unset($_SESSION[$seid]);
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['email']) && trim($_POST['email']) != '') {
$email = htmlspecialchars(trim($_POST['email']), ENT_QUOTES);
$q_res = sprintf('select a.uid, b.pwdrcode, b.pwdrdate from %s as a, %s as b where a.email=%s and a.uid=b.uid limit 1', $dbprefix . 'members', $yjl_dbprefix . 'members', yjl_SQLString($email, 'text'));
echo $q_res;
$res = mysql_query($q_res) or die('');
$r_res = mysql_fetch_assoc($res);
if (mysql_num_rows($res) > 0) {
if ($r_res['pwdrdate'] <= time() - 86400 * $yxts || $r_res['pwdrcode'] == '') {
$r_res['pwdrcode'] = md5($email . '|' . time() . '|' . rand(0, 9999));
}
$uSQL = sprintf('update %s set pwdrcode=%s, pwdrdate=%s where uid=%s', $yjl_dbprefix . 'members', yjl_SQLString($r_res['pwdrcode'], 'text'), time(), $r_res['uid']);
$result = mysql_query($uSQL) or die('');
$ec = "您好:\n您收到这封邮件,是因为在“" . $r_main['site_name'] . "”网站的用户注册中使用了该邮箱地址\n且用户请求使用找回密码功能所致。\n\n如果您没有进行上述操作,请忽略这封邮件。您不需要退订或进行其他进一步的操作。\n------------------------------------------------------\n重设密码说明:\n如果是您发起了找回密码申请,请在" . $yxts . "天之内,通过点击下面的链接重设您的密码:\n" . $yjl_url . $f . "?c=" . $r_res['pwdrcode'] . "\n\n(如果上面不是链接形式,请将地址手工粘贴到浏览器地址栏再访问)\n上面的页面打开后,输入新的密码后提交,之后您即可使用新的密码登录" . $r_main['site_name'] . "了。您可以在个人中心中随时修改您的密码。\n本请求提交者的 IP 为:" . yjl_getIP() . "\n\n感谢您的访问,祝您使用愉快!\n\n此致,\n" . $r_main['site_name'] . " 管理团队.\n" . $yjl_url . "\n";
if ($yjl_isdebug == 0) {
require_once 'lib/smtp.php';
yjl_mail($email, $r_main['site_name'] . ' 找回密码', $ec);
}
$_SESSION[$seid] = 1;
//delete
if ($yjl_isdebug > 0) {
$_SESSION[$seid . '_code'] = $r_res['pwdrcode'];
}
} else {
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><script type="text/javascript">alert(\'没有用户使用此邮箱地址。\');</script>';
}
mysql_free_result($res);
}
echo '<script type="text/javascript">location.href=\'' . $f . '\';</script>';
$f = 'a_tjyz.php';
$esid = md5($f);
if (isset($_SESSION[$esid]) && $_SESSION[$esid] != '') {
$m = array(1 => '请输入相关信息!', '请使用其他Email!', '用户名只可以使用数字、字母和下划线!', '邮箱格式错误!');
if (isset($m[$_SESSION[$esid]])) {
$t_m = $m[$_SESSION[$esid]];
}
unset($_SESSION[$esid]);
}
$c = isset($t_m) ? yjl_getMsg($t_m) : '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['password']) && trim($_POST['password']) != '' && isset($_POST['email']) && trim($_POST['email']) != '') {
$p = htmlspecialchars(trim($_POST['password']), ENT_QUOTES);
$email = htmlspecialchars(trim($_POST['email']), ENT_QUOTES);
if (yjl_cemail($email)) {
$ip = yjl_getIP();
$u = str_replace('@', '_', $email);
$u = str_replace('.', '_', $u);
$ue = preg_match("/^\\w+\$/i", $u) ? $u : '';
if ($ue == '') {
$u = substr(md5(time() . rand(1, 1000)), 0, 16);
}
$u = yjl_chkusername($u);
if ($u != '') {
$un_c = 0;
$em_c = 0;
$q_res = sprintf('select uid from %s where username=%s limit 1', $dbprefix . 'members', yjl_SQLString($u, 'text'));
$res = mysql_query($q_res) or die('');
if (mysql_num_rows($res) > 0) {
$un_c = 1;
}
