--- fenglin/bbs/user_service_reg.php	2025/04/27 04:32:05	1.3
+++ fenglin/bbs/user_service_reg.php	2025/12/24 06:56:17	1.7
@@ -34,7 +34,7 @@
 	header("Content-Type:application/json; charset=utf-8");
 
 	// Validate input data
-	if (!preg_match("/^[A-Za-z][A-Za-z0-9]{4,11}$/", $username))
+	if (!preg_match("/^[A-Za-z][A-Za-z0-9_]{4,11}$/", $username))
 	{
 		$result_set["return"]["code"] = -1;
 		array_push($result_set["return"]["errorFields"], array(
@@ -246,7 +246,7 @@
 	// Create new user
 	$temp_password = gen_passwd(10);
 
-	$sql = "INSERT INTO user_list(username, temp_password) values('$username', '$temp_password')";
+	$sql = "INSERT INTO user_list(username, temp_password) values('$username', SHA2('$temp_password', 256))";
 
 	$rs = mysqli_query($db_conn, $sql);
 	if ($rs == false)
@@ -336,6 +336,24 @@
 
 	$_SESSION["BBS_vn_str"] = "";
 
+	$rs = mysqli_query($db_conn, "SET autocommit=1");
+	if ($rs == false)
+	{
+		$result_set["return"]["code"] = -2;
+		$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
+
+		mysqli_close($db_conn);
+		exit(json_encode($result_set));
+	}
+
+	if (send_mail_do($db_conn) < 0)
+	{
+		$result_set["return"]["code"] = -2;
+		$result_set["return"]["message"] = "User created, but send mail error";
+
+		mysqli_close($db_conn);
+		exit(json_encode($result_set));
+	}
+
 	mysqli_close($db_conn);
 	exit(json_encode($result_set));
-?>