Ejemplo n.º 1
0
function redefinirsenha()
{
    global $pdo;
    $l_pass = $_POST['l_pass'];
    $lc_pass = $_POST['lc_pass'];
    $l_senha = $_POST['l_senha'];
    $l_usuario = $_POST['l_usuario'];
    $sql = "SELECT * FROM tb_lostpassword WHERE lostpassid = '{$l_senha}' AND email = '{$l_usuario}'";
    $query = $pdo->query($sql);
    $contador = $query->rowCount();
    $resultado = $query->fetch();
    if ($contador == 1 && $resultado['status'] == 0) {
        if ($l_pass == $lc_pass) {
            $newsenha = encrypt_pass($l_pass);
            $sql = "UPDATE tb_usuarios SET senha = '{$newsenha}' WHERE email = '{$l_usuario}'";
            $status = "UPDATE tb_lostpassword SET status = '1' WHERE lostpassid = '{$l_senha}' AND email = '{$l_usuario}'";
            $query = $pdo->query($sql);
            $query2 = $pdo->query($status);
            if (!$query and !$query2) {
                echo "\n\t\t\t        \t<META HTTP-EQUIV=REFRESH CONTENT = '0;URL=login.php'>\n\t\t\t        \t<script type=\"text/javascript\">\n\t\t\t        \talert(\"Sua senha não pôde ser redefinida. Tente mais tarde.\");\n\t\t\t        \t</script>\n\t\t\t      \t";
            } else {
                echo "\n\t\t\t        \t<META HTTP-EQUIV=REFRESH CONTENT = '0;URL=login.php'>\n\t\t\t        \t<script type=\"text/javascript\">\n\t\t\t        \talert(\"Sucesso! Sua senha foi redefinida com sucesso.\");\n\t\t\t        \twindow.location = \"index\";\n\t\t\t        \t</script>\n\t\t\t      \t";
            }
        } else {
            echo "\n\t\t        \t<META HTTP-EQUIV=REFRESH CONTENT = '0;URL='>\n\t\t        \t<script type=\"text/javascript\">\n\t\t        \talert(\"As senhas não podem ser diferentes. Digite senhas iguais.\");\n\t\t        \t</script>\n\t\t      \t";
        }
    } else {
        echo "\n\t        \t<META HTTP-EQUIV=REFRESH CONTENT = '0;URL=/recuperar.php'>\n\t        \t<script type=\"text/javascript\">\n\t        \talert(\"A redefinição da senha expirou. Solicite novamente uma nova senha.\");\n\t        \t</script>\n\t      \t";
    }
}
Ejemplo n.º 2
0
				$conf = parse_ini_file ('../conf/config.php', true);
				$conf['Database']['master']['master'] = true;
				if (isset ($conf['Database']['master']['file'])) {
					$conf['Database']['master']['file'] = '../' . $conf['Database']['master']['file'];
				}

				DB::$prefix = $conf['Database']['prefix'];

				if (! DB::open ($conf['Database']['master'])) {
					$data['error'] = DB::error ();
				} else {
					$date = gmdate ('Y-m-d H:i:s');
					if (! DB::execute (
						"update `#prefix#user` set `email` = ?, `password` = ?, `name` = ? where `id` = 1",
						$_POST['email_from'],
						encrypt_pass ($_POST['pass']),
						$_POST['your_name']
					)) {
						$data['error'] = DB::error ();
					} else {
						$data['ready'] = true;
					}
				}
			}
		} else {
			// set some default values
			$_POST['site_name'] = 'Your Site Name';
			$_POST['email_from'] = '*****@*****.**';
		}
		break;
Ejemplo n.º 3
0
     $new_id = $_POST['the_set_id'];
     if (!preg_match('/^[A-Za-z0-9]+$/', $new_id) || strlen($new_id) < 3 || strlen($new_id) > 200) {
         //如果ID不符合规范
         show_error_exit("错误:输入的ID不合法");
     }
     //判断新ID是否已有笔记本
     $sql_return = mysqli_query($notesql, "SELECT ID, content FROM " . $sql_table . " WHERE ID='" . $new_id . "'");
     $newid_the_content = mysqli_fetch_array($sql_return);
     $this_ID_have_note = isset($newid_the_content['ID']) && $newid_the_content['ID'];
     if ($this_ID_have_note) {
         show_error_exit("错误:输入的ID已存在");
     }
     //设置新ID
     mysqli_query($notesql, "UPDATE " . $sql_table . " SET ID = '" . $new_id . "' WHERE ID = '" . $noteId . "'");
     //更新密码md5
     $new_passwd_md5 = encrypt_pass($new_id, $password);
     mysqli_query($notesql, "UPDATE " . $sql_table . " SET passwd = '" . $new_passwd_md5 . "' WHERE ID = '" . $new_id . "'");
     //有密码标记为假
     $passwd = false;
     //如果用户中已记录这个ID,则删除它
     if (isset($_COOKIE['myNoteUsername'])) {
         $key = array_search($noteId, $user_notes_array);
         array_splice($user_notes_array, $key, 1);
         $user_notes = implode(";", $user_notes_array);
         mysqli_query($notesql, "UPDATE " . $sql_table_user . " SET notes = '" . $user_notes . "' WHERE username = '******'");
     }
     reLocation($new_id);
 }
 if (isset($_POST['the_username'])) {
     $username = $_POST['the_username'];
     if (!preg_match('/^[A-Za-z0-9]+$/', $username) || strlen($username) < 3 || strlen($username) > 200) {
Ejemplo n.º 4
0
         $config = preg_replace('/site_key = .*(?:\\r\\n|\\r|\\n)/', 'site_key = "' . md5(uniqid(rand(), true)) . '"' . PHP_EOL, $config, 1);
         if (!file_put_contents('../conf/config.php', $config)) {
             $data['error'] = __('Failed to write to conf/config.php');
         } else {
             // create the admin user now
             $conf = parse_ini_file('../conf/config.php', true);
             $conf['Database']['master']['master'] = true;
             if (isset($conf['Database']['master']['file'])) {
                 $conf['Database']['master']['file'] = '../' . $conf['Database']['master']['file'];
             }
             DB::$prefix = $conf['Database']['prefix'];
             if (!DB::open($conf['Database']['master'])) {
                 $data['error'] = DB::error();
             } else {
                 $date = gmdate('Y-m-d H:i:s');
                 if (!DB::execute("update `#prefix#user` set `email` = ?, `password` = ?, `name` = ? where `id` = 1", $_POST['email_from'], encrypt_pass($_POST['pass']), $_POST['your_name'])) {
                     $data['error'] = DB::error();
                 } else {
                     $data['ready'] = true;
                 }
             }
         }
     } else {
         // set some default values
         $_POST['site_name'] = 'Your Site Name';
         $_POST['email_from'] = '*****@*****.**';
     }
     break;
 case 'finished':
     @umask(00);
     @touch('../conf/installed');
Ejemplo n.º 5
0
<?php

