ecshop需求:
1. 新注册的用户需要后台管理员进行确认之后才能成为正式用户。
2. 新用户注册之后,提示请等待管理员确认后才能使用。
3. 新注册的用户,如果管理员没有对其注册身份进行确认,在登录时会提示请等待管理员确认之后才能登录。
在观察数据库表的时候发现,users表中有个is_validated字段,默认是0,表明没有通过验证。我们基于这个字段来实现本文要求的功能。
升级说明
新注册的ecshop用户需要后台管理员确认之后才能成为正式注册的用户。在用户提交注册信息之后,提示用户管理员会通过电话对其身份进行确认。未确认的用户无法登录,未确认用户登录时会提示需要确认的信息。
升级方法
【1】在languages\zh_cn\admin\users.php中增加:
-
$_LANG['invalid_is_validated'] = '只能输入0或1。0为无效,1为有效';
【2】在languages\zh_cn\user.php中增加:
-
$_LANG['login_failure_invalid'] = '需管理员确认身份之后才能登陆';
【3】修改includes\modules\integrates\integrate.php中的login函数为:
-
-
-
-
-
-
-
-
-
-
function login($username,$password, $remember = null)
-
{
-
$rt = $this->check_user($username, $password);
-
-
if ($rt > 0)
-
{
-
if($this->need_sync)
-
{
-
$this->sync($username,$password);
-
}
-
$this->set_session($username);
-
$this->set_cookie($username, $remember);
-
-
return 1;
-
}
-
else if ($rt == -1)
-
{
-
-
return -1;
-
}
-
else
-
{
-
return 0;
-
}
-
}
修改add_user函数为:
-
-
-
-
-
-
-
-
-
functionadd_user($username, $password, $email, $gender = -1, $bday = 0, $reg_date=0,$md5password='')
-
{
-
-
if($this->check_user($username) != 0)
-
{
-
$this->error =ERR_USERNAME_EXISTS;
-
-
return false;
-
}
-
-
$sql = "SELECT" . $this->field_id .
-
" FROM" . $this->table($this->user_table).
-
" WHERE" . $this->field_email . " = '$email'";
-
if($this->db->getOne($sql, true) > 0)
-
{
-
$this->error =ERR_EMAIL_EXISTS;
-
-
return false;
-
}
-
-
$post_username =$username;
-
-
if ($md5password)
-
{
-
$post_password =$this->compile_password(array('md5password'=>$md5password));
-
}
-
else
-
{
-
$post_password =$this->compile_password(array('password'=>$password));
-
}
-
-
$fields =array($this->field_name, $this->field_email, $this->field_pass);
-
$values =array($post_username, $email, $post_password);
-
-
if ($gender > -1)
-
{
-
$fields[] =$this->field_gender;
-
$values[] =$gender;
-
}
-
if ($bday)
-
{
-
$fields[] =$this->field_bday;
-
$values[] = $bday;
-
}
-
if ($reg_date)
-
{
-
$fields[] =$this->field_reg_date;
-
$values[] =$reg_date;
-
}
-
-
$sql = "INSERTINTO " . $this->table($this->user_table).
-
" (". implode(',', $fields) . ")".
