^[A-Za-z][A-Za-z0-9]{2,11}$/", $username))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if (!preg_match("/^[A-Za-z0-9]{5,12}$/", $password))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "password",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($ch_passwd)
        {
                if (!preg_match("/^[A-Za-z0-9]{6,12}$/", $password_new))
                {
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "password_new",
                                "errMsg" => "不符合格式要求",
                        ));
                }

                if (!verify_pass_complexity($password_new, $username, 6))
                {
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "password_new",
                                "errMsg" => "不符合复杂性要求",
                        ));
                }
        }

        if ($mfa)
        {
                if ((!isset($_SESSION["BBS_vn_str"])) || $_SESSION["BBS_vn_str"] == "" || strcasecmp($_SESSION["BBS_vn_str"], $vn_str) != 0)
                {
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "vn_str",
                                "errMsg" => "验证码错误",
                        ));
                }
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if (!$mfa)
        {
                // Failed login attempts from the same source (subnet /24) during certain time period
                $sql = "SELECT COUNT(*) AS err_count FROM user_err_login_log
                                WHERE login_dt >= SUBDATE(NOW(), INTERVAL 10 MINUTE)
                                AND login_ip LIKE '" . client_addr(1) . "'";
                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Query login log error: " . mysqli_error($db_conn);
        
                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                if ($row = mysqli_fetch_array($rs))
                {
                        if ($row["err_count"] >= 2)
                        {
                                $result_set["return"]["code"] = 1;
                                $result_set["return"]["message"] = "来源存在多次失败登陆尝试，请输入验证码";

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }
                mysqli_free_result($rs);

                // Failed login attempts against the current username during certain time period
                $sql = "SELECT COUNT(*) AS err_count FROM user_err_login_log
                                WHERE username = '$username' AND login_dt >= SUBDATE(NOW(), INTERVAL 1 DAY)";
                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Query login log error: " . mysqli_error($db_conn);
        
                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                if ($row = mysqli_fetch_array($rs))
                {
                        if ($row["err_count"] >= 5)
                        {
                                $result_set["return"]["code"] = 1;
                                $result_set["return"]["message"] = "账户存在多次失败登陆尝试，请输入验证码";

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }
                mysqli_free_result($rs);
        }

        $sql = "SELECT UID, p_login, verified, temp_password,
                        password = MD5('$password') AS old_pass
                        FROM user_list WHERE username = '$username' AND
                        (password = MD5('$password') OR password = SHA2('$password', 256) OR
                        temp_password = '$password')
                        AND enable FOR UPDATE";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user list error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $uid = 0;

        if ($row = mysqli_fetch_array($rs))
        {
                $uid = intval($row["UID"]);

                if ($password == $row["temp_password"] && !$ch_passwd)
                {
                        $result_set["return"]["code"] = 2;
                        $result_set["return"]["message"] = "使用临时密码登录需设置新密码";

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                if ($ch_passwd)
                {
                        if ($password == $row["temp_password"]) // New user first time login with temp password
                        {
                                $verified = 1;

                                // Set life = 150 for verified user
                                $sql = "UPDATE user_pubinfo SET life = 150 WHERE UID = $uid";
                                $rs_life = mysqli_query($db_conn, $sql);
                                if ($rs_life == false)
                                {
                                        $result_set["return"]["code"] = -2;
                                        $result_set["return"]["message"] = "Update user life error: " . mysqli_error($db_conn);
                        
                                        mysqli_close($db_conn);
                                        exit(json_encode($result_set));
                                }
                        }
                        else
                        {
                                $verified = $row["verified"];
                        }

                        $sql = "UPDATE user_list SET password = SHA2('$password_new', 256),
                                        temp_password = '', verified = $verified WHERE UID = $uid";
                        $rs_p = mysqli_query($db_conn, $sql);
                        if ($rs_p == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Update password error: " . mysqli_error($db_conn);
                
