fenglin/bbs/user_service_reset_pass.php

<?php
        require_once "../lib/common.inc.php";
        require_once "../lib/db_open.inc.php";
        require_once "../lib/passwd.inc.php";
        require_once "../lib/client_addr.inc.php";
        require_once "../lib/send_mail.inc.php";

        $data = json_decode(file_get_contents("php://input"), true);

        $username = (isset($data["username"]) ? trim($data["username"]) : "");
        $email = (isset($data["email"]) ? trim($data["email"]) : "");

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        if (!preg_match("/^[A-Za-z][A-Za-z0-9_]{2,11}$/", $username))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "email",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "SELECT user_list.UID, username, email FROM user_list
                        INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
                        WHERE user_list.enable AND username = '$username' and email = '$email'";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($row = mysqli_fetch_array($rs))
        {
                $uid = $row["UID"];
                $username = $row["username"];
                $email = $row["email"];
        }
        else
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "用户名和邮件地址不匹配",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_free_result($rs);

        $temp_password = gen_passwd(10);

        $sql = "UPDATE user_list SET temp_password = SHA2('$temp_password', 256)
                        WHERE UID = $uid";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update password error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        //Add Log
        $sql = "INSERT INTO send_pass_log(UID, dt, ip) VALUES($uid, NOW(), '" .
                        client_addr() . "')";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        //Send mail
        $from = "";
        $fromname = $BBS_name;
        $to = $email;
        $toname = $username;
        $subject = $BBS_name . "重置密码";
        $body = $username.":\n    您好！\n".
                        "    您的临时密码是：  $temp_password  （区分大小写）\n".
                        "    请访问以下链接并在登录时修改密码：\n".
                        "https://$BBS_host_name/bbs/\n\n".
                        $BBS_name . "\n" . date("Y年m月d日") . "\n";

        $ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
        if ($ret == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $rs = mysqli_query($db_conn, "SET autocommit=1");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if (send_mail_do($db_conn) < 0)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Send mail error";

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
1	<?php
2	require_once "../lib/common.inc.php";
3	require_once "../lib/db_open.inc.php";
4	require_once "../lib/passwd.inc.php";
5	require_once "../lib/client_addr.inc.php";
6	require_once "../lib/send_mail.inc.php";
7
8	$data = json_decode(file_get_contents("php://input"), true);
9
10	$username = (isset($data["username"]) ? trim($data["username"]) : "");
11	$email = (isset($data["email"]) ? trim($data["email"]) : "");
12
13	$result_set = array(
14	"return" => array(
15	"code" => 0,
16	"message" => "",
17	"errorFields" => array(),
18	)
19	);
20
21	header("Content-Type:application/json; charset=utf-8");
22
23	// Validate input data
24	if (!preg_match("/^[A-Za-z][A-Za-z0-9_]{2,11}$/", $username))
25	{
26	$result_set["return"]["code"] = -1;
27	array_push($result_set["return"]["errorFields"], array(
28	"id" => "username",
29	"errMsg" => "不符合格式要求",
30	));
31	}
32
33	if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
34	{
35	$result_set["return"]["code"] = -1;
36	array_push($result_set["return"]["errorFields"], array(
37	"id" => "email",
38	"errMsg" => "不符合格式要求",
39	));
40	}
41
42	if ($result_set["return"]["code"] != 0)
43	{
44	mysqli_close($db_conn);
45	exit(json_encode($result_set));
46	}
47
48	// Begin transaction
49	$rs = mysqli_query($db_conn, "SET autocommit=0");
50	if ($rs == false)
51	{
52	$result_set["return"]["code"] = -2;
53	$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
54
55	mysqli_close($db_conn);
56	exit(json_encode($result_set));
57	}
58
59	$rs = mysqli_query($db_conn, "BEGIN");
60	if ($rs == false)
61	{
62	$result_set["return"]["code"] = -2;
63	$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
64
65	mysqli_close($db_conn);
66	exit(json_encode($result_set));
67	}
68
69	$sql = "SELECT user_list.UID, username, email FROM user_list
70	INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
71	WHERE user_list.enable AND username = '$username' and email = '$email'";
72
73	$rs = mysqli_query($db_conn, $sql);
74	if ($rs == false)
75	{
76	$result_set["return"]["code"] = -2;
77	$result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);
78
79	mysqli_close($db_conn);
80	exit(json_encode($result_set));
81	}
82
83	if ($row = mysqli_fetch_array($rs))
84	{
85	$uid = $row["UID"];
86	$username = $row["username"];
87	$email = $row["email"];
88	}
89	else
90	{
91	$result_set["return"]["code"] = -1;
92	array_push($result_set["return"]["errorFields"], array(
93	"id" => "username",
94	"errMsg" => "用户名和邮件地址不匹配",
95	));
96
97	mysqli_close($db_conn);
98	exit(json_encode($result_set));
99	}
100
101	mysqli_free_result($rs);
102
103	$temp_password = gen_passwd(10);
104
105	$sql = "UPDATE user_list SET temp_password = SHA2('$temp_password', 256)
106	WHERE UID = $uid";
107
108	$rs = mysqli_query($db_conn, $sql);
109	if ($rs == false)
110	{
111	$result_set["return"]["code"] = -2;
112	$result_set["return"]["message"] = "Update password error: " . mysqli_error($db_conn);
113
114	mysqli_close($db_conn);
115	exit(json_encode($result_set));
116	}
117
118	//Add Log
119	$sql = "INSERT INTO send_pass_log(UID, dt, ip) VALUES($uid, NOW(), '" .
120	client_addr() . "')";
121
122	$rs = mysqli_query($db_conn, $sql);
123	if ($rs == false)
124	{
125	$result_set["return"]["code"] = -2;
126	$result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);
127
128	mysqli_close($db_conn);
129	exit(json_encode($result_set));
130	}
131
132	//Send mail
133	$from = "";
134	$fromname = $BBS_name;
135	$to = $email;
136	$toname = $username;
137	$subject = $BBS_name . "重置密码";
138	$body = $username.":\n 您好！\n".
139	" 您的临时密码是： $temp_password （区分大小写）\n".
140	" 请访问以下链接并在登录时修改密码：\n".
141	"https://$BBS_host_name/bbs/\n\n".
142	$BBS_name . "\n" . date("Y年m月d日") . "\n";
143
144	$ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
145	if ($ret == false)
146	{
147	$result_set["return"]["code"] = -2;
148	$result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);
149
150	mysqli_close($db_conn);
151	exit(json_encode($result_set));
152	}
153
154	// Commit transaction
155	$rs = mysqli_query($db_conn, "COMMIT");
156	if ($rs == false)
157	{
158	$result_set["return"]["code"] = -2;
159	$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
160
161	mysqli_close($db_conn);
162	exit(json_encode($result_set));
163	}
164
165	$rs = mysqli_query($db_conn, "SET autocommit=1");
166	if ($rs == false)
167	{
168	$result_set["return"]["code"] = -2;
169	$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
170
171	mysqli_close($db_conn);
172	exit(json_encode($result_set));
173	}
174
175	if (send_mail_do($db_conn) < 0)
176	{
177	$result_set["return"]["code"] = -2;
178	$result_set["return"]["message"] = "Send mail error";
179
180	mysqli_close($db_conn);
181	exit(json_encode($result_set));
182	}
183
184	mysqli_close($db_conn);
185	exit(json_encode($result_set));
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1