-
" VALUES('" . implode("', '", $values) . "')";
-
-
$this->db->query($sql);
-
-
if($this->need_sync)
-
{
-
$this->sync($username, $password);
-
}
-
-
return true;
-
}
【4】修改includes\modules\integrates\ecshop.php文件内容为:
-
<?php
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
if (!defined('IN_ECS'))
-
{
-
die('Hacking attempt');
-
}
-
-
-
if (isset($set_modules) && $set_modules == TRUE)
-
{
-
$i = (isset($modules)) ?count($modules) : 0;
-
-
-
$modules[$i]['code'] = 'ecshop';
-
-
-
$modules[$i]['name'] = 'ECSHOP';
-
-
-
$modules[$i]['version'] ='2.0';
-
-
-
$modules[$i]['author'] = 'ECSHOPR&D TEAM';
-
-
-
$modules[$i]['website'] ='http://www.ldhost.cn';
-
-
return;
-
}
-
-
require_once(ROOT_PATH .'includes/modules/integrates/integrate.php');
-
class ecshop extends integrate
-
{
-
var $is_ecshop = 1;
-
var $is_validated = '0';
-
-
function __construct($cfg)
-
{
-
$this->ecshop($cfg);
-
}
-
-
-
-
-
-
-
-
-
-
function ecshop($cfg)
-
{
-
parent::integrate(array());
-
$this->user_table ='users';
-
$this->field_id ='user_id';
-
$this->ec_salt ='ec_salt';
-
$this->field_name ='user_name';
-
$this->field_pass ='password';
-
$this->field_email= 'email';
-
$this->field_gender= 'sex';
-
$this->field_bday ='birthday';
-
$this->field_reg_date = 'reg_time';
-
$this->need_sync =false;
-
$this->is_ecshop =1;
-
$this->is_validated= "is_validated";
-
}
-
-
-
-
-
-
-
-
-
-
-
functioncheck_user($username, $password = null)
-
{
-
if ($this->charset!= 'UTF8')
-
{
-
$post_username =ecs_iconv('UTF8', $this->charset, $username);
-
}
-
else
-
{
-
$post_username =$username;
-
}
-
-
if ($password ===null)
-
{
-
$sql ="SELECT " . $this->field_id .
-
" FROM" . $this->table($this->user_table).
-
"WHERE " . $this->field_name . "='" . $post_username ."'";
-
-
return$this->db->getOne($sql);
-
}
-
else
-
{
-
-
$sql = "SELECTuser_id, password, is_validated, salt,ec_salt " .
-
" FROM" . $this->table($this->user_table).
-
"WHERE user_name='$post_username'";
-
$row =$this->db->getRow($sql);
-
$ec_salt=$row['ec_salt'];
-
if (empty($row))
-
{
-
return 0;
-
}
-
-
$is_validated =$row['is_validated'];
-
-
if (0 ==$is_validated)
-
{
-
-
return -1;
-
}
-
-
if(empty($row['salt']))
-
{
-
if($row['password'] !=$this->compile_password(array('password'=>$password,'ec_salt'=>$ec_salt)))
-
{
-
return 0;
-
}
-
else
-
{
-
if(empty($ec_salt))
-
{
-
$ec_salt=rand(1,9999);
-
$new_password=md5(md5($password).$ec_salt);
-
$sql = "UPDATE".$this->table($this->user_table)."SET password= '".$new_password."',ec_salt='".$ec_salt."'".
-
"WHERE user_name='$post_username'";
-
$this->db->query($sql);
-
-
}
-
return$row['user_id'];
-
}
-
}
-
else
-
{
-
-
$encrypt_type= substr($row['salt'], 0, 1);
-
$encrypt_salt= substr($row['salt'], 1);
-
-
-
$encrypt_password = '';
-
switch($encrypt_type)
-
{
-
caseENCRYPT_ZC :
-
$encrypt_password = md5($encrypt_salt.$password);
-
break;
-
-
-
-
-
caseENCRYPT_UC :
-
$encrypt_password = md5(md5($password).$encrypt_salt);
-
break;
-
-
default:
-
$encrypt_password = '';
-
-
}
-
-
if($row['password'] != $encrypt_password)
-
{
-
return 0;
-
}
-
-
$sql ="UPDATE " . $this->table($this->user_table) .
-
"SET password = '". $this->compile_password(array('password'=>$password)) . "',salt=''".
