www.gusucode.com > 08CMS空白站群系统 3.3 繁体 UTF-8 > upload/adminm/getpwd.inc.php
<? !defined('M_COM') && exit('No Permission'); if($action == 'getpwd' && $mid && $id){ $cmember = $db->fetch_one("SELECT m.mid,m.mname,m.email,s.confirmstr FROM {$tblprefix}members m,{$tblprefix}members_sub s WHERE m.mid='$mid' AND s.mid=m.mid"); if(!$cmember || !$cmember['confirmstr']) mcmessage(lang('invalid operate !')); list($dateline,$deal,$confirmid) = explode("\t",$cmember['confirmstr']); if($dateline < $timestamp - 86400 * 3 || $deal != 1 || $confirmid != $id){ mcmessage(lang('invalid operate !')); } if(!submitcheck('bgetpwd')){ tabheader(lang('member password setting'),'getpwd',"?action=getpwd&mid=$mid&id=$id",2,0,1); trbasic(lang('member cname'),'',$cmember['mname'],''); trbasic(lang('input new password'),'npassword','','password'); trbasic(lang('reinput new password'),'npassword2','','password'); $submitstr = ''; $submitstr .= makesubmitstr('npassword',1,0,3,15); $submitstr .= makesubmitstr('npassword2',1,0,3,15); $submitstr .= tr_regcode('register'); tabfooter('bgetpwd'); check_submit_func($submitstr); }else{ if(!regcode_pass('register',empty($regcode) ? '' : trim($regcode))) mcmessage(lang('regcode error')); $npassword = trim($npassword); $npassword2 = trim($npassword2); if($npassword != $npassword2) mcmessage(lang('notsamepwd')); if(!$npassword || strlen($npassword) > 15 || $npassword != addslashes($npassword)){ mcmessage(lang('member password illegal')); } if($enable_uc){ include_once M_ROOT.'./include/ucenter/uc.inc.php'; } $npassword = md5($npassword); $db->query("UPDATE {$tblprefix}members SET password='$npassword' WHERE mid='$mid'"); $db->query("UPDATE {$tblprefix}members_sub SET confirmstr='' WHERE mid='$mid'"); mcmessage(lang('member refind password succeed !')); } } else mcmessage(lang('invalid operate')); ?>