Функционал восстановления пароля объединён в одном файле. Удалён устаревший/неиспользуемый код.

This commit is contained in:
Igor Barkov [iwork] 2018-12-10 18:15:11 +02:00
parent aed2527d59
commit c70f681078
325 changed files with 48 additions and 6301 deletions

View File

@ -1,28 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<LINK href="css/main.css" rel=stylesheet>
<META charset=utf-8">
<title>Востановление пароля</title>
</head>
<body>
<div>
<?php
$realtime = mktime(date(H), date(i), date(s), date("m"), date("d"), date("Y"));
$login = filter_input(INPUT_GET,'login',FILTER_SANITIZE_SPECIAL_CHARS);
$passwd = filter_input(INPUT_GET,'newpass');
$timev = filter_input(INPUT_GET,'timev');
if ($passwd && $login && $timev && $realtime <= $timev) {
include("config.php");
$sql = db::c()->query('SELECT * FROM `confirmpasswd` WHERE `login` = "?s" AND `passwd` = "?s" AND `date` = "?s" AND `active` = "?s"', $login, $passwd, $timev, 1);
if ($sql->getNumRows() == 0) die("Ссылка устарела!");
$sql = $sql->fetch_assoc();
db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `login` = "?s"', md5($passwd), $sql['login']);
db::c()->query('UPDATE `confirmpasswd` SET `active` = "?s" WHERE `login` = "?s" AND `passwd` = "?s" AND `date` = "?s" AND `active` = "?s"', 0, $login, $passwd, $timev, 1);
} else echo "Ссылка устарела.";
?>
</div>
</body>
</html>

Binary file not shown.

Before

Width:  |  Height:  |  Size: 633 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 426 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 633 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 505 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 510 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 3.5 KiB

View File

@ -59,7 +59,7 @@ if ($hreject) {
<h1><?php echo $error; ?></h1> <h1><?php echo $error; ?></h1>
<?php else: ?> <?php else: ?>
<h1>Регистрация</h1> <h1>Регистрация</h1>
<form action="register.php" method="post"> <form method="post">
<input required name="login" placeholder='Имя персонажа'><br> <input required name="login" placeholder='Имя персонажа'><br>
<input required name="email" type=email placeholder='Электронная почта'><br> <input required name="email" type=email placeholder='Электронная почта'><br>
<input required name="psw" type=text placeholder='Пароль'><br> <input required name="psw" type=text placeholder='Пароль'><br>

