www.gusucode.com > 08CMS空白站群系统 3.3 繁体 UTF-8 > upload/adminm/lostpwd.inc.php

    <?
!defined('M_COM') && exit('No Permission');
$forward = empty($forward) ? M_REFERER : $forward;
$forwardstr = '&forward='.rawurlencode($forward);
if(!submitcheck('blostpwd')){
	tabheader(lang('member refind password'),'lostpwd',"?action=lostpwd$forwardstr",2,0,1);
	trbasic(lang('member cname'),'mname');
	trbasic(lang('member email'),'email');
	$submitstr = '';
	$submitstr .= makesubmitstr('mname',1,0,0,15);
	$submitstr .= makesubmitstr('email',1,'email',0,80);
	$submitstr .= tr_regcode('register');
	tabfooter('blostpwd');
	check_submit_func($submitstr);
}else{
	if(!regcode_pass('register',empty($regcode) ? '' : trim($regcode))) mcmessage(lang('regcode error'));
	$mname = trim($mname);
	$email = trim($email);
	if(strlen($mname) < 3 || strlen($mname) > 15) mcmessage(lang('member cname length illegal'));
	$guestexp = '\xA1\xA1|^Guest|^\xD3\xCE\xBF\xCD|\xB9\x43\xAB\xC8';
	if(preg_match("/^\s*$|^c:\\con\\con$|[%,\*\"\s\t\<\>\&]|$guestexp/is",$mname)){
		mcmessage(lang('member cname illegal'));
	}
	if(!$email || !isemail($email)) mcmessage(lang('member email illegal'));
	$cmember = $db->fetch_one("SELECT mid,mname,email FROM {$tblprefix}members WHERE mname='$mname' AND email='$email'");
	if(!$cmember) mcmessage(lang('pointed member noexist or email error !'));
	$actuser = new cls_userinfo;
	$actuser->activeuser($cmember['mid']);
	if($actuser->isadmin()) mcmessage(lang('administrator cannot use this function !'));
	unset($actuser);
	$confirmid = random(6);
	$confirmstr = "$timestamp\t1\t$confirmid";
	$db->query("UPDATE {$tblprefix}members_sub SET confirmstr='$confirmstr' WHERE mid='$cmember[mid]'");
	mailto("$mname <$email>",'member_getpwd_subject','member_getpwd_content',array('mid' => $cmember['mid'],'mname' => $mname,'confirmid' => $confirmid,'onlineip' => $onlineip));
	mcmessage(lang('lostpwd_send'),$forward);

}
?>