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }
                else if ($row["old_pass"])
                {
                        $sql = "UPDATE user_list SET password = SHA2('$password', 256) WHERE UID = $uid";
                        $rs_p = mysqli_query($db_conn, $sql);
                        if ($rs_p == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Upgrade password error: " . mysqli_error($db_conn);
                
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }

                mysqli_free_result($rs);

                // Add user login log
                $sql = "INSERT INTO user_login_log(uid, login_dt, login_ip) VALUES($uid, NOW(), '" .
                                client_addr() . "')";
                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Write log error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                // Commit transaction
                $rs = mysqli_query($db_conn, "COMMIT");
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
                
                // Forbidden user
                if (!$row["p_login"])
                {
                        $result_set["return"]["code"] = 3;
                        $result_set["return"]["message"] = "您已被封禁全站登陆权限！";
        
                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
        }
        else
        {
                // Log login failure
                $sql = "INSERT INTO user_err_login_log(username, password, login_dt, login_ip)
                                VALUES('$username', '$password', NOW(), '" . client_addr() . "')";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Write log error: " . mysqli_error($db_conn);
        
                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                // Commit transaction
                $rs = mysqli_query($db_conn, "COMMIT");
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                $_SESSION["BBS_vn_str"] = ""; // Force change vn_str

                $result_set["return"]["code"] = 3;
                $result_set["return"]["message"] = "用户名或密码不正确";

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // SET AUTOCOMMIT = 1
        $rs = mysqli_query($db_conn, "SET autocommit=1");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        //Load User Information
        $ret = load_user_info($uid, $db_conn);
        switch($ret)
        {
                case -1:
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "User data not found: " . mysqli_error($db_conn);
        
                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                case -2:
                        if (!$agreement)
                        {
                                $buffer = file_get_contents("./doc/license/" . (new DateTime($BBS_license_dt))->format("Ymd") . ".txt");
                
                                $result_set["return"]["code"] = 4;
                                $result_set["return"]["message"] = LML(htmlspecialchars($buffer, ENT_HTML401, 'UTF-8'), false, false, 1024);
                        
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                        break;
                case -3:
                        $result_set["return"]["code"] = 3;
                        $result_set["return"]["message"] = "很遗憾，您已经永远离开了我们的世界……";
        
                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
        }

        $sql = "UPDATE user_pubinfo SET visit_count = visit_count + 1,
                        last_login_dt = NOW() WHERE UID = $uid";
        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update login info error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $_SESSION["BBS_uid"] = $uid;
        $_SESSION["BBS_username"] = $username;
        $_SESSION["BBS_login_tm"] = time();
        $_SESSION["BBS_vn_str"] = "";

