model('utility'); if(!code_verify($_W['uniacid'], $username, $code)) { message('验证码错误', referer(), 'error'); } else { pdo_delete('uni_verifycode', array('receiver' => $username)); message('验证码正确', referer(), 'success'); } } } if($do == 'reset') { if($_W['ispost'] && $_W['isajax']) { $username = trim($_GPC['username']); $password = trim($_GPC['password']); $repassword = trim($_GPC['repassword']); if ($repassword != $password) { message('密码输入不一致', referer(), 'error'); } $sql = 'SELECT `uid`,`salt` FROM ' . tablename('mc_members') . ' WHERE `uniacid`=:uniacid'; $pars = array(); $pars[':uniacid'] = $_W['uniacid']; if(preg_match('/^\d{11}$/', $username)) { $type = 'mobile'; $sql .= ' AND `mobile`=:mobile'; $pars[':mobile'] = $username; } elseif(preg_match("/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/", $username)) { $type = 'email'; $sql .= ' AND `email`=:email'; $pars[':email'] = $username; } else { message('用户名格式不正确', referer(), 'error'); } $user = pdo_fetch($sql, $pars); if(empty($user)) { message('用户不存在', referer(), 'error'); } else { $password = md5($password . $user['salt'] . $_W['config']['setting']['authkey']); mc_update($user['uid'], array('password' => $password)); } message('找回成功', referer(), 'success'); } } template('auth/forget'); exit;