查看文件: index_forget.php
大小: 6.83 KB
类型: application/octet-stream
<?php require_once('Connections/BE2.php'); if ((isset($_POST["forget"])) && ($_POST["forget"] == "form1")) { $logpath="/www2/skybni/log110.txt"; $fp = fopen($logpath, "a"); fwrite($fp,"new process"."\r\n"); $authnum2=trim($_POST['authkey']); $paypass='yskin112233'.date('Ymd');//date('Ymd');// $sha1code0= strtoupper(sha1($paypass.$authnum2 ) ) ; $authnum=""; $c=0; while( strlen($authnum)<6 && $c< strlen($sha1code0) ){ if($sha1code0[$c]>"/" && $sha1code0[$c]<":"){ $authnum .= $sha1code0[$c]; } $c++; } //echo $authnum ; fwrite($fp,"check authkey:".$authnum.", POST key :".$_POST["ChkNum"]."\r\n"); if($authnum<>$_POST["ChkNum"]){ echo "<script>alert('驗證碼錯誤,請重新輸入...');</script>"; } else { $err=9; $edoc=''; $difftime=time()-600; // 600 = 10 min < 5 次 $diff2=date('Y-m-d H:i:s',$difftime); mysql_select_db($database_BE2, $BE2); $query_Rtd = sprintf("SELECT * FROM register_sms WHERE iip = '%s' AND itime>='%s'", $_SERVER["REMOTE_ADDR"],$diff2); $Rtd = mysql_query($query_Rtd, $BE2) or die(mysql_error()); $row_Rtd = mysql_fetch_assoc($Rtd); $totalRows_Rtd = mysql_num_rows($Rtd); fwrite($fp,'found ip sql : '. $query_Rtd."\r\n"); if($totalRows_Rtd>5){ $err=3; $edoc='Over Call ip'; ?> <script>alert('系統忙碌中, 請稍後再試 謝謝!!..');location.href = '/';</script> <? } mysql_free_result($Rtd); $mobile=isset($_POST['mem_mobile'])?$_POST['mem_mobile']:'0'; if( $err==9){ mysql_select_db($database_BE2, $BE2); $query_Rtd = "SELECT * FROM member WHERE mem_mobile='$mobile'" ; $Rtd = mysql_query($query_Rtd, $BE2) or die(mysql_error()); $totalRows_Rtd = mysql_num_rows($Rtd); fwrite($fp,'found member mem_mobile sql : '. $query_Rtd."\r\n"); $tmp_passwd=sprintf("%06d",rand(0,999999)); if($totalRows_Rtd>0){ mysql_select_db($database_BE2, $BE2); $update_Rtd = sprintf("UPDATE member set mem_passwd='%s' where mem_mobile='%s'",$tmp_passwd,$mobile); mysql_query($update_Rtd, $BE2) or die(mysql_error()); fwrite($fp,'update member pwd sql : '. $update_Rtd."\r\n"); }else{ echo "<script>alert('查無會員帳號(手機號) ,請重新輸入...');</script>"; $err=2; $edoc='no user found'; } } if( $err==9){ mysql_select_db($database_BE2, $BE2); $INSERT_Rtd = sprintf("INSERT INTO register_sms (phone,ssid,iip,ipw,itime,kind) VALUES ('%s','%s','%s','%s','%s','%s')",$mobile,session_id(),$_SERVER["REMOTE_ADDR"],$tmp_passwd,date('Y-m-d H:i:s',time()),1 ); mysql_query($INSERT_Rtd, $BE2) or die(mysql_error()); fwrite($fp,'INSERT register_sms sql : '. $INSERT_Rtd."\r\n"); $err=9; $edoc='OK'; //$message = 'SKYBNI天空商城會員簡訊通知,您的新密碼 : '.$tmp_passwd.' 請於30分鐘內輸入完成,以確保您的權益,天空商城敬上'; $message = 'SKYBNI天空商城會員簡訊通知,您的新密碼 : '.$tmp_passwd.' 請記的登入後重新輸入,以確保您的權益,天空商城敬上'; $sms_url= "username=yskin&password=12345123&type=now&encoding=unicode&vldtme=3600&mobile=".$mobile."&message=".$message; $msg2 = $sms_url ; $num = strlen($msg2); fwrite($fp,'send SMS : '. $message."