www.gusucode.com > Destoon B2B仿淘宝电子商务网站 UTF8 v6.0源码程序 > destoon/mobile/forgot.php
<?php /* [Destoon B2B System] Copyright (c) 2008-2015 www.destoon.com This is NOT a freeware, use is subject to license.txt */ $moduleid = 2; require 'common.inc.php'; require DT_ROOT.'/module/'.$module.'/common.inc.php'; !$_userid or dheader('my.php?reload='.$DT_TIME); $could_email = $DT['mail_type'] == 'close' ? 0 : 1; $could_mobile = $DT['sms'] ? 1 : 0; require DT_ROOT.'/include/post.func.php'; $session = new dsession(); $head_name = $L['forgot_title']; $head_title = $head_name.$DT['seo_delimiter'].$head_title; switch($action) { case 'success': (isset($_SESSION['f_uid']) && isset($_SESSION['f_key'])) or mobile_msg($L['msg_error']); $userid = intval($_SESSION['f_uid']); $t = $db->get_one("SELECT email,mobile,vmobile,groupid FROM {$DT_PRE}member WHERE userid='$userid'"); $t or mobile_msg($L['msg_error']); if($t['groupid'] == 2) mobile_msg($L['forgot_msg_2']); if($t['groupid'] == 4) mobile_msg($L['forgot_msg_4']); if(is_email($_SESSION['f_key'])) { $email = $_SESSION['f_key']; $email == $t['email'] or mobile_msg($L['msg_error']); $type = 'email'; $head_name = $L['forgot_email_title']; $head_title = $head_name.$DT['seo_delimiter'].$head_title; } else { $mobile = $_SESSION['f_key']; ($mobile == $t['mobile'] && $t['vmobile']) or mobile_msg($L['msg_error']); $type = 'mobile'; $head_name = $L['forgot_mobile_title']; $head_title = $head_name.$DT['seo_delimiter'].$head_title; } $back_link = '?action=user&type='.$type; break; case 'send': (isset($_SESSION['f_uid']) && isset($_SESSION['f_key'])) or exit('ko'); $userid = intval($_SESSION['f_uid']); $t = $db->get_one("SELECT email,mobile,vmobile,groupid FROM {$DT_PRE}member WHERE userid='$userid'"); $t or exit('ko'); if($t['groupid'] == 2 || $t['groupid'] == 4) exit('ko'); if(is_email($_SESSION['f_key'])) { $email = $_SESSION['f_key']; $email == $t['email'] or exit('ko'); isset($_SESSION['email_send']) or $_SESSION['email_send'] = 0; isset($_SESSION['email_time']) or $_SESSION['email_time'] = 0; if($_SESSION['email_time'] && $DT_TIME - $_SESSION['email_time'] < 60) exit('ko'.($DT_TIME - $_SESSION['email_time'])); if($_SESSION['email_send'] > 9) exit('max'); $emailcode = random(6, '0123456789'); $_SESSION['email'] = $email; $_SESSION['email_code'] = md5($email.'|'.$emailcode); $_SESSION['email_time'] = $DT_TIME; $_SESSION['email_send'] = $_SESSION['email_send'] + 1; $title = $L['register_msg_emailcode']; $content = ob_template('emailcode', 'mail'); send_mail($email, $title, stripslashes($content)); exit('ok'); } else { $mobile = $_SESSION['f_key']; ($mobile == $t['mobile'] && $t['vmobile']) or exit('ko'); isset($_SESSION['mobile_send']) or $_SESSION['mobile_send'] = 0; isset($_SESSION['mobile_time']) or $_SESSION['mobile_time'] = 0; if($_SESSION['mobile_time'] && $DT_TIME - $_SESSION['mobile_time'] < 180) exit('ko'); if($_SESSION['mobile_send'] > 4) exit('max'); if(max_sms($mobile)) exit('max'); $mobilecode = random(6, '0123456789'); $_SESSION['mobile'] = $mobile; $_SESSION['mobile_code'] = md5($mobile.'|'.$mobilecode); $_SESSION['mobile_time'] = $DT_TIME; $_SESSION['mobile_send'] = $_SESSION['mobile_send'] + 1; $content = lang('sms->sms_code', array($mobilecode, $MOD['auth_days']*10)).$DT['sms_sign']; send_sms($mobile, $content); exit('ok'); } exit('ko'); break; case 'verify': isset($code) or $code = ''; preg_match("/^[0-9]{6}$/", $code) or exit('ko'); isset($password) or $password = ''; (strlen($password) >= $MOD['minpassword'] && strlen($password) <= $MOD['maxpassword']) or exit('ko'); (isset($_SESSION['f_uid']) && isset($_SESSION['f_key'])) or exit('ko'); $userid = intval($_SESSION['f_uid']); $t = $db->get_one("SELECT email,mobile,vmobile,groupid FROM {$DT_PRE}member WHERE userid='$userid'"); $t or exit('ko'); if($t['groupid'] == 2 || $t['groupid'] == 4) exit('ko'); if(is_email($_SESSION['f_key'])) { $email = $_SESSION['f_key']; $email == $t['email'] or exit('ko'); $_SESSION['email_code'] == md5($t['email'].'|'.$code) or exit('ko'); set_cookie('username', $email); } else { $mobile = $_SESSION['f_key']; ($mobile == $t['mobile'] && $t['vmobile']) or exit('ko'); $_SESSION['mobile_code'] == md5($t['mobile'].'|'.$code) or exit('ko'); set_cookie('username', $mobile); } $salt = random(8); $pass = dpassword($password, $salt); $db->query("UPDATE {$DT_PRE}member SET password='$pass',passsalt='$salt' WHERE userid='$userid'"); session_destroy(); exit('ok'); break; case 'check': isset($type) or exit('ko'); $captcha = isset($captcha) ? input_trim($captcha) : ''; $msg = captcha($captcha, 1, true); if($msg) exit('captcha'); if($type == 'mobile') { $could_mobile or exit('ko'); is_mobile($mobile) or exit('ko'); $t = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='$mobile' AND vmobile=1"); if($t) { $_SESSION['f_uid'] = $t['userid']; $_SESSION['f_key'] = $mobile; exit('ok'); } exit('no'); } else if($type == 'email') { $could_mobile or exit('ko'); is_email($email) or exit('ko'); $t = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE email='$email'"); if($t) { $_SESSION['f_uid'] = $t['userid']; $_SESSION['f_key'] = $email; exit('ok'); } exit('no'); } exit('ko'); break; case 'user': isset($type) or dheader('?reload='.$DT_TIME); if($type == 'mobile') { $could_mobile or dheader('?reload='.$DT_TIME); $head_name = $L['forgot_by_sms']; } else if($type == 'email') { $could_mobile or dheader('?reload='.$DT_TIME); $head_name = $L['forgot_by_email']; } else { dheader('?reload='.$DT_TIME); } $back_link = '?reload='.$DT_TIME; $head_title = $head_name.$DT['seo_delimiter'].$head_title; break; case 'contact': $back_link = 'forgot.php'; $head_name = $L['forgot_by_contact']; $head_title = $head_name.$DT['seo_delimiter'].$head_title; break; default: $back_link = 'login.php'; break; } $foot = ''; include template('forgot', 'mobile'); if(DT_CHARSET != 'UTF-8') toutf8(); ?>