www.gusucode.com > 08CMS空白站群系统 3.3 繁体 UTF-8 > upload/adminm/lostpwd.inc.php
<? !defined('M_COM') && exit('No Permission'); $forward = empty($forward) ? M_REFERER : $forward; $forwardstr = '&forward='.rawurlencode($forward); if(!submitcheck('blostpwd')){ tabheader(lang('member refind password'),'lostpwd',"?action=lostpwd$forwardstr",2,0,1); trbasic(lang('member cname'),'mname'); trbasic(lang('member email'),'email'); $submitstr = ''; $submitstr .= makesubmitstr('mname',1,0,0,15); $submitstr .= makesubmitstr('email',1,'email',0,80); $submitstr .= tr_regcode('register'); tabfooter('blostpwd'); check_submit_func($submitstr); }else{ if(!regcode_pass('register',empty($regcode) ? '' : trim($regcode))) mcmessage(lang('regcode error')); $mname = trim($mname); $email = trim($email); if(strlen($mname) < 3 || strlen($mname) > 15) mcmessage(lang('member cname length illegal')); $guestexp = '\xA1\xA1|^Guest|^\xD3\xCE\xBF\xCD|\xB9\x43\xAB\xC8'; if(preg_match("/^\s*$|^c:\\con\\con$|[%,\*\"\s\t\<\>\&]|$guestexp/is",$mname)){ mcmessage(lang('member cname illegal')); } if(!$email || !isemail($email)) mcmessage(lang('member email illegal')); $cmember = $db->fetch_one("SELECT mid,mname,email FROM {$tblprefix}members WHERE mname='$mname' AND email='$email'"); if(!$cmember) mcmessage(lang('pointed member noexist or email error !')); $actuser = new cls_userinfo; $actuser->activeuser($cmember['mid']); if($actuser->isadmin()) mcmessage(lang('administrator cannot use this function !')); unset($actuser); $confirmid = random(6); $confirmstr = "$timestamp\t1\t$confirmid"; $db->query("UPDATE {$tblprefix}members_sub SET confirmstr='$confirmstr' WHERE mid='$cmember[mid]'"); mailto("$mname <$email>",'member_getpwd_subject','member_getpwd_content',array('mid' => $cmember['mid'],'mname' => $mname,'confirmid' => $confirmid,'onlineip' => $onlineip)); mcmessage(lang('lostpwd_send'),$forward); } ?>