mirror of
https://github.com/renbaoshuo/S2OJ.git
synced 2024-11-25 05:08:41 +00:00
This commit is contained in:
parent
4226b25e91
commit
e43444e02d
@ -1,59 +1,115 @@
|
||||
<?php
|
||||
requirePHPLib('form');
|
||||
requirePHPLib('form');
|
||||
|
||||
$forgot_form = new UOJBs4Form('forgot');
|
||||
$forgot_form->addInput('username', 'text', '用户名', '',
|
||||
function($username, &$vdata) {
|
||||
if (!validateUsername($username)) {
|
||||
return '用户名不合法';
|
||||
}
|
||||
$vdata['user'] = UOJUser::query($username);
|
||||
if (!$vdata['user']) {
|
||||
return '该用户不存在';
|
||||
}
|
||||
return '';
|
||||
},
|
||||
null
|
||||
);
|
||||
$forgot_form->handle = function(&$vdata) {
|
||||
$user = $vdata['user'];
|
||||
$password = $user["password"];
|
||||
use Gregwar\Captcha\PhraseBuilder;
|
||||
|
||||
$oj_name = UOJConfig::$data['profile']['oj-name'];
|
||||
$oj_name_short = UOJConfig::$data['profile']['oj-name-short'];
|
||||
$sufs = base64url_encode($user['username'] . "." . md5($user['username'] . "+" . $password));
|
||||
$url = HTML::url("/reset-password", array('params' => array('p' => $sufs)));
|
||||
$html = <<<EOD
|
||||
$forgot_form = new UOJBs4Form('forgot');
|
||||
$forgot_form->addInput(
|
||||
'username',
|
||||
'text',
|
||||
'用户名',
|
||||
'',
|
||||
function ($username, &$vdata) {
|
||||
if (!validateUsername($username)) {
|
||||
return '用户名不合法';
|
||||
}
|
||||
$vdata['user'] = UOJUser::query($username);
|
||||
if (!$vdata['user']) {
|
||||
return '该用户不存在';
|
||||
}
|
||||
return '';
|
||||
},
|
||||
null
|
||||
);
|
||||
$forgot_form->appendHTML(<<<EOD
|
||||
<div id="div-captcha" class="form-group">
|
||||
<label for="input-captcha" class="col-sm-2 control-label">验证码</label>
|
||||
<div class="col-sm-3" style="max-width: 60%">
|
||||
<input type="text" class="form-control" id="input-captcha" name="captcha" placeholder="请输入验证码" maxlength="20" style="display: inline-block; width: 12em;" />
|
||||
<div style="display: inline-block; margin-left: 8px; position: relative; top: -2px; cursor: pointer;">
|
||||
<img id="captcha" src="" />
|
||||
</div>
|
||||
<span class="help-block" id="help-captcha" style="display: block"></span>
|
||||
</div>
|
||||
</div>
|
||||
EOD);
|
||||
$forgot_form->handle = function (&$vdata) {
|
||||
$user = $vdata['user'];
|
||||
$password = $user["password"];
|
||||
|
||||
if (!isset($_SESSION['phrase']) || !PhraseBuilder::comparePhrases($_SESSION['phrase'], $_POST['captcha'])) {
|
||||
becomeMsgPage('验证码错误!');
|
||||
}
|
||||
|
||||
if (!$user['email']) {
|
||||
becomeMsgPage('用户未填写邮件地址,请联系管理员重置!');
|
||||
}
|
||||
|
||||
$oj_name = UOJConfig::$data['profile']['oj-name'];
|
||||
$oj_name_short = UOJConfig::$data['profile']['oj-name-short'];
|
||||
$check_code = md5($user['username'] . "+" . $password . '+' . UOJTime::$time_now_str);
|
||||
$sufs = base64url_encode($user['username'] . "." . $check_code);
|
||||
