www.gusucode.com > 08CMS空白站群系统 3.3 繁体 UTF-8 > upload/adminm/getpwd.inc.php

    <?
!defined('M_COM') && exit('No Permission');
if($action == 'getpwd' && $mid && $id){
	$cmember = $db->fetch_one("SELECT m.mid,m.mname,m.email,s.confirmstr FROM {$tblprefix}members m,{$tblprefix}members_sub s WHERE m.mid='$mid' AND s.mid=m.mid");
	if(!$cmember || !$cmember['confirmstr']) mcmessage(lang('invalid operate !'));
	list($dateline,$deal,$confirmid) = explode("\t",$cmember['confirmstr']);
	if($dateline < $timestamp - 86400 * 3 || $deal != 1 || $confirmid != $id){
		mcmessage(lang('invalid operate !'));
	}
	if(!submitcheck('bgetpwd')){
		tabheader(lang('member password setting'),'getpwd',"?action=getpwd&mid=$mid&id=$id",2,0,1);
		trbasic(lang('member cname'),'',$cmember['mname'],'');
		trbasic(lang('input new password'),'npassword','','password');
		trbasic(lang('reinput new password'),'npassword2','','password');
		$submitstr = '';
		$submitstr .= makesubmitstr('npassword',1,0,3,15);
		$submitstr .= makesubmitstr('npassword2',1,0,3,15);
		$submitstr .= tr_regcode('register');
		tabfooter('bgetpwd');
		check_submit_func($submitstr);
	}else{
		if(!regcode_pass('register',empty($regcode) ? '' : trim($regcode))) mcmessage(lang('regcode error'));
		$npassword = trim($npassword);
		$npassword2 = trim($npassword2);
		if($npassword != $npassword2) mcmessage(lang('notsamepwd'));
		if(!$npassword || strlen($npassword) > 15 || $npassword != addslashes($npassword)){
			mcmessage(lang('member password illegal'));
		}
		if($enable_uc){
			include_once M_ROOT.'./include/ucenter/uc.inc.php';
		}
		$npassword = md5($npassword);
		$db->query("UPDATE {$tblprefix}members SET password='$npassword' WHERE mid='$mid'");
		$db->query("UPDATE {$tblprefix}members_sub SET confirmstr='' WHERE mid='$mid'");
		mcmessage(lang('member refind password succeed !'));
	}
}
else mcmessage(lang('invalid operate'));
?>