-
"WHERE user_id = '$row[user_id]'";
-
$this->db->query($sql);
-
-
return$row['user_id'];
-
}
-
}
-
}
-
-
-
-
-
-
-
-
-
-
-
function edit_user($cfg)
-
{
-
if (empty($cfg['username']))
-
{
-
return false;
-
}
-
else //www.ldhost.cn
-
{
-
$cfg['post_username'] = $cfg['username'];
-
}
-
-
$values = array();
-
if (!empty($cfg['password']) && empty($cfg['md5password']))
-
{
-
$cfg['md5password'] = md5($cfg['password']);
-
}
-
if ((!empty($cfg['md5password'])) &&$this->field_pass != 'NULL')
-
{
-
$values[] = $this->field_pass . "='" .$this->compile_password(array('md5password'=>$cfg['md5password'])) ."'";
-
}
-
-
if ((!empty($cfg['email'])) && $this->field_email !='NULL')
-
{
-
-
$sql = "SELECT " . $this->field_id .
-
" FROM " .$this->table($this->user_table).
-
" WHERE " . $this->field_email . " ='$cfg[email]' ".
-
" AND " . $this->field_name . " !='$cfg[post_username]'";
-
if ($this->db->getOne($sql, true) > 0)
-
{
-
$this->error = ERR_EMAIL_EXISTS;
-
-
return false;
-
}
-
-
$sql = "SELECT count(*)" .
-
" FROM " .$this->table($this->user_table).
-
" WHERE " . $this->field_email ." = '$cfg[email]' ";
-
if($this->db->getOne($sql, true) == 0)
-
{
-
-
$sql = "UPDATE " . $GLOBALS['ecs']->table('users'). " SET is_validated = 0 WHERE user_name = '$cfg[post_username]'";
-
$this->db->query($sql);
-
}
-
$values[] = $this->field_email . "='".$cfg['email'] . "'";
-
}
-
-
if (isset($cfg['gender']) && $this->field_gender !='NULL')
-
{
-
$values[] = $this->field_gender . "='" .$cfg['gender'] . "'";
-
}
-
-
if ((!empty($cfg['bday'])) && $this->field_bday !='NULL')
-
{
-
$values[] = $this->field_bday . "='" .$cfg['bday'] . "'";
-
}
-
-
if ((!is_null($cfg['is_validated'])) &&$this->is_validated != 'NULL')
-
{
-
$values[] = $this->is_validated . "='" .$cfg['is_validated'] . "'";
-
}
-
-
if ($values)
-
{
-
$sql = "UPDATE " .$this->table($this->user_table).
-
" SET " . implode(', ', $values).
-
" WHERE " . $this->field_name ."='" . $cfg['post_username'] . "' LIMIT 1";
-
-
$this->db->query($sql);
-
-
if ($this->need_sync)
-
{
-
if (empty($cfg['md5password']))
-
{
-
$this->sync($cfg['username']);
-
}
-
else
-
{
-
$this->sync($cfg['username'], '',$cfg['md5password']);
-
}
-
}
-
}
-
-
return true;
-
}
-
}
-
-
?>
【5】修改admin\templates\users_list.htm中的:
-
<td align="center">{if $user.is_validated} <imgsrcimgsrc="images/yes.gif"> {else} <imgsrcimgsrc="images/no.gif"> {/if}</td>
为:
-
<td align="center"><spanonclickspanonclick="listTable.edit(this, 'edit_is_validated', {$user.user_id})"id="is_validated_text">{if $user.is_validated} <imgsrcimgsrc="images/yes.gif"> {else} <img src="images/no.gif">{/if}</td></span></td>
【6】修改admin\js\listtable.js中的listTable.edit响应函数为:
-
-
-
-
listTable.edit = function(obj, act, id)
-
{
-
var tag =obj.firstChild.tagName;
-
-
if (typeof(tag) !="undefined" && tag.toLowerCase() == "input")
-
{
-
return;
-
}
-
-
-
var org = obj.innerHTML;
-
var val = Browser.isIE ?obj.innerText : obj.textContent;
-
-
-
var txt =document.createElement("INPUT");
