Exemplo n.º 1
0
<?php

//fix
defined("ZHANGXUAN") or die("no hacker.");
@session_start();
$pwdfinderrorid = -1;
//1验证码错误,2用户不存在4输入错误,3信息与数据库中的不一样,5用户名存在非法字符,用户名仅允许使用中文、数字、字母、下划线,6发送邮件失败
if (check_data('letters_code') && md5(strtolower($_POST["letters_code"])) == $_SESSION['letters_code']) {
    //验证码正确才能继续搞啊
    if (check_data('firstName') && check_data('email') && check_data('question1') && check_data('answer1')) {
        //要有数据啊
        if (checkzhongwenzimushuzixiahuaxian($_POST["firstName"]) && checkquestionvalue($_POST['question1']) && valid_email($_POST["email"])) {
            $user = db_iconv("firstName", 'post', true, true);
            $emailadd = db_iconv("email");
            $question1 = db_iconv("question1");
            $answer1 = db_iconv("answer1");
            $emailfind = randstr();
            $sql = "SELECT * FROM `users` WHERE `user_name`='{$user}'";
            $rowuserdata = queryRow($sql);
            if ($rowuserdata) {
                if ($rowuserdata['user_email'] == $emailadd && $rowuserdata['user_question'] == $question1 && $rowuserdata['user_answer'] == $answer1) {
                    $userid = $rowuserdata['user_id'];
                    $sql = "UPDATE `users` SET `user_email_find_code`='{$emailfind}',`user_email_find_mode`='1' WHERE `user_id`='{$userid}'";
                    update($sql);
                    $findurl = SITEHOST . "findpwdmail.php?userid={$userid}&pwdcheckid={$emailfind}";
                    $mailtxt = "本邮件为系统自动发送,您正在申请重置您账号的密码<br><br>" . "您的用户名为:{$user}<br><br>" . "您的用户ID为:{$userid}<br><br>" . "您的邮箱地址为:{$emailadd}<br><br>" . "您还需要最后一步,点击以下链接,前往密码重置页面重置您的密码。<br><br>" . "<a href='{$findurl}' target='_blank'>{$findurl}</a><br><br>" . "如果这不是您操作的,请忽略本邮件,绝对不要点击以上链接。<br><br>" . "本邮件为自动发送,请不要回复,因为没人会看的。<br><br>" . "竹井詩織里<br><br>" . date('Y-m-d');
                    $pwdfinderrorid = send_mail('战网安全令在线版重置密码链接邮件', $mailtxt, $emailadd, 0, 6);
                } else {
                    $pwdfinderrorid = 3;
                }
            } else {
Exemplo n.º 2
0
$questionid[83] = "您就读的第一所小学名称是?";
$questionid[84] = "您的初恋情人叫什么名字?";
$questionid[85] = "您驾照的末四位是什么?";
$questionid[86] = "您母亲的姓名叫什么?";
$questionid[87] = "您母亲的生日是哪一天?";
$questionid[88] = "您父亲的生日是哪一天?";
session_start();
$registercheck = 0;
$registersuccesslogin = 0;
$registererrid = 0;
//1注册码错误,2用户名重复,3邮件格式错误,4输入错误,用户名包含非法字符
if (check_data("letters_code") && md5(strtolower($_POST["letters_code"])) == $_SESSION['letters_code']) {
    //验证码正确才能继续搞啊
    if (check_data("username") && check_data("password") && check_data("emailAddress") && check_data("question1") && check_data("answer1") && $_POST['rePassword'] === $_POST['password']) {
        //要有数据啊
        if (checkzhongwenzimushuzixiahuaxian($_POST["username"]) && checkquestionvalue($_POST['question1']) && valid_email($_POST["emailAddress"])) {
            $user = db_iconv("username", 'post', true, true);
            $unmd5password = db_iconv("password", 'post', false);
            $unmd5password = getunencryptpass($unmd5password);
            if (strlen($unmd5password) < 8 || strlen($unmd5password) > 16) {
                $error_html_code = 7;
            } else {
                $password = md5($unmd5password);
                $emailadd = db_iconv("emailAddress");
                $question1 = db_iconv("question1");
                $answer1 = db_iconv("answer1");
                $user_email_checkid = randstr();
                $date = date('Y-m-d H:i:s');
                $emailfind = randstr();
                $mailresettoken = randstr();
                $cookievalue = randstr();