}
if (!empty($_W['member']) && (!empty($_W['member']['mobile']) || !empty($_W['member']['email']))) {
header('location: ' . $forward);
exit;
}
if ($do == 'forget') {
}
if ($do == 'reset') {
if ($_W['ispost'] && $_W['isajax']) {
$username = trim($post['username']);
$password = trim($post['password']);
$repassword = trim($post['repassword']);
$repassword != $password ? exit('两次密码输入不一致') : '';
$code = trim($post['code']);
load()->model('utility');
if (!code_verify($_W['uniacid'], $username, $code)) {
exit('验证码错误.');
}
$sql = 'SELECT `uid`,`salt` FROM ' . tablename('mc_members') . ' WHERE `uniacid`=:uniacid';
$pars = array();
$pars[':uniacid'] = $_W['uniacid'];
if (preg_match('/^\\d{11}$/', $username)) {
$type = 'mobile';
$sql .= ' AND `mobile`=:mobile';
$pars[':mobile'] = $username;
} elseif (preg_match("/^\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*\$/", $username)) {
$type = 'email';
$sql .= ' AND `email`=:email';
$pars[':email'] = $username;
} else {
exit('用户名格式不正确');
public function doMobileforget()
{
global $_W, $_GPC;
$openid = $_W['openid'];
$agentRegister = $this->module['config']['agentRegister'];
//查询用户注册登录设置信息,0:关闭,1:手机,2:邮箱,3:两者
$dos = array('reset', 'forget');
$post = $_GPC['__input'];
$do = in_array($post['mode'], $dos) ? $post['mode'] : 'forget';
$forward = url('entry', array('m' => 'wwx_fxxt', 'do' => 'fansindex'));
if (!empty($_GPC['forward'])) {
$forward = './index.php?' . base64_decode($_GPC['forward']) . '#wechat_redirect';
}
if (!empty($_W['member']) && (!empty($_W['member']['mobile']) || !empty($_W['member']['email']))) {
header('location: ' . $forward);
exit;
}
if ($do == 'forget') {
}
if ($do == 'reset') {
if ($_W['ispost'] && $_W['isajax']) {
$username = trim($post['username']);
$password = trim($post['password']);
$repassword = trim($post['repassword']);
$repassword != $password ? exit('两次密码输入不一致') : '';
$code = trim($post['code']);
load()->model('utility');
if (!code_verify($_W['uniacid'], $username, $code)) {
exit('验证码错误.');
}
$sql = 'SELECT `uid`,`salt` FROM ' . tablename('mc_members') . ' WHERE `uniacid`=:uniacid';
$pars = array();
$pars[':uniacid'] = $_W['uniacid'];
if (preg_match('/^\\d{11}$/', $username)) {
$type = 'mobile';
$sql .= ' AND `mobile`=:mobile';
$pars[':mobile'] = $username;
} elseif (preg_match("/^\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*\$/", $username)) {
$type = 'email';
$sql .= ' AND `email`=:email';
$pars[':email'] = $username;
} else {
exit('用户名格式不正确');
}
$user = pdo_fetch($sql, $pars);
if (empty($user)) {
exit('没有找到用户名为' . $username . '的用户信息');
} else {
$password = md5($password . $user['salt'] . $_W['config']['setting']['authkey']);
pdo_update('mc_members', array('password' => $password), array('uniacid' => $_W['uniacid'], $type => $username));
}
exit('success');
}
}
include $this->template('forget');
exit;
}
$pars[':mobile'] = $post['username'];
} else {
$sql .= ' AND `email`=:email';
$pars[':email'] = $post['username'];
}
$user = pdo_fetch($sql, $pars);
if (empty($user)) {
exit('不存在该账号的用户资料');
}
$hash = md5($post['password'] . $user['salt'] . $_W['config']['setting']['authkey']);
if ($user['password'] != $hash) {
exit('密码错误');
}
} elseif ($ltype == 'code' || $ltype == 'hybird' && $mode == 'code') {
load()->model('utility');
if (!code_verify($_W['uniacid'], $post['username'], $post['password'])) {
exit('验证码错误.');
}
$sql = 'SELECT `uid`,`salt`,`password` FROM ' . tablename('mc_members') . ' WHERE `uniacid`=:uniacid';
$pars = array();
$pars[':uniacid'] = $_W['uniacid'];
if (preg_match(REGULAR_MOBILE, $post['username'])) {
$sql .= ' AND `mobile`=:mobile';
$pars[':mobile'] = $post['username'];
} else {
$sql .= ' AND `email`=:email';
$pars[':email'] = $post['username'];
}
$user = pdo_fetch($sql, $pars);
if (empty($user)) {
exit('不存在该账号的用户资料');
$mobile_exist = empty($profile['mobile']) ? 0 : 1;
if (checksubmit('submit')) {
if ($mobile_exist == 1) {
$oldmobile = trim($_GPC['oldmobile']) ? trim($_GPC['oldmobile']) : message('请填写原手机号');
// $password = trim($_GPC['password']) ? trim($_GPC['password']) : message('请填写密码');
$mobile = trim($_GPC['mobile']) ? trim($_GPC['mobile']) : message('请填写新手机号');
if (!preg_match(REGULAR_MOBILE, $mobile)) {
message('新手机号格式有误', '', 'error');
}
$info = pdo_fetch('SELECT uid, password, salt FROM ' . tablename('mc_members') . ' WHERE uniacid = :uniacid AND mobile = :mobile AND uid = :uid', array(':uniacid' => $_W['uniacid'], ':mobile' => $oldmobile, ':uid' => $_W['member']['uid']));
if (!empty($info)) {
// if ($_GPC ['__code'] != md5 ( $_GPC ['code'] . $_W ['config'] ['setting'] ['authkey'] )) {
// message ( '你输入的验证码不正确, 请重新输入.' ,'', 'error' );
// }
load()->model('utility');
if (!code_verify($_W['uniacid'], $mobile, $_GPC['code'])) {
message('你输入的验证码不正确, 请重新输入.', '', 'error');
} else {
pdo_update('mc_members', array('mobile' => $mobile), array('uniacid' => $_W['uniacid'], 'uid' => $_W['member']['uid']));
pdo_update('mc_members', array('modifytime' => TIMESTAMP), array('uniacid' => $_W['uniacid'], 'uid' => $_W['member']['uid']));
message('修改手机号成功', url('mc/home'), 'success');
//message ( '密码输入错误', '', 'error' );
}
} else {
message('原手机号输入错误', '', 'error');
}
} else {
$mobile = trim($_GPC['mobile']) ? trim($_GPC['mobile']) : message('请填写手机号');
if (!preg_match(REGULAR_MOBILE, $mobile)) {
message('手机号格式有误', '', 'error');
}
