Temos pavadinimas: WordPress, Shopify ir PHPFusion programuotojų bendruomenė :: lostapassword apsaugojimas

Parašė Lordcraft· 2010 Gru. 13 15:12:28
#1

Gal kas galetu padeti apsaugoti lostpassword funkcija nes per ja dabar buvo panaudotas spam ir galima siusti milijonus laisku su nuoroda ant kurios paspaudus yra atsiunciamas slaptazodis.
gal galit duoti koki kur reikia suversti skaicius kad apsaugotu nuo spam?

Parašė upset156· 2010 Gru. 14 20:12:17
#2

nananantes ssssssssssssssssssssssss

Parašė botanik· 2010 Gru. 15 08:12:19
#3

Kokia fusion versija? Senuosiuose fragnet.info failuose turėjau, jeigu rasiu juos, būtinai tau pagelbėsiu :)

Parašė Lordcraft· 2010 Gru. 15 11:12:38
#4

v6.01.19 ..............

Parašė Wyciokazz· 2010 Gru. 15 11:12:43
#5

ikelk ta lostpassword.php paziuresiu ka eina padaryti.

Parašė Lordcraft· 2010 Gru. 17 19:12:39
#6


<?php
/*---------------------------------------------------+
| <span style="border-bottom: 1px dotted black;">PHP</span>-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright © 2002 - 2006 Nick Jones
| <a href='http://www.php-fusion.co.uk/' target='_blank'><span style='color:005C5B'>http://www.php-fusion.co.uk/</span></a>
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit <a href='http://gnu.org' target='_blank'><span style='color:005C5B'>http://gnu.org</span></a>
+----------------------------------------------------*/
require_once "maincore.php";
require_once "subheader.php";
require_once "side_left.php";
require_once INCLUDES."sendmail_include.php";
include LOCALE.LOCALESET."lostpassword.php";
 
if (iMEMBER) fallback("index.php");
 
opentable($locale['400']);
if (isset($email) && isset($account)) {
	$error = 0;
	if (FUSION_QUERY != "email=".$email."&amp;account=".$account) fallback("index.php");
	$email = stripinput(trim(eregi_replace(" +", "", $email)));
	if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) $error = 1;
	if (!preg_match("/^[0-9a-z]{32}$/", $account)) $error = 1;
	if ($error == 0) {
		$result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_password='$account' AND user_email='$email'");
		if (dbrows($result) != 0) {
			$data = dbarray($result); $new_pass = "";
			for ($i=0;$i<=7;$i++) { $new_pass .= chr(rand(97, 122)); }
			$mailbody = str_replace("[NEW_PASS]", $new_pass, $locale['411']);
			$mailbody = str_replace("[USER_NAME]", $data['user_name'], $mailbody);
			sendemail($data['user_name'],$email,$settings['siteusername'],$settings['siteemail'],$locale['409'].$settings['sitename'],$mailbody);
			$result = dbquery("UPDATE ".$db_prefix."users SET user_password='".md5(md5($new_pass))."' WHERE user_id='".$data['user_id']."'");
			echo "<center><br>\n".$locale['402']."<br><br>\n<a href='index.php'>".$locale['403']."</a><br><br>\n</center>\n";
		} else {
			$error = 1;
		}
	}
	if ($error == 1) redirect("index.php");
} elseif (isset($_POST['send_password'])) {
	$email = stripinput(trim(eregi_replace(" +", "", $_POST['email'])));
	if (preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) {
		$result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_email='$email'");
		if (dbrows($result) != 0) {
			$data = dbarray($result);
			$new_pass_link = $settings['siteurl']."lostpassword.php?email=".$data['user_email']."&account=".$data['user_password'];
			$mailbody = str_replace("[NEW_PASS_LINK]", $new_pass_link, $locale['410']);
			$mailbody = str_replace("[USER_NAME]", $data['user_name'], $mailbody);
			sendemail($data['user_name'],$email,$settings['siteusername'],$settings['siteemail'],$locale['409'].$settings['sitename'],$mailbody);
			echo "<center><br>\n".$locale['401']."<br><br>\n<a href='index.php'>".$locale['403']."</a><br><br>\n</center>\n";
		} else {
			echo "<center><br>\n".$locale['404']."<br><br>\n<a href='".FUSION_SELF."'>".$locale['406']."</a><br><br>\n</center>\n";
		}
	} else {
		echo "<center><br>\n".$locale['405']."<br><br>\n<a href='".FUSION_SELF."'>".$locale['403']."</a><br><br></center>\n";
	}
} else {
	echo "<form name='passwordform' method='post' action='".FUSION_SELF."'>
<center>".$locale['407']."<br>
<br>
<input type='text' name='email' class='textbox' maxlength='100' style='width:200px;'><br>
<br>
<input type='submit' name='send_password' value='".$locale['408']."' class='button'></center>
</form>\n";
}
closetable();
 
require_once "side_right.php";
require_once "footer.php";
?>

Parašė avice· 2010 Gru. 17 19:12:41
#7

naudok recaptcha
o ja idet lengva...
http://code.google.com/apis/reca...s/php.html

Parašė Lordcraft· 2010 Gru. 18 15:12:32
#8

jums gal ir lengva man tai cia per sudetinga, ka as zinau kur cia iklijuoti ta koda.

Parašė Impossibru· 2010 Gru. 18 18:12:59
#9

Susirask kas įklijuos už pinigus, atsibodo kad čia prasinėji visko už dyką jau, (2 metai taip...)

Parašė Lordcraft· 2010 Gru. 19 22:12:24
#10

nuo kada cia mokamas suportas?

Parašė Jaunelis· 2010 Gru. 20 08:12:11
#11

Daug kas įpratęs gauti viską šiame supporte dykai , nesvarbu ar tai lengva ar ne , tiesiog pora kartų kažkas padėjo tai ir įprato.

Parašė Jaunelis· 2010 Gru. 20 09:12:52
#12

Visada čia buvo mokamas supportas :D