function api_mailbox()
{
$this->app_check("post");
if (!isset($this->appAllow["user"]["mailbox"])) {
//无权限并记录日志
$_arr_return = array("alert" => "x050308");
$_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]);
$_arr_logType = array("user", "mailbox");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userSubmit = $this->mdl_user->input_mail_api();
if ($_arr_userSubmit["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userSubmit);
}
$_arr_sign = array("act_post" => $GLOBALS["act_post"], $_arr_userSubmit["user_by"] => $_arr_userSubmit["user_str"], "user_mail_new" => $_arr_userSubmit["user_mail_new"]);
if (isset($_arr_userSubmit["user_check_pass"]) && $_arr_userSubmit["user_check_pass"] == true) {
$_arr_sign["user_check_pass"] = true;
$_arr_sign["user_pass"] = $_arr_userSubmit["user_pass"];
} else {
$_arr_sign["user_check_pass"] = false;
}
if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) {
$_arr_return = array("alert" => "x050403");
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userSubmit["user_str"], $_arr_userSubmit["user_by"]);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_api->halt_re($_arr_userRow);
}
if ($_arr_userRow["user_status"] == "disable") {
$_arr_return = array("alert" => "x010401");
$this->obj_api->halt_re($_arr_return);
}
if ($_arr_userSubmit["user_mail_new"] == $_arr_userRow["user_mail"]) {
$_arr_return = array("alert" => "x010223");
$this->obj_api->halt_re($_arr_return);
}
$_is_pass = false;
if ($_arr_userSubmit["user_check_pass"] == true) {
if (fn_baigoEncrypt($_arr_userSubmit["user_pass"], $_arr_userRow["user_rand"], true) != $_arr_userRow["user_pass"]) {
$_arr_return = array("alert" => "x010213");
$this->obj_api->halt_re($_arr_return);
} else {
$_is_pass = true;
}
}
if (!isset($this->appAllow["user"]["global"]) && !$_is_pass) {
$_arr_belongRow = $this->mdl_belong->mdl_read($_arr_userRow["user_id"], $this->appRequest["app_id"]);
if ($_arr_belongRow["alert"] != "y070102") {
$_arr_return = array("alert" => "x050308");
$this->obj_api->halt_re($_arr_return);
}
}
if ((BG_REG_ONEMAIL == "false" || BG_LOGIN_MAIL == "on") && isset($_arr_userSubmit["user_mail_new"]) && $_arr_userSubmit["user_mail_new"]) {
$_arr_userRowChk = $this->mdl_user->mdl_read($_arr_userSubmit["user_mail_new"], "user_mail", $_arr_userRow["user_id"]);
//检查邮箱
if ($_arr_userRowChk["alert"] == "y010102") {
$_arr_return = array("alert" => "x010211");
$this->obj_api->halt_re($_arr_return);
}
}
//file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand);
if (BG_REG_CONFIRM == "on") {
$_arr_returnRow = $this->mdl_verify->mdl_submit($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]);
if ($_arr_returnRow["alert"] != "y120101" && $_arr_returnRow["alert"] != "y120103") {
$_arr_return = array("alert" => "x010405");
$this->obj_api->halt_re($_arr_return);
}
$_str_verifyUrl = BG_SITE_URL . BG_URL_ROOT . "user/ctl.php?mod=reg&act_get=mailbox&verify_id=" . $_arr_returnRow["verify_id"] . "&verify_token=" . $_arr_returnRow["verify_token"];
$_str_url = "<a href=\"" . $_str_verifyUrl . "\">" . $_str_verifyUrl . "</a>";
$_str_html = str_ireplace("{verify_url}", $_str_url, $this->obj_api->mail["mailbox"]["content"]);
$_str_html = str_ireplace("{user_name}", $_arr_userRow["user_name"], $_str_html);
$_str_html = str_ireplace("{user_mail}", $_arr_userRow["user_mail"], $_str_html);
$_str_html = str_ireplace("{user_mail_new}", $_arr_userSubmit["user_mail_new"], $_str_html);
if (fn_mailSend($_arr_userSubmit["user_mail_new"], $this->obj_api->mail["mailbox"]["subject"], $_str_html)) {
$_arr_returnRow["alert"] = "y010406";
} else {
$_arr_returnRow["alert"] = "x010406";
}
} else {
$_arr_returnRow = $this->mdl_user->mdl_mail($_arr_userRow["user_id"], $_arr_userSubmit["user_mail_new"]);
}
$_arr_returnRow["user_id"] = $_arr_userRow["user_id"];
$_arr_returnRow["user_name"] = $_arr_userRow["user_name"];
//unset($_arr_returnRow["alert"]);
$_str_src = fn_jsonEncode($_arr_returnRow, "encode");
$_str_code = $this->obj_crypt->encrypt($_str_src, $this->appRow["app_key"]);
$_arr_return = array("code" => $_str_code);
$_tm_time = time();
//通知
foreach ($this->appRows as $_key => $_value) {
$_arr_data = array("act_post" => "mailbox", "code" => $this->obj_crypt->encrypt($_str_src, $_value["app_key"]), "time" => $_tm_time, "app_id" => $_value["app_id"], "app_key" => $_value["app_key"]);
$_arr_data["signature"] = $this->obj_sign->sign_make($_arr_data);
if (stristr($_value["app_url_notify"], "?")) {
$_str_conn = "&";
} else {
$_str_conn = "?";
}
fn_http($_value["app_url_notify"] . $_str_conn . "mod=notify", $_arr_data, "post");
}
$_arr_return["alert"] = $_arr_returnRow["alert"];
$this->obj_api->halt_re($_arr_return);
}