国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.

119 lignes
4.4KB

  1. <?php
  2. /**
  3. * 密码重设
  4. *
  5. * @version $id:resetpassword.php 8:38 2010年7月9日 tianya $
  6. * @package DedeBIZ.User
  7. * @copyright Copyright (c) 2022 DedeBIZ.COM
  8. * @license https://www.dedebiz.com/license
  9. * @link https://www.dedebiz.com
  10. */
  11. require_once(dirname(__FILE__)."/config.php");
  12. require_once(DEDEMEMBER."/inc/inc_pwd_functions.php");
  13. if (empty($dopost)) $dopost = "";
  14. $id = isset($id) ? intval($id) : 0;
  15. if ($dopost == "") {
  16. include(dirname(__FILE__)."/templets/resetpassword.htm");
  17. } elseif ($dopost == "getpwd") {
  18. //验证验证码
  19. if (!isset($vdcode)) $vdcode = '';
  20. $svali = GetCkVdValue();
  21. if (strtolower($vdcode) != $svali || $svali == '') {
  22. ResetVdValue();
  23. ShowMsg("验证码输入错误", "-1");
  24. exit();
  25. }
  26. //验证邮箱,用户名
  27. if (empty($mail) && empty($userid)) {
  28. showmsg('请输入用户名或邮箱', '-1');
  29. exit;
  30. } else if (!preg_match("#(.*)@(.*)\.(.*)#", $mail)) {
  31. showmsg('请输入正确的邮箱格式', '-1');
  32. exit;
  33. } else if (CheckUserID($userid, '', false) != 'ok') {
  34. ShowMsg("您输入的用户名 {$userid} 不合法", "-1");
  35. exit();
  36. }
  37. $member = member($mail, $userid);
  38. //以邮件方式取回密码;
  39. if ($type == 1) {
  40. //判断系统邮件服务是否开启
  41. if ($cfg_sendmail_bysmtp == "Y") {
  42. sn($member['mid'], $userid, $member['email']);
  43. } else {
  44. showmsg('邮件服务暂未开启,请联系管理员', 'login.php');
  45. exit();
  46. }
  47. //以安全问题取回密码;
  48. } else if ($type == 2) {
  49. if ($member['safequestion'] == 0) {
  50. showmsg('您尚未设置安全密码,请通过邮件方式重设密码', 'login.php');
  51. exit;
  52. }
  53. require_once(dirname(__FILE__)."/templets/resetpassword3.htm");
  54. }
  55. exit();
  56. } else if ($dopost == "safequestion") {
  57. $mid = preg_replace("#[^0-9]#", "", $id);
  58. $sql = "SELECT safequestion,safeanswer,userid,email FROM `#@__member` WHERE mid = '$mid'";
  59. $row = $db->GetOne($sql);
  60. if (empty($safequestion)) $safequestion = '';
  61. if (empty($safeanswer)) $safeanswer = '';
  62. if ($row['safequestion'] === $safequestion && $row['safeanswer'] === $safeanswer) {
  63. sn($mid, $row['userid'], $row['email'], 'N');
  64. exit();
  65. } else {
  66. ShowMsg("您的安全问题或答案回答错误", "-1");
  67. exit();
  68. }
  69. } else if ($dopost == "getpasswd") {
  70. //修改密码
  71. if (empty($id)) {
  72. ShowMsg("请不要非法提交", "login.php");
  73. exit();
  74. }
  75. $mid = preg_replace("#[^0-9]#", "", $id);
  76. $row = $db->GetOne("SELECT * FROM `#@__pwd_tmp` WHERE mid = '$mid'");
  77. if (empty($row)) {
  78. ShowMsg("请不要非法提交", "login.php");
  79. exit();
  80. }
  81. if (empty($setp)) {
  82. $tptim = (60 * 60 * 24 * 3);
  83. $dtime = time();
  84. if ($dtime - $tptim > $row['mailtime']) {
  85. $db->executenonequery("DELETE FROM `#@__pwd_tmp` WHERE `md` = '$id';");
  86. ShowMsg("临时密码修改期限已过期", "login.php");
  87. exit();
  88. }
  89. require_once(dirname(__FILE__)."/templets/resetpassword2.htm");
  90. } elseif ($setp == 2) {
  91. if (isset($key)) $pwdtmp = $key;
  92. $sn = md5(trim($pwdtmp));
  93. if ($row['pwd'] == $sn) {
  94. if ($pwd != "") {
  95. if ($pwd == $pwdok) {
  96. $pp = "pwd";
  97. if (function_exists('password_hash')) {
  98. $pp = "pwd_new";
  99. $pwdok = password_hash($pwdok, PASSWORD_BCRYPT);
  100. } else {
  101. $pwdok = md5($pwdok);
  102. }
  103. $sql = "DELETE FROM `#@__pwd_tmp` WHERE `mid` = '$id';";
  104. $db->executenonequery($sql);
  105. $sql = "UPDATE `#@__member` SET `$pp` = '$pwdok' WHERE `mid` = '$id';";
  106. if ($db->executenonequery($sql)) {
  107. ShowMsg('修改密码成功,请牢记新密码', 'login.php');
  108. exit;
  109. }
  110. }
  111. }
  112. ShowMsg('新密码为空或填写不一致', '-1');
  113. exit;
  114. }
  115. ShowMsg('临时密码错误', '-1');
  116. exit;
  117. }
  118. }
  119. ?>