        if (!keep_alive($db_conn))
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Keep alive error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	sysadm	1.1	<?php
2			require_once "../lib/db_open.inc.php";
3			require_once "../lib/lml.inc.php";
4			require_once "../lib/passwd.inc.php";
5			require_once "../lib/vn_gif.inc.php";
6			require_once "../lib/client_addr.inc.php";
7			require_once "../lib/ip_mask.inc.php";
8			require_once "./session_init.inc.php";
9			require_once "./user_login.inc.php";
10
11			$data = json_decode(file_get_contents("php://input"), true);
12
13			$username = (isset($data["username"]) ? trim($data["username"]) : "");
14			$password = (isset($data["password"]) ? trim($data["password"]) : "");
15			$ch_passwd = (isset($data["ch_passwd"]) && $data["ch_passwd"] == "1" ? 1 : 0);
16			$password_new = (isset($data["password_new"]) ? trim($data["password_new"]) : "");
17			$agreement = (isset($data["agreement"]) && $data["agreement"] == "1");
18			$mfa = (isset($data["mfa"]) && $data["mfa"] == "1" ? 1 : 0);
19			$vn_str = (isset($data["vn_str"]) ? trim($data["vn_str"]) : "");
20
21			$result_set = array(
22			"return" => array(
23			"code" => 0,
24			"message" => "",
25			"errorFields" => array(),
26			)
27			);
28
29			header("Content-Type:application/json; charset=utf-8");
30
31			// Validate input data
32			if (!preg_match("/^[A-Za-z][A-Za-z0-9]{2,11}$/", $username))
33			{
34			$result_set["return"]["code"] = -1;
35			array_push($result_set["return"]["errorFields"], array(
36			"id" => "username",
37			"errMsg" => "不符合格式要求",
38			));
39			}
40
41			if (!preg_match("/^[A-Za-z0-9]{5,12}$/", $password))
42			{
43			$result_set["return"]["code"] = -1;
44			array_push($result_set["return"]["errorFields"], array(
45			"id" => "password",
46			"errMsg" => "不符合格式要求",
47			));
48			}
49
50			if ($ch_passwd)
51			{
52			if (!preg_match("/^[A-Za-z0-9]{6,12}$/", $password_new))
53			{
54			$result_set["return"]["code"] = -1;
55			array_push($result_set["return"]["errorFields"], array(
56			"id" => "password_new",
57			"errMsg" => "不符合格式要求",
58			));
59			}
60
61			if (!verify_pass_complexity($password_new, $username, 6))
62			{
63			$result_set["return"]["code"] = -1;
64			array_push($result_set["return"]["errorFields"], array(
65			"id" => "password_new",
66			"errMsg" => "不符合复杂性要求",
67			));
68			}
69			}
70
71			if ($mfa)
72			{
73			if ((!isset($_SESSION["BBS_vn_str"])) \|\| $_SESSION["BBS_vn_str"] == "" \|\| strcasecmp($_SESSION["BBS_vn_str"], $vn_str) != 0)
74			{
75			$result_set["return"]["code"] = -1;
76			array_push($result_set["return"]["errorFields"], array(
77			"id" => "vn_str",
78			"errMsg" => "验证码错误",
79			));
80			}
81			}
82
83			if ($result_set["return"]["code"] != 0)
84			{
85			mysqli_close($db_conn);
86			exit(json_encode($result_set));
87			}
88
89			// Begin transaction
90			$rs = mysqli_query($db_conn, "SET autocommit=0");
91			if ($rs == false)
92			{
93			$result_set["return"]["code"] = -2;
94			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
95
96			mysqli_close($db_conn);
97			exit(json_encode($result_set));
98			}
99
100			$rs = mysqli_query($db_conn, "BEGIN");
101			if ($rs == false)
102			{
103			$result_set["return"]["code"] = -2;
104			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
105
106			mysqli_close($db_conn);
107			exit(json_encode($result_set));
108			}
109
110			if (!$mfa)
111			{
112			// Failed login attempts from the same source (subnet /24) during certain time period
113			$sql = "SELECT COUNT(*) AS err_count FROM user_err_login_log
114			WHERE login_dt >= SUBDATE(NOW(), INTERVAL 10 MINUTE)
115			AND login_ip LIKE '" . client_addr(1) . "'";
116			$rs = mysqli_query($db_conn, $sql);
117			if ($rs == false)
118			{
119			$result_set["return"]["code"] = -2;
120			$result_set["return"]["message"] = "Query login log error: " . mysqli_error($db_conn);
121
122			mysqli_close($db_conn);
123			exit(json_encode($result_set));