View File

@ -1,11 +1,13 @@
<?php <?php
include("config.php"); include("config.php");
function random_password( $length = 8 ) { function random_password()
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-=+;:,.?"; {
$password = substr( str_shuffle( $chars ), 0, $length ); $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$password = substr(str_shuffle($chars), 0, 8);
return $password; return $password;
} }
function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $message = '') function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $message = '')
{ {
$from_user = "=?UTF-8?B?" . base64_encode($from_user) . "?="; $from_user = "=?UTF-8?B?" . base64_encode($from_user) . "?=";
@ -21,96 +23,64 @@ function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $mes
$login = filter_input(INPUT_POST, 'loginid', FILTER_SANITIZE_SPECIAL_CHARS); $login = filter_input(INPUT_POST, 'loginid', FILTER_SANITIZE_SPECIAL_CHARS);
//TODO Сделать всё нормальным человеческим способом, как у белых людей. Сброс пароля генерирует ссылку на почту, ссылка на почте разрешает одноразовую смену пароля. //TODO Сделать всё нормальным человеческим способом, как у белых людей. Сброс пароля генерирует ссылку на почту, ссылка на почте разрешает одноразовую смену пароля.
if ($login) { if ($login) {
// $sql = mysql_query("SELECT `id`, `login`, `realname`, `email` FROM `users` WHERE LOWER(`login`) = '" . $_POST['loginid'] . "' LIMIT 1"); $sql = db::c()->query('SELECT `login`, `email` FROM `users` WHERE `login` = "?s"', $login)->fetch_assoc();
// $sql = mysql_fetch_array($sql, MYSQL_ASSOC);
$sql = db::c()->query('SELECT `id`, `login`, `email` FROM `users` WHERE `login` = "?s" LIMIT 1', $login)->fetch_assoc();
$newpass = random_password(); $newpass = random_password();
$lasttime = date('Y-m-d', strtotime($Date . ' + 1 days')); $lasttime = date('Y-m-d', strtotime($Date . ' + 1 days'));
$ip = $_SERVER['REMOTE_ADDR']; $ip = $_SERVER['REMOTE_ADDR'];
if ($sql['login'] && db::c()->query('INSERT INTO `confirmpasswd` (`login`, `passwd`, `date`, `ip`, `active`) VALUES ("?s", "?s", "?s", "?s", "?s")', $sql['login'], $newpass, $lasttime, $ip)) { if ($sql['login'] && db::c()->query('INSERT INTO `confirmpasswd` (`login`, `passwd`, `date`, `ip`, `active`) VALUES ("?s", "?s", "?s", "?s", "?s")', $sql['login'], $newpass, $lasttime, $ip)) {
$message = "Здравствуйте!<br><br> $message = "Здравствуйте!<br><br>
Кто-то запросил восстановление пароля к вашему персонажу " . $sql['login'] . ".<br> Кто-то запросил восстановление пароля к вашему персонажу " . $sql['login'] . ".<br>
Ваш новый пароль: " . $newpass . ".<br><br> Ваш новый пароль: " . $newpass . ".<br><br>
Для подтверждения нового пароля пройдите по Для подтверждения нового пароля пройдите по
<a href='".GAMEDOMAIN."/confirmpassw.php?newpass=".$newpass."&login=".$sql['login']."&timev=".$lasttime."'> данной ссылке</a>.<br><br> <a href='" . GAMEDOMAIN . "/rememberpassword.php?newpass=" . $newpass . "&l=" . $sql['login'] . "&t=" . $lasttime . "'> данной ссылке</a>.<br><br>
Ссылка будет действовать до <em>" . date('d-M-Y', $lasttime) . "</em>. Ссылка будет действовать до <em>" . date('d-M-Y', $lasttime) . "</em>.
"; ";
if (mail_send($sql['email'], "Noreply", "noreply@" . GAMEDOMAIN, "Восстановление забытого пароля", $message)) { if (mail_send($sql['email'], "Noreply", "noreply@" . GAMEDOMAIN, "Восстановление забытого пароля", $message)) {
echo "<h3>Письмо отправлено.</h3>"; $statusMessage = 'Письмо отправлено.';
} else { } else $statusMessage = 'Ошибка: письмо не отправлено!';
echo "<h3>Ошибка: письмо не отправлено!</h3>"; } else $statusMessage = 'Ошибка: имя пользователя не существует!';
}
} else {
echo "<h3>Сегодня пароль уже высылался или такой login отсутствует.</h3>";
}
} }
$realtime = mktime(date('H i s m d Y'));
$login2 = filter_input(INPUT_GET,'l',FILTER_SANITIZE_SPECIAL_CHARS);
$passwd = filter_input(INPUT_GET,'newpass');
$timev = filter_input(INPUT_GET,'t');
if ($passwd && $login2 && $timev && $realtime <= $timev) {
include("config.php");
$sql2 = db::c()->query('SELECT `login` FROM `confirmpasswd` WHERE `login` = "?s" AND `passwd` = "?s" AND `date` = "?s" AND `active` = "?s"', $login2, $passwd, $timev, 1);
if ($sql2->getNumRows() == 0) die("Ссылка устарела!");
$sql2 = $sql2->fetch_assoc();
//FIXME Убрать md5.
db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `login` = "?s"', md5($passwd), $sql2['login']);
db::c()->query('UPDATE `confirmpasswd` SET `active` = "?s" WHERE `login` = "?s" AND `passwd` = "?s" AND `date` = "?s" AND `active` = "?s"', 0, $login2, $passwd, $timev, 1);
$statusMessage = 'Пароль изменён!';
} else $statusMessage = 'Ошибка: ссылка устарела!';
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="ru_RU"> <html lang="ru_RU">
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<link href="static/styles/forgot-password.css" rel="stylesheet"> <link href="css/main.css" rel="stylesheet"/>
<title>Восстановление пароля</title> <title>Восстановление пароля</title>
<script type="text/javascript">
function sendmailpassw() {
var loginP = document.getElementById('loginid').value;
if (loginP == '' || loginP.length > 50) {
alert('Введен некоректный login');
return false;
}
else document.sendmailid.submit();
}
</script>
</head> </head>
<body> <body>
<a id="top-logo" href="/" title="На главную"></a> <a href="/"> на главную</a>
<?php if (!empty($statusMessage)): ?>
<?php <h3><?php echo $statusMessage; ?></h3>
if (!empty($error)):
$error_list = explode('<br>', $error);
?>
<div id="error">
<h1>Ошибка при регистрации</h1>
<?php if (count($error_list) > 1): ?>
<ul>
<?php foreach ($error_list as $error_item):
if (empty($error_item)): continue; endif; ?>
<li><?php echo $error_item; ?></li>
<?php endforeach; ?>
</ul>
<?php else: ?>
<?php echo $error; ?>
<?php endif; ?>
</div>
<?php endif; ?> <?php endif; ?>
<h1>Восстановление пароля</h1>
<form name='sendmailid' method="post"> <p>
<h1>Забыли пароль?</h1>
<div class="form-input">
<div class="name">
<label for="loginid">Укажите логин персонажа:</label>
</div>
<div class="value">
<input placeholder="Логин" type='text' value='<?php echo $_POST['loginid']; ?>' id='loginid'
name='loginid'/>
</div>
<div class="comment">
Для восстановления пароля введите свой login и нажмите кнопку &laquo;Отправить письмо&raquo;.<br> Для восстановления пароля введите свой login и нажмите кнопку &laquo;Отправить письмо&raquo;.<br>
Письмо будет выслано на email адрес, указанный вами при регистрации.<br> Письмо будет выслано на email адрес, указанный вами при регистрации.<br>
Восстанавливать пароль можно только раз в сутки.<br> Восстанавливать пароль можно только раз в сутки.
</div> </p>
</div>
<div class="form-input"> <form method="post">
<div class="submit"> <input required name="loginid" placeholder="Имя персонажа" value="<?= $login ?>"><br>
<input type="submit" onClick="sendmailpassw(); return false;" value="Отправить письмо"/> <input type=submit>
</div>
</div>
</form> </form>
</body> </body>

