/[LeafOK_CVS]/fenglin/bbs/user_service_reset_pass.php
ViewVC logotype

Diff of /fenglin/bbs/user_service_reset_pass.php

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1 by sysadm, Wed Apr 23 06:19:24 2025 UTC Revision 1.6 by sysadm, Tue Dec 23 09:23:10 2025 UTC
# Line 21  Line 21 
21          header("Content-Type:application/json; charset=utf-8");          header("Content-Type:application/json; charset=utf-8");
22    
23          // Validate input data          // Validate input data
24          if (!preg_match("/^[A-Za-z][A-Za-z0-9]{4,11}$/", $username))          if (!preg_match("/^[A-Za-z][A-Za-z0-9_]{2,11}$/", $username))
25          {          {
26                  $result_set["return"]["code"] = -1;                  $result_set["return"]["code"] = -1;
27                  array_push($result_set["return"]["errorFields"], array(                  array_push($result_set["return"]["errorFields"], array(
# Line 55  Line 55 
55                  mysqli_close($db_conn);                  mysqli_close($db_conn);
56                  exit(json_encode($result_set));                  exit(json_encode($result_set));
57          }          }
58            
59          $rs = mysqli_query($db_conn, "BEGIN");          $rs = mysqli_query($db_conn, "BEGIN");
60          if ($rs == false)          if ($rs == false)
61          {          {
# Line 66  Line 66 
66                  exit(json_encode($result_set));                  exit(json_encode($result_set));
67          }          }
68    
69          $sql = "SELECT user_list.UID, username, temp_password, email FROM user_list          $sql = "SELECT user_list.UID, username, email FROM user_list
70                          INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID                          INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
71                          WHERE user_list.enable AND username = '$username' and email = '$email'";                          WHERE user_list.enable AND username = '$username' and email = '$email'";
72    
# Line 84  Line 84 
84          {          {
85                  $uid = $row["UID"];                  $uid = $row["UID"];
86                  $username = $row["username"];                  $username = $row["username"];
                 $temp_password = $row["temp_password"];  
87                  $email = $row["email"];                  $email = $row["email"];
88          }          }
89          else          else
# Line 101  Line 100 
100    
101          mysqli_free_result($rs);          mysqli_free_result($rs);
102    
103          if ($temp_password == null || $temp_password == "")          $temp_password = gen_passwd(10);
         {  
                 $temp_password = gen_passwd(10);  
         }  
104    
105          $sql = "UPDATE user_list SET temp_password = '$temp_password'          $sql = "UPDATE user_list SET temp_password = SHA2('$temp_password', 256)
106                          WHERE UID = $uid";                          WHERE UID = $uid";
107    
108          $rs = mysqli_query($db_conn, $sql);          $rs = mysqli_query($db_conn, $sql);
# Line 168  Line 164 
164    
165          mysqli_close($db_conn);          mysqli_close($db_conn);
166          exit(json_encode($result_set));          exit(json_encode($result_set));
 ?>  

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1