html_login_fns.php
function display_findpwd_form(){
?>
<div id=wp>
<div id="resetpwd">
<form action="" method="post">
<p>
<input class="inputtext" id="inputtext" type="text" name="uid" placeholder="会员账号"
autofocus required>
</p>
<p id="sbp">
<input class="button" type="submit" name="submit" value="提交">
</p>
</form>
</div>
</div>
<?php
}
function display_resetpwd2_form(){
?>
<div id=wp>
<div id="resetpwd">
<form action="" method="post">
<p>
<input class="inputtext" id="inputtext" type="text" name="password" placeholder="输入新密码"
autofocus required>
</p>
<p id="sbp">
<input class="button" type="submit" name="submit" value="提交">
</p>
</form>
</div>
</div>
<?php
}
?>
header.php
<?php
/**
* header
* 2014-7-16
*
*/
?>
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="html/style.css" />
<title><?php get_title(); ?></title>
</head>
<body>
<div id="header">
<div id="logo"><a href="?action=index"><img src="html/images/logo.png" alt="logo" /></a></div>
<div id="nav">
<ul>
<?php
if (@$_SESSION['uid']){
echo '<li><a href="?file=member">'.$_SESSION['username'].'</a></li>';
echo '<li><a href="?file=member&action=logout">退出</a></li>';
}
else {
echo'<li><a href="?file=member & action=login">登录</a></li>
<li><a href="?file=member & action=register">注册</a></li>';
}
?>
</ul>
</div>
</div>
footer.php
<div class="copy">© 2014</div>
</body>
</html>
findpwd.php
<?php
if (!defined('IN_BLOG')){
echo "access violations";
echo '<META HTTP-EQUIV="Refresh" CONTENT="1;URL=http://'.$_SERVER['HTTP_HOST'].'">';
exit();
}
get_paper('header');
if (isset($_SESSION[username])){
if (isset($_POST['submit'])){
findpwd($_POST['password']);
}
else {
display_resetpwd2_form();
}
}
elseif (isset($_GET['p'])){
valid_resetpwd_url($_GET['p']);
}
elseif (isset($_POST['submit'])){
mailto($_POST['uid']);
}
else {
display_findpwd_form();
}
get_paper('footer');
?>
member_fns.php
function mailto($username){
$username=str_replace(" ", "" ,$username); //删除空格
valid_name($username);
$dsn='mysql:host='.DB_HOST.';'.'dbname='.DB_NAME;
$pdo=new PDO($dsn,DB_USER,DB_PASSWORD);
$sql="SELECT password,email FROM members WHERE username='$username'";
$pdo->query('set names utf8');
$query=$pdo->query($sql);
$row=$query->fetch();
$url=base64_encode ($username.".".$row['password']);
$url="http://".$_SERVER['HTTP_HOST']."/?file=member&action=findpwd&p=".$url;
$body="亲爱的用户".$username."您好!<br/><br/>您收到这封这封电子邮件是因为您
(也可能是某人冒充您的名义) 申请了一个新的密码。假如这不是您本人所申请, 请不用理会这封电子邮件。<br/>
<a href=".$url.">".$url."</a><br/><br/>
(如果无法点击该URL链接地址,请将它复制并粘帖到浏览器的地址输入框,
然后单击回车即可。该链接使用后将立即失效。)。<br/><br/>此邮件为系统邮件,请勿直接回复。";
include 'mail/mail_config.php';
$mail->addAddress($row['email']); // Add a recipient
$mail->Subject = '重置密码';
$mail->Body = $body;
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';
if(!$mail->send()) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
} else {
echo '<script language="javascript">alert("重置密码连接已发至您的邮箱'.$row['email'].'")</script>';
}
}
function valid_resetpwd_url($url){
$url=base64_decode($url);
$arr=explode(".", $url);
$dsn='mysql:host='.DB_HOST.';'.'dbname='.DB_NAME;
$pdo=new PDO($dsn,DB_USER,DB_PASSWORD);
$sql="SELECT password FROM members WHERE username='$arr[0]'";
$pdo->query('set names utf8');
$query=$pdo->query($sql);
$row=$query->fetch();
$pass=$row[password]?$arr[1]==$row[password]:FALSE;
if ($pass){
$_SESSION[username]=$arr[0];
header("Location: ?file=member&action=findpwd");
}
}
function findpwd($pwd){
$pwd=md5($pwd);
$dsn='mysql:host='.DB_HOST.';'.'dbname='.DB_NAME;
$pdo=new PDO($dsn,DB_USER,DB_PASSWORD);
$sql="UPDATE members SET password='$pwd' WHERE username='$_SESSION[username]'";
$ex=$pdo->exec($sql) or die(print_r($pdo->errorInfo(),true));
if($ex){
session_destroy();
exit ('<script language="javascript">alert("密码已修改。")</script>');
}
else{
exit ('<script language="javascript">alert("发生了错误。")</script>');
}
}
源码下载地址:http://pan.baidu.com/disk/home?fr=ibaidu