$url = HTML::url("/reset-password", ['params' => ['p' => $sufs]]);
|
||||
$oj_url = HTML::url('/');
|
||||
$name = $user['username'];
|
||||
|
||||
if ($user['realname']) {
|
||||
$name .= ' (' . $user['realname'] . ')';
|
||||
}
|
||||
|
||||
$html = <<<EOD
|
||||
<base target="_blank" />
|
||||
|
||||
<p>{$user['username']}您好,</p>
|
||||
<p>您刚刚启用了{$oj_name_short}密码找回功能,请进入下面的链接重设您的密码:</p>
|
||||
<p><a href="$url">$url</a></p>
|
||||
<p>{$oj_name}</p>
|
||||
<p>{$name} 您好,</p>
|
||||
|
||||
<style type="text/css">
|
||||
body{font-size:14px;font-family:arial,verdana,sans-serif;line-height:1.666;padding:0;margin:0;overflow:auto;white-space:normal;word-wrap:break-word;min-height:100px}
|
||||
pre {white-space:pre-wrap;white-space:-moz-pre-wrap;white-space:-pre-wrap;white-space:-o-pre-wrap;word-wrap:break-word}
|
||||
</style>
|
||||
<p>您最近告知我们需要重置您在 {$oj_name_short} 上账号的密码。请访问以下链接:<a href="{$url}">{$url}</a> (如果无法点击链接,请试着复制链接并粘贴至浏览器中打开。)</p>
|
||||
<p>如果您没有请求重置密码,则忽略此信息。该链接将在 72 小时后自动过期失效。</p>
|
||||
|
||||
<p>{$oj_name}</p>
|
||||
<p><a href="{$oj_url}">{$oj_url}</a></p>
|
||||
EOD;
|
||||
|
||||
$mailer = UOJMail::noreply();
|
||||
$mailer->addAddress($user['email'], $user['username']);
|
||||
$mailer->Subject = $oj_name_short."密码找回";
|
||||
$mailer->msgHTML($html);
|
||||
if (!$mailer->send()) {
|
||||
error_log($mailer->ErrorInfo);
|
||||
becomeMsgPage('<div class="text-center"><h2>邮件发送失败,请重试 <span class="glyphicon glyphicon-remove"></span></h2></div>');
|
||||
} else {
|
||||
becomeMsgPage('<div class="text-center"><h2>邮件发送成功 <span class="glyphicon glyphicon-ok"></span></h2></div>');
|
||||
}
|
||||
};
|
||||
$forgot_form->submit_button_config['align'] = 'offset';
|
||||
$mailer = UOJMail::noreply();
|
||||
$mailer->addAddress($user['email'], $user['username']);
|
||||
$mailer->Subject = $oj_name_short . " 密码找回";
|
||||
$mailer->msgHTML($html);
|
||||
if (!$mailer->send()) {
|
||||
error_log($mailer->ErrorInfo);
|
||||
becomeMsgPage('<div class="text-center"><h2>邮件发送失败,请重试!</h2></div>');
|
||||
} else {
|
||||
DB::update([
|
||||
"update user_info",
|
||||
"set", [
|
||||
'extra' => DB::json_set('extra', '$.reset_password_check_code', $check_code, '$.reset_password_time', UOJTime::$time_now_str),
|
||||
],
|
||||
"where", [
|
||||
"username" => $user['username'],
|
||||
],
|
||||
]);
|
||||
|
||||
$forgot_form->runAtServer();
|
||||
?>
|
||||
becomeMsgPage('<div class="text-center"><h2>邮件发送成功,请检查收件箱!</h2><span>如果邮件未出现在收件箱中,请检查垃圾箱。</span></div>');
|
||||
}
|
||||
};
|
||||
$forgot_form->submit_button_config['align'] = 'offset';
|
||||
|
||||
$forgot_form->runAtServer();
|
||||
?>
|
||||
<?php echoUOJPageHeader('找回密码') ?>
|
||||
<h2 class="page-header">找回密码</h2>
|
||||
<h4>请输入需要找回密码的用户名:</h4>
|
||||
<?php $forgot_form->printHTML(); ?>
|
||||
<script>
|
||||
function refreshCaptcha() {
|
||||
var timestamp = new Date().getTime();
|
||||
$("#captcha").attr("src", "/captcha" + '?' + timestamp);
