tianya
1 year ago
2 changed files with 113 additions and 11 deletions
Split View
Diff Options
-
+16 -11README.md
-
+97 -0tools/resetpwd.php
+ 16
- 11
README.md
View File
| @@ -48,19 +48,24 @@ OpenSSL:支持DedeBIZ商业支持 | |||
| Sockets:支持接入DedeBIZ商业组件模块 | |||
| 4.基本目录结构 | |||
| 4.基本目录结构及文件 | |||
| ``` | |||
| / | |||
| ..../a 默认网页文件存放目录[必须可写入] | |||
| ..../admin 默认后台管理目录[可任意改名] | |||
| ..../apps 插件扩展程序目录[不可写入,可执行] | |||
| ..../data 系统缓存或其它可写入数据存放目录[必须可写入,但不可执行,建议关闭对外访问权限] | |||
| ..../install 程序安装目录,安装完后可删除[安装时必须有可写入权限] | |||
| ..../static 静态资源存放目录[必须可写入,无需执行] | |||
| ..../system 类库文件目录[建议关闭对外访问权限] | |||
| ..../theme 系统默认内核模板目录[建议关闭对外访问权限] | |||
| ..../user 会员目录 | |||
| ./docs 文档及协议 | |||
| ./src 系统源代码 | |||
| ..|_/a 默认网页文件存放目录[必须可写入] | |||
| ..|_/admin 默认后台管理目录[可任意改名] | |||
| ..|_/apps 插件扩展程序目录[不可写入,可执行] | |||
| ..|_/data 系统缓存或其它可写入数据存放目录[必须可写入,但不可执行,建议关闭对外访问权限] | |||
| ..|_/install 程序安装目录,安装完后可删除[安装时必须有可写入权限] | |||
| ..|_/static 静态资源存放目录[必须可写入,无需执行] | |||
| ..|_/system 类库文件目录[建议关闭对外访问权限] | |||
| ..|_/theme 系统默认内核模板目录[建议关闭对外访问权限] | |||
| ..|_/user 会员目录 | |||
| ..|_/index.php 入口文件 | |||
| ..|_/license.txt GPLv2开源许可协议 | |||
| ./tools 系统工具 | |||
| ..|_/resetpwd.php 管理员密码修改工具(如需重置放至站点根目录,用完删除) | |||
| ``` | |||
| 5.PHP环境容易碰到的不兼容性问题 | |||
+ 97
- 0
tools/resetpwd.php
View File
| @@ -0,0 +1,97 @@ | |||
| <?php | |||
| /** | |||
| * DedeBIZ密码修改工具,改完即删,别留着过年,老铁们~ | |||
| * | |||
| * @version $id:resetpwd.php tianya $ | |||
| * @package DedeBIZ.Tools | |||
| * @copyright Copyright (c) 2023 DedeBIZ.COM | |||
| * @license GNU GPL v2 (https://www.dedebiz.com/license) | |||
| * @link https://www.dedebiz.com | |||
| */ | |||
| define('DEDEBIZ_REPWD_VER', '1.0.0'); | |||
| /** | |||
| * ToolAlert | |||
| * | |||
| * @param mixed $content | |||
| * @param mixed $colors | |||
| * @return string | |||
| */ | |||
| function ToolAlert($content, $colors = array('#cfe2ff', '#b6d4fe', '#084298')) | |||
| { | |||
| define('TOOLS_ALERT_TPL', '<div style="position:relative;padding:.75rem 1.25rem;margin-bottom:1rem;width:auto;font-size:14px;color:~color~;background:~background~;border-color:~border~;border:1px solid transparent;border-radius:.5rem">~content~</div>'); | |||
| list($background, $border, $color) = $colors; | |||
| return str_replace(array('~color~', '~background~', '~border~', '~content~'), array($color, $background, $border, $content), TOOLS_ALERT_TPL); | |||
| } | |||
| if (!file_exists(dirname(__FILE__) . '/system/common.inc.php')) { | |||
| echo ToolAlert("请将当前文件放置到DedeBIZ根目录下,通过`http://网站域名/dedebiz_repwd.php`可以访问"); | |||
| exit; | |||
| } | |||
| require_once dirname(__FILE__) . '/system/common.inc.php'; | |||
| require_once(DEDEINC.'/libraries/oxwindow.class.php'); | |||
| $dopost = isset($dopost)? $dopost : ''; | |||
