function ResetPass() { global $msql, $SiteUrl; global $strLostpassNtc1, $strLostpassNtc2, $strLostpassNtc3, $strLostpassNtc4, $strLostpassNtc5; global $strLostpassNtc6, $strLostpassNtc7, $strLostpassNtc8, $strLostpassNtc9; $coltitle = $GLOBALS["PLUSVARS"]["coltitle"]; $tempname = $GLOBALS["PLUSVARS"]["tempname"]; $Temp = LoadTemp($tempname); $step = $_REQUEST["step"]; if ($step == "checkmail") { $codestr = $_GET["codestr"]; $username = $_GET["username"]; $tm = $_GET["tm"]; if (!isset($_COOKIE["NEWPASSWD"]) || $_COOKIE["NEWPASSWD"] == "") { $PageMain = err($strLostpassNtc7, "lostpass.php", ""); return $PageMain; } $md5 = md5($username . "Z(o)C~LoSbZ8Tj7MvBAs(8)!nn^Lp^12345^Pm" . $_COOKIE["NEWPASSWD"] . $tm); if ($md5 == $codestr) { $mdpass = md5($_COOKIE["NEWPASSWD"]); $msql->query("update {P}_member set password='******' where user='******'"); $PageMain = SayOk($strLostpassNtc8, "login.php", ""); return $PageMain; } else { $PageMain = err($strLostpassNtc9, "lostpass.php", ""); return $PageMain; } } elseif ($step == "2") { $username = $_POST["username"]; $newpass = $_POST["newpass"]; if (!isset($username) || $username == "" || $newpass == "") { $str = err($strLostpassNtc1, "", ""); return $str; } else { $msql->query("select email from {P}_member where user='******'"); if ($msql->next_record()) { $email = $msql->f('email'); $tm = time(); setCookie("NEWPASSWD", $newpass, time() + 7200); $md5 = md5($username . "Z(o)C~LoSbZ8Tj7MvBAs(8)!nn^Lp^12345^Pm" . $newpass . $tm); $link = $SiteUrl . "lostpass.php?step=checkmail&username="******"&codestr=" . $md5 . "&tm=" . $tm; $message = $username . $strLostpassNtc2 . "\r\n \r\n" . $strLostpassNtc3 . "\r\n \r\n" . $link . "\r\n \r\n" . $GLOBALS["CONF"]["SiteName"] . "\r\n" . $GLOBALS["CONF"]["SiteHttp"]; include ROOTPATH . "includes/ebmail.inc.php"; ebmail($email, $GLOBALS["CONF"]["SiteEmail"], $strLostpassNtc4, $message); $str = SayOk($strLostpassNtc5 . "<br><br>" . $email, "", ""); return $str; } else { $str = err($strLostpassNtc6, "", ""); return $str; } } } else { $var = array('coltitle' => $coltitle); $str = ShowTplTemp($Temp, $var); return $str; } }
$msql->query("insert into {P}_member set\r\n\r\n\t\t membertypeid='{$membertypeid}',\r\n\t\t membergroupid='{$membergroupid}',\r\n\t\t user='******',\r\n\t\t password='******',\r\n\t\t email='{$email}',\r\n\t\t pname='{$user}',\r\n\t\t signature='{$signature}',\r\n\t\t nowface='1',\r\n\t\t checked='{$ifchecked}',\r\n\t\t regtime='{$regtime}',\r\n\t\t exptime='{$exptime}',\r\n\t\t ip='{$ip}',\r\n\t\t logincount='1',\r\n\t\t logintime='{$regtime}',\r\n\t\t loginip='{$ip}'\r\n\t\t"); $memberid = $msql->instid(); $msql->query("delete from {P}_member_rights where memberid='{$memberid}'"); $msql->query("select * from {P}_member_defaultrights where membertypeid='{$membertypeid}'"); while ($msql->next_record()) { $secureid = $msql->f("secureid"); $securetype = $msql->f("securetype"); $secureset = $msql->f("secureset"); $fsql->query("insert into {P}_member_rights values(\r\n\t\t\t0,\r\n\t\t '{$memberid}',\r\n\t\t '{$secureid}',\r\n\t\t '{$securetype}',\r\n\t\t '{$secureset}'\r\n\t\t\t)"); } membercentupdate($memberid, "111"); $regmail = str_replace("{#user#}", $user, $regmail); $regmail = str_replace("{#password#}", $password, $regmail); $msql->query("insert into {P}_member_msn set\r\n\t\t\t`body`='{$regmail}',\r\n\t\t\t`tomemberid`='{$memberid}',\r\n\t\t\t`frommemberid`='0',\r\n\t\t\t`dtime`='{$regtime}',\r\n\t\t\t`iflook`='0'\r\n\t\t"); include ROOTPATH . "includes/ebmail.inc.php"; ebmail($email, $GLOBALS['CONF']['SiteEmail'], $membertype . $strRegNotice11, $regmail); $fsql->query("select * from {P}_member_rights where memberid='{$memberid}' and securetype='con'"); if ($fsql->next_record()) { $consecure = $fsql->f("secureset"); } $md5 = md5($user . "76|01|14" . $memberid . $membertype . $consecure); setcookie("MUSER", $user); setcookie("MEMBERPNAME", $user); setcookie("MEMBERID", $memberid); setcookie("MEMBERTYPE", $membertype); setcookie("MEMBERTYPEID", $membertypeid); setcookie("ZC", $md5); setcookie("SE", $consecure); if ($GLOBALS['MEMBERCONF']['UC_OPEN'] == "1") { $uid = uc_user_register($user, $password, $email); if ($uid <= 0) {