function _do_register($username, $password, $email) { $user = array('username' => $username, 'password' => 'FAKE_PASSWORD', 'email' => $email); $uid = DB::insert('member', $user); $user['uid'] = $uid; $password = Widget_Password::encrypt($user, $password); DB::query("UPDATE member SET password='******' WHERE uid='{$uid}'"); DB::insert('member_setting', array('uid' => $uid, 'cookie' => '')); HOOK::run('register_user', true, $user); CACHE::update('username'); CACHE::save('user_setting_' . $uid, ''); return $uid; }
} elseif ($_GET['action'] == 'find_password') { if ($_GET['token']) { $str = authcode($_GET['token'], 'DECODE'); if (!$str) { showmessage('链接有误,请重新获取', './'); } list($uid, $exptime, $password, $random) = explode("\t", $str); if ($exptime < TIMESTAMP) { showmessage('链接已过期,请重新获取', './'); } $user = DB::fetch_first("SELECT * FROM member WHERE uid='{$uid}' AND password='******'"); if (!$user) { showmessage('链接已经失效,请重新获取', './'); } $new_password = random(10); $newpassword = Widget_Password::encrypt($user, $new_password); DB::update('member', array('password' => $newpassword), "uid='{$uid}'"); showmessage("您的密码已经重置为:<br>{$new_password}<br><br>请使用新密码登录并修改密码。"); } elseif ($_POST['username'] && $_POST['email']) { $username = daddslashes($_POST['username']); $email = daddslashes($_POST['email']); $user = DB::fetch_first("SELECT * FROM member WHERE username='******' AND email='{$email}'"); if (!$user) { showmessage('用户名 / 邮箱有误', './'); } $info = array($user['uid'], TIMESTAMP + 3600, $user['password'], random(32)); $token = urlencode(authcode(implode("\t", $info), 'ENCODE')); $link = "{$siteurl}member.php?action=find_password&token={$token}"; $message = <<<EOF <p>我们已经收到您的找回密码申请,请您点击下方的链接重新设置密码:</p> <blockquote><a href="{$link}">{$link}</a></blockquote>
break; } $user = DB::fetch_first("SELECT * FROM member WHERE uid='{$uid}'"); if (!$_POST['old_password']) { showmessage('请输入旧密码', './#setting', 1); } if (!$_POST['new_password']) { showmessage('请输入新密码', './#setting', 1); } if ($_POST['new_password'] != $_POST['new_password2']) { showmessage('两次输入的新密码不一样,请检查', './#setting', 1); } if (!Widget_Password::verify($user, $_POST['old_password'])) { showmessage('旧密码错误!请检查输入', './#setting', 1); } $newpassword = Widget_Password::encrypt($user, $_POST['new_password']); DB::update('member', array('password' => $newpassword), "uid='{$uid}'"); HOOK::run('change_password', true, $uid); showmessage('您的密码已经更新', './#setting', 1); break; case 'reset_failure': if ($formhash != $_GET['formhash']) { showmessage('请稍候...', '?action=reset_failure&formhash=' . $formhash, 0); } $date = date('Ymd'); DB::query("UPDATE sign_log SET status='0', retry='0' WHERE uid='{$uid}' AND date='{$date}' AND status<0"); showmessage('已经重置失败状态,稍后系统将自动重试', './#signlog', 1); break; case 'refresh_liked_tieba': if ($formhash != $_GET['formhash']) { showmessage('刷新中,请稍候...', '?action=refresh_liked_tieba&formhash=' . $formhash, 0);