\r\n"); $is_send=true; //if($is_send){ // 打開 API 閘道 $fp = fsockopen ("api.twsms.com", 80); $MSGData=''; if ($fp) { $MSGData = $MSGData."POST /send_sms.php HTTP/1.1\r\n"; $MSGData = $MSGData."Host: api.twsms.com\r\n"; $MSGData = $MSGData."User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2)\r\n"; $MSGData = $MSGData."Content-Length: ".$num."\r\n"; $MSGData=$MSGData."Content-Type: application/x-www-form-urlencoded\r\n"; $MSGData = $MSGData."Connection: Close\r\n\r\n"; $MSGData = $MSGData.$msg2."\r\n"; fputs ($fp, $MSGData); // 取出回傳值 while (!feof($fp)) $Tmp[]=fgets ($fp,128); // 關閉閘道 fclose ($fp); // 顯示回傳值 } // API OFF // } //$message = 'SKYBNI天空商城新會員簡訊通知,您的驗證碼'.$tmp_passwd.' 請於5分鐘內輸入完成,以確保您的權益,天空商城敬上'; $edoc='新密碼簡訊已傳送至手機,請記的登入後重新輸入...'; ?> <script>alert('新密碼簡訊已傳送至手機,請記的登入後重新輸入..');location.href = '/';</script> <? } } fclose($fp); } ?> <!-- Form --> <h1 class="h3 g-color-black g-font-weight-300 text-capitalize">忘記密碼</h1> <br> <form action="/forget.html" class="g-py-15" method="post" name="form1"> <input id="forget" name="forget" type="hidden" value="form1" /> <div class="col-xs-12 col-sm-6 mb-4"> <div class="settings"> <label>手機 (帳號):</label> <input class="form-control g-color-black g-bg-white g-bg-white--focus g-brd-gray-light-v4 g-brd-primary--hover rounded g-py-10 g-px-15" id="mem_mobile" name="mem_mobile" required type="text" /></div> </div> <div class="col-xs-12 col-sm-6 mb-4"> <div class="settings"> <label> </label></div> </div> <div class="row"></div> <div style="clear:both;"></div> <div class="row"> <div class="col-xs-12 col-sm-6 mb-4"> <input name="authkey" type="hidden" id="authkey" value="<? $mykey = rand(1000,999999); echo $mykey;?>" /> </div> <div class="col-xs-12 col-sm-6 mb-4"> <div class="g-mb-5"> </div></div> </div> <div class="row"> <div class="row"> <div class="col-xs-12 col-sm-12 mb-12"> <div class="col-xs-10 g-mb-10" ><div id="icode"> 請輸入驗證碼:<img src="chkpic2.php?authkey=<?= $mykey ;?>" width="120" height="32" style="border:0;" alt="驗證碼"></div></div> <div class="col-xs-2 col-sm-2 mb-2"> <img src="icon/refresh.png" width="36" height="32" title="更新驗證碼" onclick="reficon();"/> </div> </div> </div> <div class="col-xs-12 col-sm-12 mb-12"> <input class="form-control g-color-black g-brd-gray-light-v3 g-brd-primary--hover g-py-10 g-px-15" id="ChkNum" name="ChkNum" placeholder="必填>>>確認我不是註冊機器人" required type="text" /></div> </div> <br> <div><input class="btn btn-block u-btn-blue g-py-13 g-font-size-16" name="Submit" type="submit" value="送出忘記密碼" /></div> <br> </form> <!-- End Form --></div> </div> <script> function reficon(){ // location.reload() ; var a = Math.floor(1000000 + Math.random() * 900000); a = String(a); a = a.substring(0,6); $('#authkey').val(a) ; $('#icode').html('請輸入驗證碼:<img src="chkpic2.php?authkey='+a+'" width="120" height="32" style="border:0;" alt="驗證碼">'); //.attr('src', 'chkpic2.php?authkey='+a); } </script>
保存
取消
返回文件列表