124			}
125
126			if ($row = mysqli_fetch_array($rs))
127			{
128			if ($row["err_count"] >= 2)
129			{
130			$result_set["return"]["code"] = 1;
131			$result_set["return"]["message"] = "来源存在多次失败登陆尝试，请输入验证码";
132
133			mysqli_close($db_conn);
134			exit(json_encode($result_set));
135			}
136			}
137			mysqli_free_result($rs);
138
139			// Failed login attempts against the current username during certain time period
140			$sql = "SELECT COUNT(*) AS err_count FROM user_err_login_log
141			WHERE username = '$username' AND login_dt >= SUBDATE(NOW(), INTERVAL 1 DAY)";
142			$rs = mysqli_query($db_conn, $sql);
143			if ($rs == false)
144			{
145			$result_set["return"]["code"] = -2;
146			$result_set["return"]["message"] = "Query login log error: " . mysqli_error($db_conn);
147
148			mysqli_close($db_conn);
149			exit(json_encode($result_set));
150			}
151
152			if ($row = mysqli_fetch_array($rs))
153			{
154			if ($row["err_count"] >= 5)
155			{
156			$result_set["return"]["code"] = 1;
157			$result_set["return"]["message"] = "账户存在多次失败登陆尝试，请输入验证码";
158
159			mysqli_close($db_conn);
160			exit(json_encode($result_set));
161			}
162			}
163			mysqli_free_result($rs);
164			}
165
166			$sql = "SELECT UID, p_login, verified, temp_password,
167			password = MD5('$password') AS old_pass
168			FROM user_list WHERE username = '$username' AND
169			(password = MD5('$password') OR password = SHA2('$password', 256) OR
170			temp_password = '$password')
171			AND enable FOR UPDATE";
172
173			$rs = mysqli_query($db_conn, $sql);
174			if ($rs == false)
175			{
176			$result_set["return"]["code"] = -2;
177			$result_set["return"]["message"] = "Query user list error: " . mysqli_error($db_conn);
178
179			mysqli_close($db_conn);
180			exit(json_encode($result_set));
181			}
182
183			$uid = 0;
184
185			if ($row = mysqli_fetch_array($rs))
186			{
187			$uid = intval($row["UID"]);
188
189			if ($password == $row["temp_password"] && !$ch_passwd)
190			{
191			$result_set["return"]["code"] = 2;
192			$result_set["return"]["message"] = "使用临时密码登录需设置新密码";
193
194			mysqli_close($db_conn);
195			exit(json_encode($result_set));
196			}
197
198			if ($ch_passwd)
199			{
200			if ($password == $row["temp_password"]) // New user first time login with temp password
201			{
202			$verified = 1;
203
204			// Set life = 150 for verified user
205			$sql = "UPDATE user_pubinfo SET life = 150 WHERE UID = $uid";
206			$rs_life = mysqli_query($db_conn, $sql);
207			if ($rs_life == false)
208			{
209			$result_set["return"]["code"] = -2;
210			$result_set["return"]["message"] = "Update user life error: " . mysqli_error($db_conn);
211
212			mysqli_close($db_conn);
213			exit(json_encode($result_set));
214			}
215			}
216			else
217			{
218			$verified = $row["verified"];
219			}
220
221			$sql = "UPDATE user_list SET password = SHA2('$password_new', 256),
222			temp_password = '', verified = $verified WHERE UID = $uid";
223			$rs_p = mysqli_query($db_conn, $sql);
224			if ($rs_p == false)
225			{
226			$result_set["return"]["code"] = -2;
227			$result_set["return"]["message"] = "Update password error: " . mysqli_error($db_conn);
228
229			mysqli_close($db_conn);
230			exit(json_encode($result_set));
231			}
232			}
233			else if ($row["old_pass"])
234			{
235			$sql = "UPDATE user_list SET password = SHA2('$password', 256) WHERE UID = $uid";
236			$rs_p = mysqli_query($db_conn, $sql);
237			if ($rs_p == false)
238			{
239			$result_set["return"]["code"] = -2;
240			$result_set["return"]["message"] = "Upgrade password error: " . mysqli_error($db_conn);
241
242			mysqli_close($db_conn);
243			exit(json_encode($result_set));
244			}
245			}
246
247			mysqli_free_result($rs);
248
249			// Add user login log
250			$sql = "INSERT INTO user_login_log(uid, login_dt, login_ip) VALUES($uid, NOW(), '" .
251			client_addr() . "')";
252			$rs = mysqli_query($db_conn, $sql);
253			if ($rs == false)
254			{
