function resetpwd_mail()
{
require __DIR__ . '/ojsettings.php';
if (!isset($_SESSION['resetpwd_user']) || !isset($_SESSION['resetpwd_email']) || !isset($_SESSION['resetpwd_code'])) {
return 'timeout';
}
$user = $_SESSION['resetpwd_user'];
$email = $_SESSION['resetpwd_email'];
$code = $_SESSION['resetpwd_code'];
$subject = "{$oj_name} 密码重置验证";
require __DIR__ . '/../func/userinfo.php';
$ip = get_ip();
$nowtime = date("Y/m/d H:i:s");
$content = "<div>亲爱的 {$user} ,<br><p>我们收到了您在{$oj_name}重置密码的请求并发送了验证码来确认您的身份。</p><b><p>请求时间: {$nowtime} (UTC+08:00)</p><p>IP地址: {$ip}</p><p>验证码: {$code}</p></b><p>如果您没有在{$oj_name}有过重置密码的请求,您只需忽略这封邮件并不要把验证码告诉任何人。<br>如有任何问题,请回复该邮件来与管理员取得联系。</p><br>谢谢!<p>{$oj_copy}</p></div>";
return postmail($email, $subject, $content);
}
return $value;
}
$postuname = check_input($postuname);
$postupwd = check_input($postupwd);
$postuemail = check_input($postuemail);
$sql = "insert into user(uname,upwd,uemail,activekey,regdate)values('" . $postuname . "','" . md5($postupwd) . "','" . $postuemail . "','" . $key . "','" . time() . "')";
$num = $conne->uidRst($sql);
if ($num == 1) {
//插入成功时发送邮件
//用户激活链接
$url = 'http://' . $_SERVER['HTTP_HOST'] . '/activation.php';
//urlencode函数转换url中的中文编码
//带反斜杠
$url .= '?name=' . urlencode($postuname) . '&k=' . $key;
//定义登录使用的邮箱
$envelope = '*****@*****.**';
$password = '******';
$port = 25;
$auth = 'login';
$smtp = 'smtp.126.com';
//激活邮件的主题和正文
$subject = '激活您的帐号';
$mailbody = '注册成功,<a href="' . $url . '" target="_blank">请点击此处激活帐号</a>';
postmail($auth, $port, $envelope, $password, $smtp, $postuemail, $subject, $mailbody);
echo "<script>self.location=\"maillogin.php?m=" . $postuemail . "&n=" . urlencode($postuname) . "&k=" . $key . "\";</script>";
} else {
//提示激活失败并跳转
echo "<div id=\"textBox\">激活失败,请重新注册,<span id=\"second\"></span> 秒钟后跳转至重新激活页...</div>";
echo "<script src=\"templets/js/showTime.js\"></script>";
echo "<script>var href='register.php';showTime(href);</script>";
}
header('Location: ../');
}
}
include './resetpassword.html.php';
} else {
if (isset($_POST['retrievepassword'])) {
try {
$sql = 'SELECT * FROM user WHERE no = :no';
$s = $pdo->prepare($sql);
$s->bindValue(':no', $_POST['retrino']);
$s->execute();
} catch (PDOException $e) {
callerror('database error', '../');
exit;
}
$result = $s->fetch();
if (empty($result)) {
callerror('non-registered user', './');
exit;
} else {
if ($_POST['retriemail'] != $result['email']) {
callerror('no. and email do not match', './');
exit;
} else {
postmail($result['email'], 'http://' . $_SERVER['HTTP_HOST'] . '/ofcourse' . '/forgotpassword?text=' . base64_encode($result['no']) . '&text2=' . base64_encode($result['password']));
echo '<div class="alert alert-success" role="alert" align="center">Check your mailbox to reset password</div>';
}
}
}
include './retrievepassword.html.php';
}
if (isset($_POST['title']) && !empty($_POST['title'])) {
$title = mysqli_real_escape_string($con, trim($_POST['title']));
} else {
echo _('Title can\'t be empty...');
exit;
}
if (isset($_POST['content']) && !empty($_POST['content'])) {
$content = mysqli_real_escape_string($con, trim(str_replace(array("\r\n", "\r", "\n"), "<br>", $_POST['content'])));
} else {
echo _('Content can\'t be empty...');
exit;
}
$res = mysqli_query($con, "select email from users");
while ($row = mysqli_fetch_row($res)) {
$re = '';
$r = postmail($row[0], $title, $content);
if ($r != 'success') {
$re .= $r;
}
}
if ($re == '') {
$re = 'success';
}
echo $re;
} else {
echo _('Invalid Argument...');
}
}
}
}
}