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -1,18 +0,0 @@
CWSю
ффЅиKя@џ‹юЂќ и{}м/Ё;‡T|Щ.JHГ™o.<уНP:$т? щ#!WЂФуW !їя+ІТVЅQ<мє^ё„Ц“йNхКеѓѓѓЩѓ…Y?Ш+П-..+уещщЊ˜ Џј€ОxбќйjR ОC3pzг{Eaі¶ЯЏћLOЄZжiС^?p“Yж.пr/
ЛsіsXИ2—l?иІЁКz=Ч1™(W>њ ;ѕщцЂнуЫeag№|(r"'ryuЕтЫјШpщaсaqе,?‰NCD°uvРк№6™Ић5эn№шVЯД3ЩX*I>џ"JфъmЧ ;<ЁцЅ·ћђ>в 1fАYд_Њш€ їЛјЅ>ЫгХХНДwj'gdЇѕ`^qоq©8_™[HЏ!РетЏШ 8А*©зю•Y&5йддд•Б «ш•Х?јхыяnm'ю7гьљлфЪ> ,т—‰?SBРAмЂuщЙY"ЅыПџT"БµKд}Я±†“Мт}15cГп‡|Uиjіэ=7#u;
oЏ>у}—3OЭмwЫ<И^x\6-a9aПeGкv/p"®¶ыQд{љ‰Q;ь02єў4ж˜oхDmоу@Kµ~”Buд•&ЪnOлт€ХYДhИ#Q чзМіjэ фЃn;ївJ!ЗТОєВ\gПЈћїm2—лЎђѕЕЌuџY<Xуl_|?2ЬSЫи1БNДѓ0э0вVЭп2З»=XЈіZЩ^(ПW*ЏКнѕгFЋ7”¶ЬЏ7њёРюRЪюФE°ћЮSNk>ѕЗѓ[ѓЦ<<
3#gџ§ЃЧюOлз綔ЊLшYdвВaO]m}<УјV°ЂIЇ_ЛЯыШs]я mЩHЗ%Л"яgDk{лu3ФЫ|ПсЋл зЯ9VФJФзЬЩлDљ°ѓ-<ЋўЧaі¬ZЗq-Ґ¶ѕV{™C39еєѓ‡ВжЌЌжоцк/љЯ®nйuwg
UiD•j.CГЩСU
•d
E(ЌN3CT¦J*#TҐJЋ*yЄЊQeњВ…K
.SёJбН\§pѓВM
·ф"РЬРВ,…2…
…9
у(<¤р9…GВ"…%
_RX¦р„жїўр”BЌжкV©цЂj34чВK
лъ:ЬР7Pnкp
пM
ЯPйg4іE3Ы4ісЗ @ъi!e¤ С¤4FBATхc"Хt™АђN€F ь-"
ЙdЃИ#@”Q jНСЖЂиг К@†±ў¦gвКЧ)

