public function forgePwd()
{
$result = array('error' => 1, 'message' => '请求找回密码失败,请刷新页面重试。');
$siteName = SITE_NAME;
if (isset($_POST['email']) && $_POST['email'] != '') {
$user = User::getUserByEmail(htmlspecialchars(trim($_POST['email'])));
if (!$user) {
return $result;
}
if ($user->enable == 0) {
$verify_code = json_decode($user->forgePwdCode, true)['verification'];
if ($verify_code != null) {
$result['message'] = '您的账户还未进行邮箱校验,请校验完毕后再试!';
return $result;
}
}
$user->lastFindPasswdTime = time();
if ($user->lastFindPasswdCount != 0 && $user->lastFindPasswdCount > 2) {
$result['message'] = '找回密码重试次数已达上限!';
return $result;
}
$code = Utils::randomChar(10);
$forgePwdCode['code'] = $code;
$forgePwdCode['time'] = time();
$user->forgePwdCode = json_encode($forgePwdCode);
$content = Option::get('custom_mail_forgePassword_content');
$params = ['code' => $code, 'nickname' => $user->nickname, 'email' => $user->email, 'useTraffic' => Utils::flowAutoShow($user->flow_up + $user->flow_down), 'transfer' => Utils::flowAutoShow($user->transfer), 'expireTime' => date('Y-m-d H:i:s', $user->expireTime)];
$content = Utils::placeholderReplace($content, $params);
$mailer = Mailer::getInstance();
$mail = new \Model\Mail();
$mail->to = $user->email;
$mail->subject = "[" . SITE_NAME . "] Password Recovery";
$mail->content = $content;
$mailer->toQueue(true);
// 添加到邮件列队
$isOk = $mailer->send($mail);
$user->save();
$result['uid'] = $user->uid;
if ($isOk) {
$result['message'] = '验证代码已经发送到该注册邮件地址,请注意查收!<br/>请勿关闭本页面,您还需要验证码来验证您的账户所有权才可重置密码!!';
$result['error'] = 0;
} else {
$result['message'] = '邮件发送失败, 请联系管理员检查邮件系统设置!';
$result['error'] = 1;
}
return $result;
} else {
if ($_POST['code'] != '' && $_POST['uid'] != '') {
$uid = $_POST['uid'];
$code = trim($_POST['code']);
$user = User::GetUserByUserId(trim($uid));
$forgePwdCode = json_decode($user->forgePwdCode, true);
// forgePwdCode.length > 1 且 验证码一样 且 时间不超过600秒(10分钟)
if (count($forgePwdCode) > 1 && $forgePwdCode['code'] == $code && time() - intval($forgePwdCode['time']) < 600) {
$newPassword = Utils::randomChar(10);
$user->setPassword($newPassword);
$user->lastFindPasswdCount = 0;
$user->lastFindPasswdTime = 0;
$user->save();
$content = Option::get('custom_mail_forgePassword_content_2');
$params = ['code' => $code, 'newPassword' => $newPassword, 'nickname' => $user->nickname, 'email' => $user->email, 'useTraffic' => Utils::flowAutoShow($user->flow_up + $user->flow_down), 'transfer' => Utils::flowAutoShow($user->transfer), 'expireTime' => date('Y-m-d H:i:s', $user->expireTime)];
$content = Utils::placeholderReplace($content, $params);
$mailer = Mailer::getInstance();
$mail = new \Model\Mail();
$mail->to = $user->email;
$mail->subject = "[" . SITE_NAME . "] Your new Password";
$mail->content = $content;
$mailer->toQueue(true);
// 添加到邮件列队
$isOk = $mailer->send($mail);
if ($isOk) {
$result['message'] = '新密码已经发送到该账户邮件地址,请注意查收!<br/> 并且请在登录后修改密码!';
$result['error'] = 0;
} else {
$result['message'] = '邮件发送失败, 请联系管理员检查邮件系统设置!';
$result['error'] = 1;
}
} else {
$result['message'] = '验证码已经超时或者 验证码填写不正确。请再次确认';
$result['error'] = -1;
}
return $result;
} else {
Template::putContext('user', User::getCurrent());
Template::setView('panel/forgePwd');
}
}
return $result;
}