255			$result_set["return"]["code"] = -2;
256			$result_set["return"]["message"] = "Write log error: " . mysqli_error($db_conn);
257
258			mysqli_close($db_conn);
259			exit(json_encode($result_set));
260			}
261
262			// Commit transaction
263			$rs = mysqli_query($db_conn, "COMMIT");
264			if ($rs == false)
265			{
266			$result_set["return"]["code"] = -2;
267			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
268
269			mysqli_close($db_conn);
270			exit(json_encode($result_set));
271			}
272
273			// Forbidden user
274			if (!$row["p_login"])
275			{
276			$result_set["return"]["code"] = 3;
277			$result_set["return"]["message"] = "您已被封禁全站登陆权限！";
278
279			mysqli_close($db_conn);
280			exit(json_encode($result_set));
281			}
282			}
283			else
284			{
285			// Log login failure
286			$sql = "INSERT INTO user_err_login_log(username, password, login_dt, login_ip)
287			VALUES('$username', '$password', NOW(), '" . client_addr() . "')";
288
289			$rs = mysqli_query($db_conn, $sql);
290			if ($rs == false)
291			{
292			$result_set["return"]["code"] = -2;
293			$result_set["return"]["message"] = "Write log error: " . mysqli_error($db_conn);
294
295			mysqli_close($db_conn);
296			exit(json_encode($result_set));
297			}
298
299			// Commit transaction
300			$rs = mysqli_query($db_conn, "COMMIT");
301			if ($rs == false)
302			{
303			$result_set["return"]["code"] = -2;
304			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
305
306			mysqli_close($db_conn);
307			exit(json_encode($result_set));
308			}
309
310			$_SESSION["BBS_vn_str"] = ""; // Force change vn_str
311
312			$result_set["return"]["code"] = 3;
313			$result_set["return"]["message"] = "用户名或密码不正确";
314
315			mysqli_close($db_conn);
316			exit(json_encode($result_set));
317			}
318
319			// SET AUTOCOMMIT = 1
320			$rs = mysqli_query($db_conn, "SET autocommit=1");
321			if ($rs == false)
322			{
323			$result_set["return"]["code"] = -2;
324			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
325
326			mysqli_close($db_conn);
327			exit(json_encode($result_set));
328			}
329
330			//Load User Information
331			$ret = load_user_info($uid, $db_conn);
332			switch($ret)
333			{
334			case -1:
335			$result_set["return"]["code"] = -2;
336			$result_set["return"]["message"] = "User data not found: " . mysqli_error($db_conn);
337
338			mysqli_close($db_conn);
339			exit(json_encode($result_set));
340			case -2:
341			if (!$agreement)
342			{
343			$buffer = file_get_contents("./doc/license/" . (new DateTime($BBS_license_dt))->format("Ymd") . ".txt");
344
345			$result_set["return"]["code"] = 4;
346			$result_set["return"]["message"] = LML(htmlspecialchars($buffer, ENT_HTML401, 'UTF-8'), false, false, 1024);
347
348			mysqli_close($db_conn);
349			exit(json_encode($result_set));
350			}
351			break;
352			case -3:
353			$result_set["return"]["code"] = 3;
354			$result_set["return"]["message"] = "很遗憾，您已经永远离开了我们的世界……";
355
356			mysqli_close($db_conn);
357			exit(json_encode($result_set));
358			}
359
360			$sql = "UPDATE user_pubinfo SET visit_count = visit_count + 1,
361			last_login_dt = NOW() WHERE UID = $uid";
362			$rs = mysqli_query($db_conn, $sql);
363			if ($rs == false)
364			{
365			$result_set["return"]["code"] = -2;
366			$result_set["return"]["message"] = "Update login info error: " . mysqli_error($db_conn);
367
368			mysqli_close($db_conn);
369			exit(json_encode($result_set));
370			}
371
372			$_SESSION["BBS_uid"] = $uid;
373			$_SESSION["BBS_username"] = $username;
374			$_SESSION["BBS_login_tm"] = time();
375			$_SESSION["BBS_vn_str"] = "";
376
377			if (!keep_alive($db_conn))
378			{
379			$result_set["return"]["code"] = -2;
380			$result_set["return"]["message"] = "Keep alive error: " . mysqli_error($db_conn);
381
382			mysqli_close($db_conn);
383			exit(json_encode($result_set));
384			}
385
386			mysqli_close($db_conn);
387			exit(json_encode($result_set));
388			?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1