Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 12 additions & 5 deletions apps/home/controller/MemberController.php
Original file line number Diff line number Diff line change
Expand Up @@ -265,27 +265,31 @@ public function retrieve(){
// 验证码验证
$checkcode = strtolower(post('checkcode', 'var'));
$email = post('email');
$retrieve_email = strtolower(trim($email));
$username = post('username');
$password = post('password');
if (! $checkcode) {
alert_back('验证码不能为空!');
}
if ($checkcode != session('checkcode')) {
$retrieve_checkcode = session('retrieve_checkcode');
$session_retrieve_email = session('retrieve_email');
if (! $retrieve_checkcode || ! $session_retrieve_email || $checkcode != $retrieve_checkcode || $retrieve_email != $session_retrieve_email) {
alert_back('验证码错误!');
}
$where = ['username' => $username];
$userInfo = object_to_array($this->model->checkUsername($where));
if(!$userInfo){
alert_back('该用户不存在!');
}
if(!empty($userInfo['useremail']) && $userInfo['useremail'] != $email){
if(empty($userInfo['useremail']) || strcasecmp($userInfo['useremail'], $email) !== 0){
alert_back('与注册邮箱不匹配,请联系管理员!');
}
$data = [
'useremail' => $email,
'password' => md5(md5($password))
];
$this->model->updatePassword($where,$data);
unset($_SESSION['retrieve_checkcode']);
unset($_SESSION['retrieve_email']);
alert_location('修改成功!', Url::home('member/login'), 1);
} else {
$content = parent::parser($this->htmldir . 'member/retrieve.html'); // 框架标签解析
Expand Down Expand Up @@ -499,7 +503,10 @@ public function sendEmail()
session('lastsend', time()); // 记录最后提交时间
$mail_subject = "【" . CMSNAME . "】您有新的验证码信息,请注意查收!";
$code = create_code(4);
session('checkcode', strtolower($code));
session($retrieve ? 'retrieve_checkcode' : 'checkcode', strtolower($code));
if ($retrieve) {
session('retrieve_email', strtolower(trim($to)));
}
$mail_body = "您的验证码为:" . $code;
$mail_body .= '<br>来自网站 ' . get_http_url() . ' (' . date('Y-m-d H:i:s') . ')';
$rs = sendmail($this->config(), $to, $mail_subject, $mail_body);
Expand Down Expand Up @@ -562,4 +569,4 @@ public function _empty()
{
_404('您访问的地址不存在,请核对再试!');
}
}
}