function encrypt_pass($parametro)
{
    $parametro = md5($parametro);
    $senhadb = md5($parametro);
    return $senhadb;
}
echo encrypt_pass('3755d43776');
Ejemplo n.º 6
0
/****************** 新送出註冊單 *******************/
if ($_POST['action'] == 'add_new_user_pending') {
    $response_array['status'] = false;
    $response_array['message'] = "";
    $email_regex = '/^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})$/';
    if (!empty($_POST['useradd']) && !empty($_POST['passadd']) && !empty($_POST['nick']) && !empty($_POST['bbs']) && !empty($_POST['ref']) && !empty($_POST['intro']) && !empty($_POST['email']) && mb_strlen($_POST['passadd']) > 3 && mb_strlen($_POST['passadd']) < 21) {
        if (!preg_match($email_regex, $_POST['email'])) {
            $response_array['message'] = "E-mail 格式不正確!";
        } else {
            if (is_username_used($_POST['useradd'])) {
                $response_array['message'] = "帳號已被使用!";
            } else {
                if (is_username_registing($_POST['useradd'])) {
                    $response_array['message'] = "等待審核中,請勿重複送出申請!";
                } else {
                    $add = add_new_user_pending(htmlspecialchars($_POST['useradd'], ENT_QUOTES, "UTF-8"), encrypt_pass($_POST['passadd']), $_POST['email'], $_SERVER['REMOTE_ADDR'], time(), htmlspecialchars($_POST['nick'], ENT_QUOTES, "UTF-8"), htmlspecialchars($_POST['bbs'], ENT_QUOTES, "UTF-8"), htmlspecialchars($_POST['ref'], ENT_QUOTES, "UTF-8"), htmlspecialchars($_POST['intro'], ENT_QUOTES, "UTF-8"));
                    $to = "*****@*****.**";
                    $subject = "=?UTF-8?B?" . base64_encode("[SnowServer] 新註冊單") . "?=";
                    $headers = 'MIME-Version: 1.0' . "\r\n" . "Content-type: text/html; charset=utf-8\r\n" . "From: snowserver@mine.snowtec.org\r\n" . "Reply-to: taya86334@gmail.com";
                    $message = '<html><body>' . '<p><strong>' . htmlspecialchars($_POST['nick'], ENT_QUOTES, "UTF-8") . '</strong> ' . '填寫了註冊單。</p>' . '<p>請上<a href="http://mine.snowtec.org/pwd">網站</a>審核。</p>' . '</body></html>';
                    mail($to, $subject, $message, $headers);
                    if ($add) {
                        $response_array['status'] = true;
                        $response_array['message'] = "成功送出申請!";
                    } else {
                        $response_array['message'] = "資料庫連線錯誤!請通知管理員。";
                    }
                }
            }
        }
    } else {
Ejemplo n.º 7
0
<?php

require '../admin/classes/Database.php';
$pdo = Database::connect();
function encrypt_pass($parametro)
{
    $parametro = md5($parametro);
    $senhadb = md5($parametro);
    return $senhadb;
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $password = $_POST['passnick'];
    $encsenha = encrypt_pass($password);
    $userlogs = $_POST['usernick'];
    if (!$pdo) {
        echo 'Não foi possível se conectar ao banco de dados';
    } else {
        // Tá conectado, vamos buscar os dados de acesso para comprar.
        $consulta = "SELECT * FROM tb_usuarios WHERE email = '{$userlogs}'";
        $resultado = $pdo->query($consulta);
        $dados = $resultado->fetch();
        if ($resultado->rowCount() == 1) {
            if ($dados["senha"] == $encsenha) {
                if ($dados["status"] == 1) {
                    session_start();
                    $_SESSION['usuarioPassw'] = $dados["senha"];
                    $_SESSION['usuarioEmail'] = $dados["email"];
                    $_SESSION['usuarioNomes'] = $dados["nome"];
                    $_SESSION['usuarioNivel'] = $dados["nivel"];
                    $_SESSION['usuarioStatus'] = $dados["status"];
                    echo '<script>window.location = "admin/home/index";</script>';