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -1,57 +0,0 @@
<?php
header("Content-type: image/png");
// создаем картинку размером 172X52
$img = imagecreatetruecolor(172, 52) or die('Cannot create image');
$orange = imageColorAllocate($img, 255, 128, 64);
$FIGURES = array('50','70','90','110','130','150','170','190','210');
// заполняем фон картинки
//0x919191
imagefill($img, 0, 0, imagecolorallocate($img,255,255,255));
$x=0;
$i = 1;
$sum = "";
//цвет текста
$color_RGB = rand(180,200);
while ($i++ <=5000) {
imageSetPixel($img, rand(0,170), rand(0,50),imagecolorallocate($img,245,245,245));
}
//рисуем 2 линии
imageLine($img, rand(0,10), rand(0,50), rand(110,170), rand(0,50), imagecolorallocate($img,150,150,150));
imageLine($img, rand(0,10), rand(0,50), rand(110,170), rand(0,50), imagecolorallocate($img,150,150,150));
//рамка
imageRectangle($img,1,1,170,51,imagecolorallocate($img,220,220,220));
$fonts = array ('fonts/FRSCRIPT.ttf','fonts/CHILLER.ttf','fonts/Bradley Hand ITC.ttf','fonts/de_Manu_2_Regular.ttf','fonts/Edgar_da_cool_Regular.ttf','fonts/Hurryup_Hurryup.ttf','fonts/Fh_Script_Regular.ttf','fonts/Gabo4_Gabo4.ttf','fonts/JAMI_Regular.ttf','fonts/Justy1_Regular.ttf');
$font = $fonts[rand(0, sizeof($fonts)-1)];
$font = 'fonts/ARESSENCE.ttf';
// Инициируем сессию
session_start();
// выводим одну цифру за один проход цикла (всего 6 цифр)
$i = 1;
while ($i++ <= 6) {
$color = imagecolorallocatealpha($img,$FIGURES[rand(0,sizeof($FIGURES)-1)],$FIGURES[rand(0,sizeof($FIGURES)-1)],$FIGURES[rand(0,sizeof($FIGURES)-1)],rand(10,30));
// выводим текст поверх картинки
imagettftext($img, rand(20,25), rand(-35,35), $x=$x+25, 30+rand(0,10),
$color, $font, $rnd = rand(0,9));
// Собираем в одну строку все символы на картинке
$sum = $sum.(string)$rnd;
}
// выводим текст поверх картинки
// imagettftext($img, 8, 0, 110, 52, imagecolorallocate($img,10,10,10), 'fonts/cour.ttf' , 'new.combatz.ru');
imagettftext($img, 8, 0, 7, 50, imagecolorallocate($img,77,77,77), 'fonts/cour.ttf' , 'new.combatz.ru &copy; 2013-'.date('Y'));
//Не забудьте $sum записать в таблицу как STR1
// выводим готовую картинку в формате PNG
imagepng($img);
// освобождаем память, выделенную для картинки
imagedestroy($img);
// Помещаем защитный код в сессию
$_SESSION['code'] = $sum;
?>

Binary file not shown.

Before

Width:  |  Height:  |  Size: 862 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.2 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 416 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 804 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 94 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 37 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 37 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 37 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 76 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 49 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 37 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 94 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 438 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 861 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 412 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 402 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 76 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 432 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 414 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 773 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 298 B

Binary file not shown.

Binary file not shown.

Before

Width:  |  Height:  |  Size: 6.2 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 11 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 11 KiB

Binary file not shown.

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.8 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.8 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.8 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.8 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 203 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 12 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 319 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 11 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 11 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 11 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 656 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 25 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 2.3 KiB

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Before

Width:  |  Height:  |  Size: 102 B

Binary file not shown.

Binary file not shown.

Before

Width:  |  Height:  |  Size: 614 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 533 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 605 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 576 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 583 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 607 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 610 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 549 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 614 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 608 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 500 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 349 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 65 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 126 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 7.8 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.8 KiB

Binary file not shown.

Binary file not shown.

Before

Width:  |  Height:  |  Size: 138 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.8 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 585 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.5 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 507 B

Some files were not shown because too many files have changed in this diff Show More