} if (!empty($_W['member']) && (!empty($_W['member']['mobile']) || !empty($_W['member']['email']))) { header('location: ' . $forward); exit; } if ($do == 'forget') { } if ($do == 'reset') { if ($_W['ispost'] && $_W['isajax']) { $username = trim($post['username']); $password = trim($post['password']); $repassword = trim($post['repassword']); $repassword != $password ? exit('两次密码输入不一致') : ''; $code = trim($post['code']); load()->model('utility'); if (!code_verify($_W['uniacid'], $username, $code)) { exit('验证码错误.'); } $sql = 'SELECT `uid`,`salt` FROM ' . tablename('mc_members') . ' WHERE `uniacid`=:uniacid'; $pars = array(); $pars[':uniacid'] = $_W['uniacid']; if (preg_match('/^\\d{11}$/', $username)) { $type = 'mobile'; $sql .= ' AND `mobile`=:mobile'; $pars[':mobile'] = $username; } elseif (preg_match("/^\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*\$/", $username)) { $type = 'email'; $sql .= ' AND `email`=:email'; $pars[':email'] = $username; } else { exit('用户名格式不正确');
public function doMobileforget() { global $_W, $_GPC; $openid = $_W['openid']; $agentRegister = $this->module['config']['agentRegister']; //查询用户注册登录设置信息,0:关闭,1:手机,2:邮箱,3:两者 $dos = array('reset', 'forget'); $post = $_GPC['__input']; $do = in_array($post['mode'], $dos) ? $post['mode'] : 'forget'; $forward = url('entry', array('m' => 'wwx_fxxt', 'do' => 'fansindex')); if (!empty($_GPC['forward'])) { $forward = './index.php?' . base64_decode($_GPC['forward']) . '#wechat_redirect'; } if (!empty($_W['member']) && (!empty($_W['member']['mobile']) || !empty($_W['member']['email']))) { header('location: ' . $forward); exit; } if ($do == 'forget') { } if ($do == 'reset') { if ($_W['ispost'] && $_W['isajax']) { $username = trim($post['username']); $password = trim($post['password']); $repassword = trim($post['repassword']); $repassword != $password ? exit('两次密码输入不一致') : ''; $code = trim($post['code']); load()->model('utility'); if (!code_verify($_W['uniacid'], $username, $code)) { exit('验证码错误.'); } $sql = 'SELECT `uid`,`salt` FROM ' . tablename('mc_members') . ' WHERE `uniacid`=:uniacid'; $pars = array(); $pars[':uniacid'] = $_W['uniacid']; if (preg_match('/^\\d{11}$/', $username)) { $type = 'mobile'; $sql .= ' AND `mobile`=:mobile'; $pars[':mobile'] = $username; } elseif (preg_match("/^\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*\$/", $username)) { $type = 'email'; $sql .= ' AND `email`=:email'; $pars[':email'] = $username; } else { exit('用户名格式不正确'); } $user = pdo_fetch($sql, $pars); if (empty($user)) { exit('没有找到用户名为' . $username . '的用户信息'); } else { $password = md5($password . $user['salt'] . $_W['config']['setting']['authkey']); pdo_update('mc_members', array('password' => $password), array('uniacid' => $_W['uniacid'], $type => $username)); } exit('success'); } } include $this->template('forget'); exit; }
$pars[':mobile'] = $post['username']; } else { $sql .= ' AND `email`=:email'; $pars[':email'] = $post['username']; } $user = pdo_fetch($sql, $pars); if (empty($user)) { exit('不存在该账号的用户资料'); } $hash = md5($post['password'] . $user['salt'] . $_W['config']['setting']['authkey']); if ($user['password'] != $hash) { exit('密码错误'); } } elseif ($ltype == 'code' || $ltype == 'hybird' && $mode == 'code') { load()->model('utility'); if (!code_verify($_W['uniacid'], $post['username'], $post['password'])) { exit('验证码错误.'); } $sql = 'SELECT `uid`,`salt`,`password` FROM ' . tablename('mc_members') . ' WHERE `uniacid`=:uniacid'; $pars = array(); $pars[':uniacid'] = $_W['uniacid']; if (preg_match(REGULAR_MOBILE, $post['username'])) { $sql .= ' AND `mobile`=:mobile'; $pars[':mobile'] = $post['username']; } else { $sql .= ' AND `email`=:email'; $pars[':email'] = $post['username']; } $user = pdo_fetch($sql, $pars); if (empty($user)) { exit('不存在该账号的用户资料');
$mobile_exist = empty($profile['mobile']) ? 0 : 1; if (checksubmit('submit')) { if ($mobile_exist == 1) { $oldmobile = trim($_GPC['oldmobile']) ? trim($_GPC['oldmobile']) : message('请填写原手机号'); // $password = trim($_GPC['password']) ? trim($_GPC['password']) : message('请填写密码'); $mobile = trim($_GPC['mobile']) ? trim($_GPC['mobile']) : message('请填写新手机号'); if (!preg_match(REGULAR_MOBILE, $mobile)) { message('新手机号格式有误', '', 'error'); } $info = pdo_fetch('SELECT uid, password, salt FROM ' . tablename('mc_members') . ' WHERE uniacid = :uniacid AND mobile = :mobile AND uid = :uid', array(':uniacid' => $_W['uniacid'], ':mobile' => $oldmobile, ':uid' => $_W['member']['uid'])); if (!empty($info)) { // if ($_GPC ['__code'] != md5 ( $_GPC ['code'] . $_W ['config'] ['setting'] ['authkey'] )) { // message ( '你输入的验证码不正确, 请重新输入.' ,'', 'error' ); // } load()->model('utility'); if (!code_verify($_W['uniacid'], $mobile, $_GPC['code'])) { message('你输入的验证码不正确, 请重新输入.', '', 'error'); } else { pdo_update('mc_members', array('mobile' => $mobile), array('uniacid' => $_W['uniacid'], 'uid' => $_W['member']['uid'])); pdo_update('mc_members', array('modifytime' => TIMESTAMP), array('uniacid' => $_W['uniacid'], 'uid' => $_W['member']['uid'])); message('修改手机号成功', url('mc/home'), 'success'); //message ( '密码输入错误', '', 'error' ); } } else { message('原手机号输入错误', '', 'error'); } } else { $mobile = trim($_GPC['mobile']) ? trim($_GPC['mobile']) : message('请填写手机号'); if (!preg_match(REGULAR_MOBILE, $mobile)) { message('手机号格式有误', '', 'error'); }