DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
173 Commits
3 Branches
110MB
Tree: ccf613be97
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ccf613be97'
${ noResults }
DedeV6/src/member/resetpassword.php

152 lines
4.5KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 密码重设

  4.  * 

  5.  * @version        $Id: resetpassword.php 1 8:38 2010年7月9日Z tianya $

  6.  * @package        DedeCMS.Member

  7.  * @copyright      Copyright (c) 2007 - 2018, DesDev, Inc.

  8.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  9.  * @license        https://www.dedebiz.com/license/v6

  10.  * @link           https://www.dedebiz.com

  11.  */

  12. require_once(dirname(__FILE__)."/config.php");

  13. require_once(DEDEMEMBER."/inc/inc_pwd_functions.php");

  14. if(empty($dopost)) $dopost = "";

  15. $id = isset($id)? intval($id) : 0;

  16. 

  17. if($dopost == "")

  18. {

  19.     include(dirname(__FILE__)."/templets/resetpassword.htm");

  20. }

  21. elseif($dopost == "getpwd")

  22. {

  23. 

  24.     //验证验证码

  25.     if(!isset($vdcode)) $vdcode = '';

  26. 

  27.     $svali = GetCkVdValue();

  28.     if(strtolower($vdcode) != $svali || $svali=='')

  29.     {

  30.         ResetVdValue();

  31.         ShowMsg("对不起,验证码输入错误!","-1");

  32.         exit();

  33.     }

  34. 

  35.     //验证邮箱,用户名

  36.     if(empty($mail) && empty($userid))

  37.     {

  38.         showmsg('对不起,请输入用户名或邮箱', '-1');

  39.         exit;

  40.     } else if (!preg_match("#(.*)@(.*)\.(.*)#", $mail))

  41.     {

  42.         showmsg('对不起,请输入正确的邮箱格式', '-1');

  43.         exit;

  44.     } else if (CheckUserID($userid, '', false) != 'ok')

  45.     {

  46.         ShowMsg("你输入的用户名 {$userid} 不合法!","-1");

  47.         exit();

  48.     }

  49.     $member = member($mail, $userid);

  50. 

  51.     //以邮件方式取回密码;

  52.     if($type == 1)

  53.     {

  54.         //判断系统邮件服务是否开启

  55.         if($cfg_sendmail_bysmtp == "Y")

  56.         {

  57.             sn($member['mid'],$userid,$member['email']);

  58.         }else

  59.         {

  60.             showmsg('对不起邮件服务暂未开启,请联系管理员', 'login.php');

  61.             exit();

  62.         }

  63. 

  64.         //以安全问题取回密码;

  65.     } else if ($type == 2)

  66.     {

  67.         if($member['safequestion'] == 0)

  68.         {

  69.             showmsg('对不起您尚未设置安全密码,请通过邮件方式重设密码', 'login.php');

  70.             exit;

  71.         }

  72.         require_once(dirname(__FILE__)."/templets/resetpassword3.htm");

  73.     }

  74.     exit();

  75. }

  76. else if($dopost == "safequestion")

  77. {

  78.     $mid = preg_replace("#[^0-9]#", "", $id);

  79.     $sql = "SELECT safequestion,safeanswer,userid,email FROM #@__member WHERE mid = '$mid'";

  80.     $row = $db->GetOne($sql);

  81.     if(empty($safequestion)) $safequestion = '';

  82. 

  83.     if(empty($safeanswer)) $safeanswer = '';

  84. 

  85.     if($row['safequestion'] == $safequestion && $row['safeanswer'] == $safeanswer)

  86.     {

  87.         sn($mid, $row['userid'], $row['email'], 'N');

  88.         exit();

  89.     }

  90.     else

  91.     {

  92.         ShowMsg("对不起,您的安全问题或答案回答错误","-1");

  93.         exit();

  94.     }

  95. 

  96. }

  97. else if($dopost == "getpasswd")

  98. {

  99.     //修改密码

  100.     if(empty($id))

  101.     {

  102.         ShowMsg("对不起,请不要非法提交","login.php");

  103.         exit();

  104.     }

  105.     $mid = preg_replace("#[^0-9]#", "", $id);

  106.     $row = $db->GetOne("SELECT * FROM #@__pwd_tmp WHERE mid = '$mid'");

  107.     if(empty($row))

  108.     {

  109.         ShowMsg("对不起,请不要非法提交","login.php");

  110.         exit();

  111.     }

  112.     if(empty($setp))

  113.     {

  114.         $tptim= (60*60*24*3);

  115.         $dtime = time();

  116.         if($dtime - $tptim > $row['mailtime'])

  117.         {

  118.             $db->executenonequery("DELETE FROM `#@__pwd_tmp` WHERE `md` = '$id';");

  119.             ShowMsg("对不起,临时密码修改期限已过期","login.php");

  120.             exit();

  121.         }

  122.         require_once(dirname(__FILE__)."/templets/resetpassword2.htm");

  123.     }

  124.     elseif($setp == 2)

  125.     {

  126.         if(isset($key)) $pwdtmp = $key;

  127. 

  128.         $sn = md5(trim($pwdtmp));

  129.         if($row['pwd'] == $sn)

  130.         {

  131.             if($pwd != "")

  132.             {

  133.                 if($pwd == $pwdok)

  134.                 {

  135.                     $pwdok = md5($pwdok);

  136.                     $sql = "DELETE FROM `#@__pwd_tmp` WHERE `mid` = '$id';";

  137.                     $db->executenonequery($sql);

  138.                     $sql = "UPDATE `#@__member` SET `pwd` = '$pwdok' WHERE `mid` = '$id';";

  139.                     if($db->executenonequery($sql))

  140.                     {

  141.                         showmsg('更改密码成功,请牢记新密码', 'login.php');

  142.                         exit;

  143.                     }

  144.                 }

  145.             }

  146.             showmsg('对不起,新密码为空或填写不一致', '-1');

  147.             exit;

  148.         }

  149.         showmsg('对不起,临时密码错误', '-1');

  150.         exit;

  151.     }

  152. }