<?php /** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: member_getpasswd.php 35030 2014-10-23 07:43:23Z laoguozhang $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } define('NOROBOT', TRUE); if ($_GET['uid'] && $_GET['id'] && $_GET['sign'] === make_getpws_sign($_GET['uid'], $_GET['id'])) { $discuz_action = 141; $member = getuserbyuid($_GET['uid'], 1); $table_ext = isset($member['_inarchive']) ? '_archive' : ''; $member = array_merge(C::t('common_member_field_forum' . $table_ext)->fetch($_GET['uid']), $member); list($dateline, $operation, $idstring) = explode("\t", $member['authstr']); if ($dateline < TIMESTAMP - 86400 * 3 || $operation != 1 || $idstring != $_GET['id']) { showmessage('getpasswd_illegal', NULL); } if (!submitcheck('getpwsubmit') || $_GET['newpasswd1'] != $_GET['newpasswd2']) { $hashid = $_GET['id']; $uid = $_GET['uid']; $sign = $_GET['sign']; include template('member/getpasswd'); } else { if ($_GET['newpasswd1'] != addslashes($_GET['newpasswd1'])) { showmessage('profile_passwd_illegal'); } if ($_G['setting']['pwlength']) {
} else { $emailcount = C::t('common_member')->count_by_email($_GET['email'], 1); if (!$emailcount) { showmessage('lostpasswd_email_not_exist'); } if ($emailcount > 1) { showmessage('lostpasswd_many_users_use_email'); } $member = C::t('common_member')->fetch_by_email($_GET['email'], 1); list($tmp['uid'], , $tmp['email']) = uc_get_user(addslashes($member['username'])); $tmp['email'] = strtolower(trim($tmp['email'])); } if (!$member) { showmessage('getpasswd_account_notmatch'); } elseif ($member['adminid'] == 1 || $member['adminid'] == 2) { showmessage('getpasswd_account_invalid'); } $table_ext = $member['_inarchive'] ? '_archive' : ''; if ($member['email'] != $tmp['email']) { C::t('common_member' . $table_ext)->update($tmp['uid'], array('email' => $tmp['email'])); } $idstring = random(6); C::t('common_member_field_forum' . $table_ext)->update($member['uid'], array('authstr' => "{$_G['timestamp']}\t1\t{$idstring}")); require_once libfile('function/mail'); $get_passwd_subject = lang('email', 'get_passwd_subject'); $get_passwd_message = lang('email', 'get_passwd_message', array('username' => $member['username'], 'bbname' => $_G['setting']['bbname'], 'siteurl' => $_G['siteurl'], 'uid' => $member['uid'], 'idstring' => $idstring, 'clientip' => $_G['clientip'], 'sign' => make_getpws_sign($member['uid'], $idstring))); if (!sendmail("{$_GET['username']} <{$tmp['email']}>", $get_passwd_subject, $get_passwd_message)) { runlog('sendmail', "{$tmp['email']} sendmail failed."); } showmessage('getpasswd_send_succeed', $_G['siteurl'], array(), array('showdialog' => 1, 'locationtime' => true)); }