JTBC(CMS)

系统自带的要发送邮件，经常不能正常使用，昨天做了个用密保生成新密码的。

模板：
    <item>
[p][color=#008800]      <name><![CDATA[lostpassword]]></name>[/color][/p] [p][color=#008800]      <tpl_default><![CDATA[{$=mm_web_head($GLOBALS['nhead'])}[/color][/p] <script type="text/javascript">
function js_aksBack(strers){
var tstrers = strers;
get_id("tr_ask").style.display = "";
var str_error = "提&nbsp;&nbsp;&nbsp;示：发生错误！";
var str_ask = "<span>问&nbsp;&nbsp;&nbsp;题：</span>";
if (tstrers == "0"){
get_id("td_ask").innerHTML = str_error;
} else {
get_id("td_ask").innerHTML = str_ask + tstrers;
};
};
function js_ask(strUser,strMail,strName){
if (strUser == "") return false;
if (strMail == "") return false;
var check_loading = "loading";
get_id("td_ask").innerHTML = check_loading;
igets("?type=lostpassword-1&username="+strUser+"&email="+strMail+"&name="+strName, js_aksBack);
};
function js_findBack(strers){
var tstrers = strers;
get_id("tr_fp").style.display = "";
var str_error = "提&nbsp;&nbsp;&nbsp;示：发生错误！";
var str_ask = "<span>新密码：</span>";
if (tstrers == "0"){
get_id("td_fp").innerHTML = str_error;
} else {
get_id("td_fp").innerHTML = str_ask + tstrers;
};
};
function js_find(strUser,strMail,strName,strAnswer){
if (strUser == "") return false;
if (strMail == "") return false;
if (strAnswer == "") return false;
var check_loading = "loading";
get_id("td_fp").innerHTML = check_loading;
igets("?type=lostpassword-2&username="+strUser+"&email="+strMail+"&name="+strName+"&answer="+strAnswer, js_findBack);
};
</script>
<div class="container">
<div class="navigation"></div>
<div class="containerTop"></div>
<div class="containerMiddle">
<div class="containerIndiv" style="margin-top:0">
<div class="searchReLeft">{$=ap_user_data_member_side()}
</div>
<div class="searchReRight">
<div class="searchTitle"><span>找回密码</span></div>
<div id="sortshow" style="width:100%">
<table class="mainRLShopnew">
<tr>
<td height=25></td>
</tr>
<tr>
<td height=25><span>用户名：</span><input type="text" name="username" id="username" maxlength="20"></td>
</tr>
<tr>
<td height=25><span>邮&nbsp;&nbsp;&nbsp;箱：</span><input type="text" name="mail" id="mail" maxlength="20" dtype="Limit"></td>
</tr>
<tr>
<td height=25><span>名&nbsp;&nbsp;&nbsp;字：</span><input type="text" name="name" id="name" maxlength="20"></td>
</tr>
<tr name="tr_ask" id="tr_ask" style="display:none;">
<td name="td_ask" id="td_ask"></td>
</tr>
<tr>
<td height=25><span>答&nbsp;&nbsp;&nbsp;案：</span><input type="text" name="answer" id="answer" maxlength="20"> <input type="button" class="ibutton" value="提示" onclick="js_ask(escape(get_id('username').value),escape(get_id('mail').value),escape(get_id('name').value))"></td>
</tr>
<tr>
<td height=5></td>
</tr>
<tr name="tr_fp" id="tr_fp" style="display:none;">
<td name="td_fp" id="td_fp"></td>
</tr>
<tr>
<td height=5></td>
</tr>
<tr>
<td height=25>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<input type="button" class="ibutton" value="找回密码" onclick="js_find(escape(get_id('username').value),escape(get_id('mail').value),escape(get_id('name').value),get_id('answer').value)"></td>
</tr>
</table>
</div>
</div>
</div>
</div>
<div class="containerBottom"></div>
</div>
[p][color=#008800]{$=mm_web_foot($GLOBALS['nfoot'])}]]></tpl_default>[/color][/p]     </item>

处理函数：

function jtbc_cms_module_lostpassword_1()
{
  global $conn;
  global $ndatabase, $nidfield, $nfpre;
[p][color=#008800]  $tusername = ii_get_safecode($_GET['username']);[/color][/p] [p][color=#008800]  $temail = ii_get_safecode($_GET['email']);[/color][/p] [p][color=#008800]  $tname = ii_get_safecode($_GET['name']);[/color][/p]   $tsqlstr = "select * from $ndatabase where " . ii_cfname('username') . "='$tusername' and " . ii_cfname('email') . "='$temail' and " . ii_cfname('name') . "='$tname'";
  $trs = ii_conn_query($tsqlstr, $conn);
  $trs = ii_conn_fetch_array($trs);
  if ($trs)
  {
[p][color=#008800] $backstr = ii_htmlencode($trs[ii_cfname('safeask')]);[/color][/p] return $backstr;
  }
  else return 0;
}

function jtbc_cms_module_lostpassword_2()
{
  global $conn;
  global $ndatabase, $nidfield, $nfpre;
[p][color=#008800]  $tusername = ii_get_safecode($_GET['username']);[/color][/p] [p][color=#008800]  $temail = ii_get_safecode($_GET['email']);[/color][/p] [p][color=#008800]  $tname = ii_get_safecode($_GET['name']);[/color][/p] [p][color=#008800]  $tanswer = md5(ii_get_safecode($_GET['answer']));[/color][/p]   $tsqlstr = "select * from $ndatabase where " . ii_cfname('username') . "='$tusername' and " . ii_cfname('email') . "='$temail' and " . ii_cfname('name') . "='$tname' and " . ii_cfname('safeanswer') . "='$tanswer'";
  $trs = ii_conn_query($tsqlstr, $conn);
  $trs = ii_conn_fetch_array($trs);
  if ($trs)
  {
    $tpassword = ii_random(8);
    $tmd5password = md5($tpassword);
$tsqlstr = "update $ndatabase set " . ii_cfname('password') . "='$tmd5password' where " . ii_cfname('username') . "='$tusername'";
    ii_conn_query($tsqlstr, $conn);
return $tpassword;
  }
  else return 0;
}

在Type中添加：     case 'lostpassword-1':      return jtbc_cms_module_lostpassword_1();      break;    case 'lostpassword-2':      return jtbc_cms_module_lostpassword_2();      break; 在注册的选项中添加safeask和safeanswer（这个要md5加密）字段，自行添加相应设置。 调试一下，就可以用了。暂时没有案例，等新版justav.net出来了就可以看了。

挺好的，但一般密码提示问题用户都设置的太过简单，安全级别不高，还是以邮箱为准比较好，如果系统自带的邮件发送程序不能很好的兼容你的邮件帐号，你可以改用 phpmailer 来发送邮件的。

下了个 phpmailer，不过还没用，有空就做上去