|
||||
}
|
||||
|
||||
$(document).ready(function() {
|
||||
refreshCaptcha();
|
||||
|
||||
$("#captcha").click(function(e) {
|
||||
refreshCaptcha();
|
||||
});
|
||||
});
|
||||
</script>
|
||||
<?php echoUOJPageFooter() ?>
|
||||
|
@ -1,39 +1,55 @@
|
||||
<?php
|
||||
if (!isset($_GET['p'])) {
|
||||
become404Page();
|
||||
}
|
||||
function resetPassword() {
|
||||
list($username, $check_code) = explode('.', base64url_decode($_GET['p']));
|
||||
if (!isset($_POST['newPW']) || !validatePassword($_POST['newPW'])) {
|
||||
return '操作失败,无效密码';
|
||||
}
|
||||
if (!isset($username) || !validateUsername($username)) {
|
||||
return '不明错误';
|
||||
}
|
||||
if (!isset($check_code)) {
|
||||
return '不明错误';
|
||||
}
|
||||
if (!isset($_GET['p'])) {
|
||||
become404Page();
|
||||
}
|
||||
|
||||
$newPW = $_POST['newPW'];
|
||||
$user = UOJUser::query($username);
|
||||
if ($user == null) {
|
||||
return '不明错误';
|
||||
}
|
||||
if ($check_code !== md5($user['username'] . '+' . $user['password'])) {
|
||||
return '不明错误';
|
||||
}
|
||||
$newPW = getPasswordToStore($newPW, $user['username']);
|
||||
DB::update("update user_info set password = '$newPW' where username = '{$user['username']}'");
|
||||
return 'ok';
|
||||
list($username, $check_code) = explode('.', base64url_decode($_GET['p']));
|
||||
$user = UOJUser::query($username);
|
||||
|
||||
if (!$user) become404Page();
|
||||
if (!isset($check_code) || strlen($check_code) != 32) become404Page();
|
||||
|
||||
$extra = UOJUser::getExtra($user);
|
||||
|
||||
if ($check_code !== $extra['reset_password_check_code']) {
|
||||
become404Page();
|
||||
}
|
||||
|
||||
if (UOJTime::str2time($extra['reset_password_time'])->add(new DateInterval('P3D')) < UOJTime::$time_now) {
|
||||
becomeMsgPage('链接已过期');
|
||||
}
|
||||
|
||||
function resetPassword() {
|
||||
global $user;
|
||||
|
||||
if (!isset($_POST['newPW']) || !validatePassword($_POST['newPW'])) {
|
||||
return '操作失败,无效密码';
|
||||
}
|
||||
if (isset($_POST['reset'])) {
|
||||
die(resetPassword());
|
||||
}
|
||||
?>
|
||||
|
||||
$newPW = $_POST['newPW'];
|
||||
$newPW = getPasswordToStore($newPW, $user['username']);
|
||||
|
||||
DB::update([
|
||||
"update user_info",
|
||||
"set", [
|
||||
"password" => $newPW,
|
||||
"extra" => DB::json_remove('extra', '$.reset_password_check_code', '$.reset_password_time'),
|
||||
],
|
||||
"where", [
|
||||
"username" => $user['username'],
|
||||
],
|
||||
]);
|
||||
|
||||
return 'ok';
|
||||
}
|
||||
if (isset($_POST['reset'])) {
|
||||
die(resetPassword());
|
||||
}
|
||||
?>
|
||||
<?php
|
||||
$REQUIRE_LIB['dialog'] = '';
|
||||
$REQUIRE_LIB['md5'] = '';
|
||||
?>
|
||||
$REQUIRE_LIB['dialog'] = '';
|
||||
$REQUIRE_LIB['md5'] = '';
|
||||
?>
|
||||
<?php echoUOJPageHeader('更改密码') ?>
|
||||
<h2 class="page-header">更改密码</h2>
|
||||
<form id="form-reset" class="form-horizontal">
|
||||
@ -44,60 +60,60 @@