-
txt.value = (val == 'N/A') ?'' : val;
-
txt.style.width =(obj.offsetWidth + 12) + "px" ;
-
-
-
obj.innerHTML ="";
-
obj.appendChild(txt);
-
txt.focus();
-
-
-
txt.onkeypress = function(e)
-
{
-
var evt =Utils.fixEvent(e);
-
var obj = Utils.srcElement(e);
-
-
if (evt.keyCode == 13)
-
{
-
obj.blur();
-
//www.ldhost.cn
-
return false;
-
}
-
-
if (evt.keyCode == 27)
-
{
-
obj.parentNode.innerHTML= org;
-
}
-
}
-
-
-
txt.onblur = function(e)
-
{
-
if(Utils.trim(txt.value).length > 0)
-
{
-
res =Ajax.call(listTable.url, "act="+act+"&val=" +encodeURIComponent(Utils.trim(txt.value)) + "&id=" +id, null,"POST", "JSON", false);
-
-
if (res.message)
-
{
-
alert(res.message);
-
}
-
-
if(res.id &&(res.act == 'goods_auto' || res.act == 'article_auto'))
-
{
-
document.getElementById('del'+res.id).innerHTML = "<ahref=\""+ thisfile +"?goods_id="+ res.id+"&act=del\" onclick=\"returnconfirm('"+deleteck+"');\">"+deleteid+"</a>";
-
}
-
-
obj.innerHTML =(res.error == 0) ? res.content : org;
-
}
-
else
-
{
-
obj.innerHTML = org;
-
}
-
-
if (act =='edit_is_validated')
-
{
-
if (obj.innerHTML == '1')
-
{
-
obj.innerHTML ='<img src="images/yes.gif">';
-
}
-
else
-
{
-
obj.innerHTML = '<imgsrc="images/no.gif">';
-
}
-
}
-
}
-
}
【7】在admin\users.php中增加:
-
-
-
-
elseif ($_REQUEST['act'] == 'edit_is_validated')
-
{
-
-
check_authz_json('users_manage');
-
-
$id =empty($_REQUEST['id']) ? 0 : intval($_REQUEST['id']);
-
$is_validated =is_null($_REQUEST['val']) ? '' : json_str_iconv(trim($_REQUEST['val']));
-
-
$users =&init_users(); //www.ldhost.cn
-
-
$sql = "SELECTuser_name, email FROM " . $ecs->table('users') . " WHERE user_id ='$id'";
-
$row =$db->GetRow($sql);
-
$username =$row["user_name"];
-
$email =$row["email"];
-
-
-
if (($is_validated == '0')|| ($is_validated == 1))
-
{
-
if($users->edit_user(array('username'=>$username, 'email'=>$email,'is_validated'=>$is_validated)))
-
{
-
admin_log(addslashes($username),'edit', 'users');
-
-
make_json_result(stripcslashes($is_validated));
-
}
-
else
-
{
-
$msg =($users->error == ERR_EMAIL_EXISTS) ? $GLOBALS['_LANG']['email_exists'] :$GLOBALS['_LANG']['edit_user_failed'];
-
make_json_error($msg);
-
}
-
}
-
else
-
{
-
make_json_error($GLOBALS['_LANG']['invalid_is_validated']);
-
}
-
}
【8】user.php中将:
-
show_message(sprintf($_LANG['register_success'], $username .$ucdata), array($_LANG['back_up_page'], $_LANG['profile_lnk']),array($back_act, 'user.php'), 'info');
改为:
-
show_message(sprintf($_LANG['register_success'], $username .$ucdata), array($_LANG['back_up_page']), array($back_act), 'info');
将
-
if ($user->check_user($username) || admin_registered($username))
改为:
-
if (($user->check_user($username) != 0) ||admin_registered($username))
将:
-
if ($user->login($username, $password,isset($_POST['remember'])))
-
{
-
update_user_info();
-
recalculate_price();
-
-
$ucdata =isset($user->ucdata)? $user->ucdata : '';
-
show_message($_LANG['login_success'] . $ucdata ,array($_LANG['back_up_page'], $_LANG['profile_lnk']),array($back_act,'user.php'), 'info');
