fenglin/bbs/user_service_reset_pass.php

<?php
        require_once "../lib/common.inc.php";
        require_once "../lib/db_open.inc.php";
        require_once "../lib/passwd.inc.php";
        require_once "../lib/client_addr.inc.php";
        require_once "../lib/send_mail.inc.php";

        $data = json_decode(file_get_contents("php://input"), true);

        $username = (isset($data["username"]) ? trim($data["username"]) : "");
        $email = (isset($data["email"]) ? trim($data["email"]) : "");

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        if (!preg_match("/^[A-Za-z][A-Za-z0-9]{4,11}$/", $username))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "email",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "SELECT user_list.UID, username, temp_password, email FROM user_list
                        INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
                        WHERE user_list.enable AND username = '$username' and email = '$email'";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($row = mysqli_fetch_array($rs))
        {
                $uid = $row["UID"];
                $username = $row["username"];
                $temp_password = $row["temp_password"];
                $email = $row["email"];
        }
        else
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "用户名和邮件地址不匹配",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_free_result($rs);

        if ($temp_password == null || $temp_password == "")
        {
                $temp_password = gen_passwd(10);
        }

        $sql = "UPDATE user_list SET temp_password = '$temp_password'
                        WHERE UID = $uid";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update password error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        //Add Log
        $sql = "INSERT INTO send_pass_log(UID, dt, ip) VALUES($uid, NOW(), '" .
                        client_addr() . "')";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        //Send mail
        $from = "";
        $fromname = $BBS_name;
        $to = $email;
        $toname = $username;
        $subject = $BBS_name . "重置密码";
        $body = $username.":\n    您好！\n".
                        "    您的临时密码是：  $temp_password  （区分大小写）\n".
                        "    请访问以下链接并在登录时修改密码：\n".
                        "https://$BBS_host_name/bbs/\n\n".
                        $BBS_name . "\n" . date("Y年m月d日") . "\n";

        $ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
        if ($ret == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	sysadm	1.1	<?php
2			require_once "../lib/common.inc.php";
3			require_once "../lib/db_open.inc.php";
4			require_once "../lib/passwd.inc.php";
5			require_once "../lib/client_addr.inc.php";
6			require_once "../lib/send_mail.inc.php";
7
8			$data = json_decode(file_get_contents("php://input"), true);
9
10			$username = (isset($data["username"]) ? trim($data["username"]) : "");
11			$email = (isset($data["email"]) ? trim($data["email"]) : "");
12
13			$result_set = array(
14			"return" => array(
15			"code" => 0,
16			"message" => "",
17			"errorFields" => array(),
18			)
19			);
20
21			header("Content-Type:application/json; charset=utf-8");
22
23			// Validate input data
24			if (!preg_match("/^[A-Za-z][A-Za-z0-9]{4,11}$/", $username))
25			{
26			$result_set["return"]["code"] = -1;
27			array_push($result_set["return"]["errorFields"], array(
28			"id" => "username",
29			"errMsg" => "不符合格式要求",
30			));
31			}
32
33			if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
34			{
35			$result_set["return"]["code"] = -1;
36			array_push($result_set["return"]["errorFields"], array(
37			"id" => "email",
38			"errMsg" => "不符合格式要求",
39			));
40			}
41
42			if ($result_set["return"]["code"] != 0)
43			{
44			mysqli_close($db_conn);
45			exit(json_encode($result_set));
46			}
47
48			// Begin transaction
49			$rs = mysqli_query($db_conn, "SET autocommit=0");
50			if ($rs == false)
51			{
52			$result_set["return"]["code"] = -2;
53			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
54
55			mysqli_close($db_conn);
56			exit(json_encode($result_set));
57			}
58	sysadm	1.2
59	sysadm	1.1	$rs = mysqli_query($db_conn, "BEGIN");
60			if ($rs == false)
61			{
62			$result_set["return"]["code"] = -2;
63			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
64
65			mysqli_close($db_conn);
66			exit(json_encode($result_set));
67			}
68
69			$sql = "SELECT user_list.UID, username, temp_password, email FROM user_list
70			INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
71			WHERE user_list.enable AND username = '$username' and email = '$email'";
72
73			$rs = mysqli_query($db_conn, $sql);
74			if ($rs == false)
75			{
76			$result_set["return"]["code"] = -2;
77			$result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);
78
79			mysqli_close($db_conn);
80			exit(json_encode($result_set));
81			}
82
83			if ($row = mysqli_fetch_array($rs))
84			{
85			$uid = $row["UID"];
86			$username = $row["username"];
87			$temp_password = $row["temp_password"];
88			$email = $row["email"];
89			}
90			else
91			{
92			$result_set["return"]["code"] = -1;
93			array_push($result_set["return"]["errorFields"], array(
94			"id" => "username",
95			"errMsg" => "用户名和邮件地址不匹配",
96			));
97
98			mysqli_close($db_conn);
99			exit(json_encode($result_set));
100			}
101
102			mysqli_free_result($rs);
103
104			if ($temp_password == null \|\| $temp_password == "")
105			{
106			$temp_password = gen_passwd(10);
107			}
108
109			$sql = "UPDATE user_list SET temp_password = '$temp_password'
110			WHERE UID = $uid";
111
112			$rs = mysqli_query($db_conn, $sql);
113			if ($rs == false)
114			{
115			$result_set["return"]["code"] = -2;
116			$result_set["return"]["message"] = "Update password error: " . mysqli_error($db_conn);
117
118			mysqli_close($db_conn);
119			exit(json_encode($result_set));
120			}
121
122			//Add Log
123			$sql = "INSERT INTO send_pass_log(UID, dt, ip) VALUES($uid, NOW(), '" .
124			client_addr() . "')";
125
126			$rs = mysqli_query($db_conn, $sql);
127			if ($rs == false)
128			{
129			$result_set["return"]["code"] = -2;
130			$result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);
131
132			mysqli_close($db_conn);
133			exit(json_encode($result_set));
134			}
135
136			//Send mail
137			$from = "";
138			$fromname = $BBS_name;
139			$to = $email;
140			$toname = $username;
141			$subject = $BBS_name . "重置密码";
142			$body = $username.":\n 您好！\n".
143			" 您的临时密码是： $temp_password （区分大小写）\n".
144			" 请访问以下链接并在登录时修改密码：\n".
145			"https://$BBS_host_name/bbs/\n\n".
146			$BBS_name . "\n" . date("Y年m月d日") . "\n";
147
148			$ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
149			if ($ret == false)
150			{
151			$result_set["return"]["code"] = -2;
152			$result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);
153
154			mysqli_close($db_conn);
155			exit(json_encode($result_set));
156			}
157
158			// Commit transaction
159			$rs = mysqli_query($db_conn, "COMMIT");
160			if ($rs == false)
161			{
162			$result_set["return"]["code"] = -2;
163			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
164
165			mysqli_close($db_conn);
166			exit(json_encode($result_set));
167			}
168
169			mysqli_close($db_conn);
170			exit(json_encode($result_set));
171			?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1