unset($_SESSION[$seid]); } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_POST['email']) && trim($_POST['email']) != '') { $email = htmlspecialchars(trim($_POST['email']), ENT_QUOTES); $q_res = sprintf('select a.uid, b.pwdrcode, b.pwdrdate from %s as a, %s as b where a.email=%s and a.uid=b.uid limit 1', $dbprefix . 'members', $yjl_dbprefix . 'members', yjl_SQLString($email, 'text')); echo $q_res; $res = mysql_query($q_res) or die(''); $r_res = mysql_fetch_assoc($res); if (mysql_num_rows($res) > 0) { if ($r_res['pwdrdate'] <= time() - 86400 * $yxts || $r_res['pwdrcode'] == '') { $r_res['pwdrcode'] = md5($email . '|' . time() . '|' . rand(0, 9999)); } $uSQL = sprintf('update %s set pwdrcode=%s, pwdrdate=%s where uid=%s', $yjl_dbprefix . 'members', yjl_SQLString($r_res['pwdrcode'], 'text'), time(), $r_res['uid']); $result = mysql_query($uSQL) or die(''); $ec = "您好:\n您收到这封邮件,是因为在“" . $r_main['site_name'] . "”网站的用户注册中使用了该邮箱地址\n且用户请求使用找回密码功能所致。\n\n如果您没有进行上述操作,请忽略这封邮件。您不需要退订或进行其他进一步的操作。\n------------------------------------------------------\n重设密码说明:\n如果是您发起了找回密码申请,请在" . $yxts . "天之内,通过点击下面的链接重设您的密码:\n" . $yjl_url . $f . "?c=" . $r_res['pwdrcode'] . "\n\n(如果上面不是链接形式,请将地址手工粘贴到浏览器地址栏再访问)\n上面的页面打开后,输入新的密码后提交,之后您即可使用新的密码登录" . $r_main['site_name'] . "了。您可以在个人中心中随时修改您的密码。\n本请求提交者的 IP 为:" . yjl_getIP() . "\n\n感谢您的访问,祝您使用愉快!\n\n此致,\n" . $r_main['site_name'] . " 管理团队.\n" . $yjl_url . "\n"; if ($yjl_isdebug == 0) { require_once 'lib/smtp.php'; yjl_mail($email, $r_main['site_name'] . ' 找回密码', $ec); } $_SESSION[$seid] = 1; //delete if ($yjl_isdebug > 0) { $_SESSION[$seid . '_code'] = $r_res['pwdrcode']; } } else { echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><script type="text/javascript">alert(\'没有用户使用此邮箱地址。\');</script>'; } mysql_free_result($res); } echo '<script type="text/javascript">location.href=\'' . $f . '\';</script>';
$f = 'a_tjyz.php'; $esid = md5($f); if (isset($_SESSION[$esid]) && $_SESSION[$esid] != '') { $m = array(1 => '请输入相关信息!', '请使用其他Email!', '用户名只可以使用数字、字母和下划线!', '邮箱格式错误!'); if (isset($m[$_SESSION[$esid]])) { $t_m = $m[$_SESSION[$esid]]; } unset($_SESSION[$esid]); } $c = isset($t_m) ? yjl_getMsg($t_m) : ''; if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_POST['password']) && trim($_POST['password']) != '' && isset($_POST['email']) && trim($_POST['email']) != '') { $p = htmlspecialchars(trim($_POST['password']), ENT_QUOTES); $email = htmlspecialchars(trim($_POST['email']), ENT_QUOTES); if (yjl_cemail($email)) { $ip = yjl_getIP(); $u = str_replace('@', '_', $email); $u = str_replace('.', '_', $u); $ue = preg_match("/^\\w+\$/i", $u) ? $u : ''; if ($ue == '') { $u = substr(md5(time() . rand(1, 1000)), 0, 16); } $u = yjl_chkusername($u); if ($u != '') { $un_c = 0; $em_c = 0; $q_res = sprintf('select uid from %s where username=%s limit 1', $dbprefix . 'members', yjl_SQLString($u, 'text')); $res = mysql_query($q_res) or die(''); if (mysql_num_rows($res) > 0) { $un_c = 1; }