-
}
改为:
-
$rt = $user->login($username,$password,isset($_POST['remember']));
-
if ($rt > 0)
-
{
-
update_user_info();
-
recalculate_price();
-
-
$ucdata =isset($user->ucdata)? $user->ucdata : '';
-
show_message($_LANG['login_success'] . $ucdata ,array($_LANG['back_up_page'], $_LANG['profile_lnk']),array($back_act,'user.php'), 'info');
-
}
-
else if ($rt == -1)
-
{
-
show_message($_LANG['login_failure_invalid'], $_LANG['relogin_lnk'],'user.php', 'error');
-
}
将:
-
if ($user->login($username, $password))
-
{
-
update_user_info();
-
recalculate_price();
-
$smarty->assign('user_info', get_user_info());
-
$ucdata =empty($user->ucdata)? "" : $user->ucdata;
-
$result['ucdata'] =$ucdata;
-
$result['content'] =$smarty->fetch('library/member_info.lbi');
-
}
改为:
-
$rt =$user->login($username, $password);
-
if ($rt > 0)
-
{
-
update_user_info();
-
recalculate_price();
-
$smarty->assign('user_info', get_user_info());
-
$ucdata =empty($user->ucdata)? "" : $user->ucdata;
-
$result['ucdata'] =$ucdata;
-
$result['content'] =$smarty->fetch('library/member_info.lbi');
-
}
-
else if ($rt == -1) //www.ldhost.cn
-
{
-
if ($_SESSION['login_fail'] > 2)
-
{
-
$smarty->assign('enabled_captcha', 1);
-
$result['html'] =$smarty->fetch('library/member_info.lbi');
-
}
-
$result['error'] = 1;
-
$result['content'] = $_LANG['login_failure_invalid'];
-
}<span style="font-family: Arial, Helvetica, sans-serif; background-color: rgb(255, 255, 255);"> </span>
将:
-
if (($user_info && (!empty($code) &&md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']) ==$code)) || ($_SESSION['user_id']>0 && $_SESSION['user_id'] ==$user_id && $user->check_user($_SESSION['user_name'],$old_password)))
改为:
-
if (($user_info && (!empty($code) &&md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']) ==$code)) || ($_SESSION['user_id']>0 && $_SESSION['user_id'] ==$user_id && ($user->check_user($_SESSION['user_name'],$old_password) > 0)))
【9】flow.php中将:
-
if ($user->login($_POST['username'],$_POST['password'],isset($_POST['remember'])))
-
{
-
update_user_info();
-
recalculate_price();
-
-
-
$sql ="SELECT COUNT(*) FROM " . $ecs->table('cart') . " WHEREsession_id = '" . SESS_ID . "' ";
-
if($db->getOne($sql) > 0)
-
{
-
ecs_header("Location:flow.php?step=checkout\n");
-
}
-
else
-
{
-
ecs_header("Location:index.php\n");
-
}
-
-
exit;
-
}
改为:
-
$rt = $user->login($_POST['username'],$_POST['password'],isset($_POST['remember']));
-
if ($rt > 0)
-
{
-
update_user_info();
-
recalculate_price();
-
-
-
$sql ="SELECT COUNT(*) FROM " . $ecs->table('cart') . " WHEREsession_id = '" . SESS_ID . "' ";
-
if($db->getOne($sql) > 0)
-
{
-
ecs_header("Location: flow.php?step=checkout\n");
-
}
-
else
-
{
-
ecs_header("Location:index.php\n");
-
}
-
-
exit;
-
}
-
else if ($rt ==-1)
-
{
-
show_message($_LANG['login_failure_invalid'],$_LANG['relogin_lnk'], 'user.php', 'error');
-
}
-
转载请注明网址 https://www.ldhost.cn/help/php/ecshop/2029.html(责任编辑:好模板) |