~content~');
list($background, $border, $color) = $colors;
return str_replace(array('~color~', '~background~', '~border~', '~content~'), array($color, $background, $border, $content), TOOLS_ALERT_TPL);
}
if (!file_exists(dirname(__FILE__) . '/system/common.inc.php')) {
echo ToolAlert("请将当前文件放置到DedeBIZ根目录下,通过`http://网站域名/dedebiz_repwd.php`可以访问");
exit;
}
require_once dirname(__FILE__) . '/system/common.inc.php';
require_once(DEDEINC.'/libraries/oxwindow.class.php');
$dopost = isset($dopost)? $dopost : '';
$adminname = isset($adminname)? HtmlReplace($adminname, -1) : '';
$newpwd = isset($newpwd)? $newpwd : '';
$renewpwd = isset($renewpwd)? $renewpwd : '';
$dbpwd = isset($dbpwd)? $dbpwd : '';
if ($dopost === 'change') {
if (empty($adminname)) {
ShowMsg("管理员账号不能为空", -1);
exit;
}
if (empty($newpwd) || $newpwd !== $renewpwd) {
ShowMsg("新密码不能为空,且两次输入必须保持一致", -1);
exit;
}
if (empty($dbpwd) || $dbpwd !== $cfg_dbpwd) {
ShowMsg("数据库连接密码不能为空,切必须正确", -1);
exit;
}
$admin = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE `userid` = '$adminname'");
if (empty($admin)) {
ShowMsg("不存在当前输入的管理员账号", -1);
exit;
}
if (function_exists('password_hash')) {
$pwdm = "pwd='',pwd_new='".password_hash($newpwd, PASSWORD_BCRYPT)."'";
$pwd = "pwd='',pwd_new='".password_hash($newpwd, PASSWORD_BCRYPT)."'";
} else {
$pwdm = "pwd='".md5($newpwd)."'";
$pwd = "pwd='".substr(md5($newpwd), 5, 20)."'";
}
$id = $admin['id'];
$query = "UPDATE `#@__admin` SET $pwd WHERE id='$id'";
$dsql->ExecuteNoneQuery($query);
$query = "UPDATE `#@__member` SET $pwdm WHERE mid='$id'";
$dsql->ExecuteNoneQuery($query);
ShowMsg("管理员密码成功修改为{$newpwd}
,请务必删除当前文件!", 'javascript:;');
exit;
}
$wintitle = "DedeBIZ修改密码工具";
$wecome_info = "DedeBIZ修改密码工具 V" . DEDEBIZ_REPWD_VER;
$win = new OxWindow();
$win->Init(basename(__FILE__), 'js/blank.js', 'POST');
$win->AddHidden('dopost', 'change');
$win->AddHidden('token', $_SESSION['token']);
$win->AddTitle("