function check_auth($auth) { global $db, $L; preg_match("/^[A-Z0-9]{32}\$/", $auth) or dalert($L['check_auth'], DT_PATH); $user = $db->get_one("SELECT * FROM {$db->pre}member WHERE auth='{$auth}'"); if ($user && $auth == make_auth($user['username'])) { return $user; } dalert($L['check_auth'], DT_PATH); }
if (strlen($password) > $MOD['maxpassword'] || strlen($password) < $MOD['minpassword']) { message(lang($L['member_password_len'], array($MOD['minpassword'], $MOD['minpassword']))); } if ($password != $cpassword) { message($L['member_payword_match']); } $options = array('username', 'passport', 'email', 'mobile', 'company', 'qq', 'msn', 'ali', 'skype', 'userid'); in_array($option, $options) or $option = 'username'; $r = $db->get_one("SELECT username,groupid,passsalt FROM {$DT_PRE}member WHERE email='{$email}' AND `{$option}`='{$username}'"); if ($r) { $username = $r['username']; if ($r['groupid'] == 4) { message($L['send_password_checking']); } $authvalue = dpassword($password, $r['passsalt']); $auth = make_auth($username); $db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$authvalue}',authtime='{$DT_TIME}' WHERE username='******'"); userclean($username); $authurl = $MOD['linkurl'] . 'send.php?auth=' . $auth; $title = $L['send_password_mail']; $content = ob_template('password', 'mail'); send_mail($email, $title, stripslashes($content)); dheader($MOD['linkurl'] . 'goto.php?action=password&email=' . $email); } else { message($L['send_password_error']); } } else { $head_title = $L['send_password_title']; include template('send', $module); } }