| $adminname = isset($adminname)? HtmlReplace($adminname, -1) : ''; | |||
| $newpwd = isset($newpwd)? $newpwd : ''; | |||
| $renewpwd = isset($renewpwd)? $renewpwd : ''; | |||
| $dbpwd = isset($dbpwd)? $dbpwd : ''; | |||
| if ($dopost === 'change') { | |||
| if (empty($adminname)) { | |||
| ShowMsg("管理员账号不能为空", -1); | |||
| exit; | |||
| } | |||
| if (empty($newpwd) || $newpwd !== $renewpwd) { | |||
| ShowMsg("新密码不能为空,且两次输入必须保持一致", -1); | |||
| exit; | |||
| } | |||
| if (empty($dbpwd) || $dbpwd !== $cfg_dbpwd) { | |||
| ShowMsg("数据库连接密码不能为空,切必须正确", -1); | |||
| exit; | |||
| } | |||
| $admin = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE `userid` = '$adminname'"); | |||
| if (empty($admin)) { | |||
| ShowMsg("不存在当前输入的管理员账号", -1); | |||
| exit; | |||
| } | |||
| if (function_exists('password_hash')) { | |||
| $pwdm = "pwd='',pwd_new='".password_hash($newpwd, PASSWORD_BCRYPT)."'"; | |||
| $pwd = "pwd='',pwd_new='".password_hash($newpwd, PASSWORD_BCRYPT)."'"; | |||
| } else { | |||
| $pwdm = "pwd='".md5($newpwd)."'"; | |||
| $pwd = "pwd='".substr(md5($newpwd), 5, 20)."'"; | |||
| } | |||
| $id = $admin['id']; | |||
| $query = "UPDATE `#@__admin` SET $pwd WHERE id='$id'"; | |||
| $dsql->ExecuteNoneQuery($query); | |||
| $query = "UPDATE `#@__member` SET $pwdm WHERE mid='$id'"; | |||
| $dsql->ExecuteNoneQuery($query); | |||
| ShowMsg("管理员密码成功修改为<code>{$newpwd}</code>,请务必删除当前文件!", 'javascript:;'); | |||
| exit; | |||
| } | |||
| $wintitle = "DedeBIZ修改密码工具"; | |||
| $wecome_info = "DedeBIZ修改密码工具 V" . DEDEBIZ_REPWD_VER; | |||
| $win = new OxWindow(); | |||
| $win->Init(basename(__FILE__), 'js/blank.js', 'POST'); | |||
| $win->AddHidden('dopost', 'change'); | |||
| $win->AddHidden('token', $_SESSION['token']); | |||
| $win->AddTitle("<div class='alert alert-info mb-0'>本工具为站点管理员忘记后台登录账号信息使用,如需技术服务或者商业工具请<a href='https://www.dedebiz.com/service' target='_blank'>联系官方</a></div>"); | |||
| $win->AddMsgItem(' | |||
| <tr> | |||
| <td width="260">管理员账号:</td> | |||
| <td><input type="text" name="adminname" id="adminname" class="admin-input-lg" placeholder="输入需要修改密码的管理员账号"></td> | |||
| </tr> | |||
| <tr> | |||
| <td width="260">密码:</td> | |||
| <td><input type="password" name="newpwd" id="newpwd" class="admin-input-lg" placeholder="新的密码"></td> | |||
| </tr> | |||
| <tr> | |||
| <td width="260">再次输入密码:</td> | |||
| <td><input type="password" name="renewpwd" id="renewpwd" class="admin-input-lg" placeholder="重复上面的密码"></td> | |||
| </tr> | |||
| <tr> | |||
| <td width="260">数据库密码:</td> | |||
| <td><input type="password" name="dbpwd" id="dbpwd" class="admin-input-lg" placeholder="输入数据库连接密码"> 查看`data/common.inc.php`中的`cfg_dbpwd`</td> | |||
| </tr> | |||
| '); | |||
| $winform = $win->GetWindow('ok'); | |||
| $win->Display(); | |||