Пример #1
0
function ResetPass()
{
    global $msql, $SiteUrl;
    global $strLostpassNtc1, $strLostpassNtc2, $strLostpassNtc3, $strLostpassNtc4, $strLostpassNtc5;
    global $strLostpassNtc6, $strLostpassNtc7, $strLostpassNtc8, $strLostpassNtc9;
    $coltitle = $GLOBALS["PLUSVARS"]["coltitle"];
    $tempname = $GLOBALS["PLUSVARS"]["tempname"];
    $Temp = LoadTemp($tempname);
    $step = $_REQUEST["step"];
    if ($step == "checkmail") {
        $codestr = $_GET["codestr"];
        $username = $_GET["username"];
        $tm = $_GET["tm"];
        if (!isset($_COOKIE["NEWPASSWD"]) || $_COOKIE["NEWPASSWD"] == "") {
            $PageMain = err($strLostpassNtc7, "lostpass.php", "");
            return $PageMain;
        }
        $md5 = md5($username . "Z(o)C~LoSbZ8Tj7MvBAs(8)!nn^Lp^12345^Pm" . $_COOKIE["NEWPASSWD"] . $tm);
        if ($md5 == $codestr) {
            $mdpass = md5($_COOKIE["NEWPASSWD"]);
            $msql->query("update {P}_member set password='******' where user='******'");
            $PageMain = SayOk($strLostpassNtc8, "login.php", "");
            return $PageMain;
        } else {
            $PageMain = err($strLostpassNtc9, "lostpass.php", "");
            return $PageMain;
        }
    } elseif ($step == "2") {
        $username = $_POST["username"];
        $newpass = $_POST["newpass"];
        if (!isset($username) || $username == "" || $newpass == "") {
            $str = err($strLostpassNtc1, "", "");
            return $str;
        } else {
            $msql->query("select email from {P}_member where user='******'");
            if ($msql->next_record()) {
                $email = $msql->f('email');
                $tm = time();
                setCookie("NEWPASSWD", $newpass, time() + 7200);
                $md5 = md5($username . "Z(o)C~LoSbZ8Tj7MvBAs(8)!nn^Lp^12345^Pm" . $newpass . $tm);
                $link = $SiteUrl . "lostpass.php?step=checkmail&username="******"&codestr=" . $md5 . "&tm=" . $tm;
                $message = $username . $strLostpassNtc2 . "\r\n \r\n" . $strLostpassNtc3 . "\r\n \r\n" . $link . "\r\n \r\n" . $GLOBALS["CONF"]["SiteName"] . "\r\n" . $GLOBALS["CONF"]["SiteHttp"];
                include ROOTPATH . "includes/ebmail.inc.php";
                ebmail($email, $GLOBALS["CONF"]["SiteEmail"], $strLostpassNtc4, $message);
                $str = SayOk($strLostpassNtc5 . "<br><br>" . $email, "", "");
                return $str;
            } else {
                $str = err($strLostpassNtc6, "", "");
                return $str;
            }
        }
    } else {
        $var = array('coltitle' => $coltitle);
        $str = ShowTplTemp($Temp, $var);
        return $str;
    }
}
Пример #2
0
 $msql->query("insert into {P}_member set\r\n\r\n\t\t   membertypeid='{$membertypeid}',\r\n\t\t   membergroupid='{$membergroupid}',\r\n\t\t   user='******',\r\n\t\t   password='******',\r\n\t\t   email='{$email}',\r\n\t\t   pname='{$user}',\r\n\t\t   signature='{$signature}',\r\n\t\t   nowface='1',\r\n\t\t   checked='{$ifchecked}',\r\n\t\t   regtime='{$regtime}',\r\n\t\t   exptime='{$exptime}',\r\n\t\t   ip='{$ip}',\r\n\t\t   logincount='1',\r\n\t\t   logintime='{$regtime}',\r\n\t\t   loginip='{$ip}'\r\n\t\t");
 $memberid = $msql->instid();
 $msql->query("delete from {P}_member_rights where memberid='{$memberid}'");
 $msql->query("select * from {P}_member_defaultrights where membertypeid='{$membertypeid}'");
 while ($msql->next_record()) {
     $secureid = $msql->f("secureid");
     $securetype = $msql->f("securetype");
     $secureset = $msql->f("secureset");
     $fsql->query("insert into {P}_member_rights values(\r\n\t\t\t0,\r\n\t\t   '{$memberid}',\r\n\t\t   '{$secureid}',\r\n\t\t   '{$securetype}',\r\n\t\t   '{$secureset}'\r\n\t\t\t)");
 }
 membercentupdate($memberid, "111");
 $regmail = str_replace("{#user#}", $user, $regmail);
 $regmail = str_replace("{#password#}", $password, $regmail);
 $msql->query("insert into {P}_member_msn set\r\n\t\t\t`body`='{$regmail}',\r\n\t\t\t`tomemberid`='{$memberid}',\r\n\t\t\t`frommemberid`='0',\r\n\t\t\t`dtime`='{$regtime}',\r\n\t\t\t`iflook`='0'\r\n\t\t");
 include ROOTPATH . "includes/ebmail.inc.php";
 ebmail($email, $GLOBALS['CONF']['SiteEmail'], $membertype . $strRegNotice11, $regmail);
 $fsql->query("select * from {P}_member_rights where memberid='{$memberid}' and securetype='con'");
 if ($fsql->next_record()) {
     $consecure = $fsql->f("secureset");
 }
 $md5 = md5($user . "76|01|14" . $memberid . $membertype . $consecure);
 setcookie("MUSER", $user);
 setcookie("MEMBERPNAME", $user);
 setcookie("MEMBERID", $memberid);
 setcookie("MEMBERTYPE", $membertype);
 setcookie("MEMBERTYPEID", $membertypeid);
 setcookie("ZC", $md5);
 setcookie("SE", $consecure);
 if ($GLOBALS['MEMBERCONF']['UC_OPEN'] == "1") {
     $uid = uc_user_register($user, $password, $email);
     if ($uid <= 0) {