<?php //fix defined("ZHANGXUAN") or die("no hacker."); @session_start(); $pwdfinderrorid = -1; //1验证码错误,2用户不存在4输入错误,3信息与数据库中的不一样,5用户名存在非法字符,用户名仅允许使用中文、数字、字母、下划线,6发送邮件失败 if (check_data('letters_code') && md5(strtolower($_POST["letters_code"])) == $_SESSION['letters_code']) { //验证码正确才能继续搞啊 if (check_data('firstName') && check_data('email') && check_data('question1') && check_data('answer1')) { //要有数据啊 if (checkzhongwenzimushuzixiahuaxian($_POST["firstName"]) && checkquestionvalue($_POST['question1']) && valid_email($_POST["email"])) { $user = db_iconv("firstName", 'post', true, true); $emailadd = db_iconv("email"); $question1 = db_iconv("question1"); $answer1 = db_iconv("answer1"); $emailfind = randstr(); $sql = "SELECT * FROM `users` WHERE `user_name`='{$user}'"; $rowuserdata = queryRow($sql); if ($rowuserdata) { if ($rowuserdata['user_email'] == $emailadd && $rowuserdata['user_question'] == $question1 && $rowuserdata['user_answer'] == $answer1) { $userid = $rowuserdata['user_id']; $sql = "UPDATE `users` SET `user_email_find_code`='{$emailfind}',`user_email_find_mode`='1' WHERE `user_id`='{$userid}'"; update($sql); $findurl = SITEHOST . "findpwdmail.php?userid={$userid}&pwdcheckid={$emailfind}"; $mailtxt = "本邮件为系统自动发送,您正在申请重置您账号的密码<br><br>" . "您的用户名为:{$user}<br><br>" . "您的用户ID为:{$userid}<br><br>" . "您的邮箱地址为:{$emailadd}<br><br>" . "您还需要最后一步,点击以下链接,前往密码重置页面重置您的密码。<br><br>" . "<a href='{$findurl}' target='_blank'>{$findurl}</a><br><br>" . "如果这不是您操作的,请忽略本邮件,绝对不要点击以上链接。<br><br>" . "本邮件为自动发送,请不要回复,因为没人会看的。<br><br>" . "竹井詩織里<br><br>" . date('Y-m-d'); $pwdfinderrorid = send_mail('战网安全令在线版重置密码链接邮件', $mailtxt, $emailadd, 0, 6); } else { $pwdfinderrorid = 3; } } else {
$questionid[83] = "您就读的第一所小学名称是?"; $questionid[84] = "您的初恋情人叫什么名字?"; $questionid[85] = "您驾照的末四位是什么?"; $questionid[86] = "您母亲的姓名叫什么?"; $questionid[87] = "您母亲的生日是哪一天?"; $questionid[88] = "您父亲的生日是哪一天?"; session_start(); $registercheck = 0; $registersuccesslogin = 0; $registererrid = 0; //1注册码错误,2用户名重复,3邮件格式错误,4输入错误,用户名包含非法字符 if (check_data("letters_code") && md5(strtolower($_POST["letters_code"])) == $_SESSION['letters_code']) { //验证码正确才能继续搞啊 if (check_data("username") && check_data("password") && check_data("emailAddress") && check_data("question1") && check_data("answer1") && $_POST['rePassword'] === $_POST['password']) { //要有数据啊 if (checkzhongwenzimushuzixiahuaxian($_POST["username"]) && checkquestionvalue($_POST['question1']) && valid_email($_POST["emailAddress"])) { $user = db_iconv("username", 'post', true, true); $unmd5password = db_iconv("password", 'post', false); $unmd5password = getunencryptpass($unmd5password); if (strlen($unmd5password) < 8 || strlen($unmd5password) > 16) { $error_html_code = 7; } else { $password = md5($unmd5password); $emailadd = db_iconv("emailAddress"); $question1 = db_iconv("question1"); $answer1 = db_iconv("answer1"); $user_email_checkid = randstr(); $date = date('Y-m-d H:i:s'); $emailfind = randstr(); $mailresettoken = randstr(); $cookievalue = randstr();