|
||||
<input type="password" class="form-control top-buffer-sm" id="input-confirm_password" placeholder="再次输入新密码" maxlength="20" />
|
||||
<span class="help-block" id="help-password"></span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-3">
|
||||
<button type="submit" id="button-submit" class="btn btn-secondary">提交</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-3">
|
||||
<button type="submit" id="button-submit" class="btn btn-secondary">提交</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
<script type="text/javascript">
|
||||
function validateResetPwPost() {
|
||||
var ok = true;
|
||||
ok &= getFormErrorAndShowHelp('password', validateSettingPassword);
|
||||
return ok;
|
||||
}
|
||||
$(document).ready(function() {
|
||||
$('#form-reset').submit(function(e) {
|
||||
if (!validateResetPwPost()) {
|
||||
return false;
|
||||
}
|
||||
$.post(<?= json_encode($_SERVER['REQUEST_URI']) ?>, {
|
||||
reset : '',
|
||||
newPW : md5($('#input-password').val(), "<?= getPasswordClientSalt() ?>")
|
||||
}, function(res) {
|
||||
if (res == 'ok') {
|
||||
BootstrapDialog.show({
|
||||
title : '提示',
|
||||
message : '密码更改成功',
|
||||
type : BootstrapDialog.TYPE_SUCCESS,
|
||||
buttons: [{
|
||||
label: '好的',
|
||||
action: function(dialog) {
|
||||
dialog.close();
|
||||
}
|
||||
}],
|
||||
onhidden : function(dialog) {
|
||||
window.location.href = '/login';
|
||||
}
|
||||
});
|
||||
} else {
|
||||
BootstrapDialog.show({
|
||||
title : '提示',
|
||||
message : res,
|
||||
type : BootstrapDialog.TYPE_DANGER,
|
||||
buttons: [{
|
||||
function validateResetPwPost() {
|
||||
var ok = true;
|
||||
ok &= getFormErrorAndShowHelp('password', validateSettingPassword);
|
||||
return ok;
|
||||
}
|
||||
$(document).ready(function() {
|
||||
$('#form-reset').submit(function(e) {
|
||||
if (!validateResetPwPost()) {
|
||||
return false;
|
||||
}
|
||||
$.post(<?= json_encode($_SERVER['REQUEST_URI']) ?>, {
|
||||
reset: '',
|
||||
newPW: md5($('#input-password').val(), "<?= getPasswordClientSalt() ?>")
|
||||
}, function(res) {
|
||||
if (res == 'ok') {
|
||||
BootstrapDialog.show({
|
||||
title: '提示',
|
||||
message: '密码更改成功',
|
||||
type: BootstrapDialog.TYPE_SUCCESS,
|
||||
buttons: [{
|
||||
label: '好的',
|
||||
action: function(dialog) {
|
||||
dialog.close();
|
||||
}
|
||||
}]
|
||||
});
|
||||
}
|
||||
}],
|
||||
onhidden: function(dialog) {
|
||||
window.location.href = '/login';
|
||||
}
|
||||
});
|
||||
} else {
|
||||
BootstrapDialog.show({
|
||||
title: '提示',
|
||||
message: res,
|
||||
type: BootstrapDialog.TYPE_DANGER,
|
||||
buttons: [{
|
||||
label: '好的',
|
||||
action: function(dialog) {
|
||||
dialog.close();
|
||||
}
|
||||
}]
|
||||
});
|
||||
}
|
||||
});
|
||||
return false;
|
||||
});
|
||||
return false;
|
||||
});
|
||||
});
|
||||
</script>
|
||||
<?php echoUOJPageFooter() ?>
|
||||
|
Loading…
Reference in New Issue
Block a user