function _do_register($username, $password, $email)
{
$user = array('username' => $username, 'password' => 'FAKE_PASSWORD', 'email' => $email);
$uid = DB::insert('member', $user);
$user['uid'] = $uid;
$password = Widget_Password::encrypt($user, $password);
DB::query("UPDATE member SET password='******' WHERE uid='{$uid}'");
DB::insert('member_setting', array('uid' => $uid, 'cookie' => ''));
HOOK::run('register_user', true, $user);
CACHE::update('username');
CACHE::save('user_setting_' . $uid, '');
return $uid;
}
} elseif ($_GET['action'] == 'find_password') {
if ($_GET['token']) {
$str = authcode($_GET['token'], 'DECODE');
if (!$str) {
showmessage('链接有误,请重新获取', './');
}
list($uid, $exptime, $password, $random) = explode("\t", $str);
if ($exptime < TIMESTAMP) {
showmessage('链接已过期,请重新获取', './');
}
$user = DB::fetch_first("SELECT * FROM member WHERE uid='{$uid}' AND password='******'");
if (!$user) {
showmessage('链接已经失效,请重新获取', './');
}
$new_password = random(10);
$newpassword = Widget_Password::encrypt($user, $new_password);
DB::update('member', array('password' => $newpassword), "uid='{$uid}'");
showmessage("您的密码已经重置为:<br>{$new_password}<br><br>请使用新密码登录并修改密码。");
} elseif ($_POST['username'] && $_POST['email']) {
$username = daddslashes($_POST['username']);
$email = daddslashes($_POST['email']);
$user = DB::fetch_first("SELECT * FROM member WHERE username='******' AND email='{$email}'");
if (!$user) {
showmessage('用户名 / 邮箱有误', './');
}
$info = array($user['uid'], TIMESTAMP + 3600, $user['password'], random(32));
$token = urlencode(authcode(implode("\t", $info), 'ENCODE'));
$link = "{$siteurl}member.php?action=find_password&token={$token}";
$message = <<<EOF
<p>我们已经收到您的找回密码申请,请您点击下方的链接重新设置密码:</p>
<blockquote><a href="{$link}">{$link}</a></blockquote>
break;
}
$user = DB::fetch_first("SELECT * FROM member WHERE uid='{$uid}'");
if (!$_POST['old_password']) {
showmessage('请输入旧密码', './#setting', 1);
}
if (!$_POST['new_password']) {
showmessage('请输入新密码', './#setting', 1);
}
if ($_POST['new_password'] != $_POST['new_password2']) {
showmessage('两次输入的新密码不一样,请检查', './#setting', 1);
}
if (!Widget_Password::verify($user, $_POST['old_password'])) {
showmessage('旧密码错误!请检查输入', './#setting', 1);
}
$newpassword = Widget_Password::encrypt($user, $_POST['new_password']);
DB::update('member', array('password' => $newpassword), "uid='{$uid}'");
HOOK::run('change_password', true, $uid);
showmessage('您的密码已经更新', './#setting', 1);
break;
case 'reset_failure':
if ($formhash != $_GET['formhash']) {
showmessage('请稍候...', '?action=reset_failure&formhash=' . $formhash, 0);
}
$date = date('Ymd');
DB::query("UPDATE sign_log SET status='0', retry='0' WHERE uid='{$uid}' AND date='{$date}' AND status<0");
showmessage('已经重置失败状态,稍后系统将自动重试', './#signlog', 1);
break;
case 'refresh_liked_tieba':
if ($formhash != $_GET['formhash']) {
showmessage('刷新中,请稍候...', '?action=refresh_liked_tieba&formhash=' . $formhash, 0);
