📄 profile.cgi
字号:
############################## save profile modification
sub savemodify {
&getmember("$inmembername");
if ("$userregistered" eq "no") { &error("修改资料&没有此用户名!"); }
if ("$oldpassword" ne "$password") { &error("修改资料&密码错误!"); }
$newpassword1 = $query -> param('newpassword1');
$newpassword2 = $query -> param('newpassword2');
$newshowemail = $query -> param('newshowemail');
$newhomepage = $query -> param('newhomepage');
$newaolname = $query -> param('newaolname');
$newicqnumber = $query -> param('newicqnumber');
$newlocation = $query -> param('newlocation');
$newinterests = $query -> param('newinterests');
$newtimedifference = $query -> param('newtimedifference');
$newpersonalavatar = $query -> param('newpersonalavatar');
$newpersonalwidth = $query -> param('newpersonalwidth');
$newpersonalheight = $query -> param('newpersonalheight');
$newemailaddress = $query -> param('newemailaddress');
$newsignature = $query -> param('newsignature');
$inuseravatar = $query -> param('useravatar');
$newsignature = &unHTML("$newsignature");
$inuseravatar = &cleaninput("$inuseravatar");
$newpassword = &cleanarea("$newpassword");
$newshowemail = &cleanarea("$newshowemail");
$newhomepage = &cleanarea("$newhomepage");
$newaolname = &cleanarea("$newaolname");
$newicqnumber = &cleanarea("$newicqnumber");
$newlocation = &cleanarea("$newlocation");
$newinterests = &cleanarea("$newinterests");
$newtimedifference = &cleanarea("$newtimedifference");
$newpersonalavatar = &cleanarea("$newpersonalavatar");
$newpersonalwidth = &cleanarea("$newpersonalwidth");
$newpersonalheight = &cleanarea("$newpersonalheight");
$newemailaddress = &cleanarea("$newemailaddress");
if ($newsignature) {
$newsignature =~ s/\t//g;
$newsignature =~ s/\r//g;
$newsignature =~ s/ / /g;
$newsignature =~ s/\n\n/\n\ \n/isg;
$newsignature =~ s/\n/\[br\]/isg;
$newsignature =~ s/\[br\]\[br\]/\[br\]\ \[br\]/isg;
}
# make sure its a valid form
@testsig = split(/\[br\]/,$newsignature);
$siglines = @testsig;
if ($siglines > 5) { &error("修改资料&对不起,签名不能超过 5 行!"); }
if (($newpersonalavatar)&&($newpersonalwidth)&&($newpersonalheight)) {
if ($newpersonalavatar !~ /^http:\/\/[\w\W]+\.[\w\W]+$/) {
&error("用户注册&自定义头像的 URL 地址有问题!");
}
if (($newpersonalavatar !~ /\.gif$/isg)&&($newpersonalavatar !~ /\.jpg$/isg)&&($newpersonalavatar !~ /\.png$/isg)) {
&error("用户注册&自定义头像必须为 PNG、GIF 或 JPG 格式") ;
}
if (($newpersonalwidth < 20)||($newpersonalwidth > $maxposticonwidth)) {
&error("用户注册&对不起,自定义图像宽度必须在 20 -- $maxposticonwidth 像素之间!");
}
if (($newpersonalheight < 20)||($newpersonalheight > $maxposticonheight)) {
&error("用户注册&对不起,自定义图像高度必须在 20 -- $maxposticonheight 像素之间!");
}
$inuseravatar = "noavatar";
}
else {$newpersonalavatar=""; $newpersonalwidth=""; $newpersonalheight="";} #清除自定义头像信息
if ($newemailaddress eq "") { $blankfields = "yes"; }
if ($newpassword1 ne $newpassword2) { &error("修改资料&你输入的两次密码不相同,如果你不想修改密码,请保持这两项为空!"); }
if (($newpassword1 ne "")&&($newpassword2 ne "")) { $newpassword = $newpassword1; }
else { $newpassword = $oldpassword; }
if ($blankfields) {
&error("修改资料&请输入用户名、邮件地址,这些是必需的!");
}
# Sort out new cookies
$namecookie = cookie(-name => "amembernamecookie",
-value => "$inmembername",
-path => "$cookiepath",
-expires => "+30d");
$passcookie = cookie(-name => "apasswordcookie",
-value => "$inpassword",
-path => "$cookiepath",
-expires => "+30d");
if($newemailaddress !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/) { &error("注册&Email 地址非法!"); }
&getmember("$inmembername");
if (($passwordverification eq "yes") && ($emailfunctions ne "off") && ($newemailaddress ne $emailaddress)) {
$seed = int(rand 100000);
$password = crypt($seed, aun);
$password =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$password =~ s/\.//g;
$password =~ s/\|//g;
$newpassword = substr($password, 0, 7);
# Sort out new cookies
$passcookie = cookie(-name => "apasswordcookie",
-value => "",
-path => "$cookiepath",
-expires => "-1d");
### send the email
$to = "$newemailaddress";
$from = "$homename <$adminemail_out>";
$subject = "您改变了在 $boardname 中注册的邮件地址";
$message .= "\n";
$message .= "$homename\n";
$message .= "$boardurl/$forumsummaryprog\n\n\n";
$message .= "------------------------------------\n";
$message .= "您的用户名、新密码如下:\n\n";
$message .= "用户名: $inmembername\n";
$message .= "新密码: $newpassword\n\n\n";
$message .= "请注意:用户名和密码区分大小写!\n\n";
$message .= "------------------------------------\n";
&sendmail($from, $from, $to, $SMTP_SERVER, $subject, $message );
} # end new password request
$memberfiletitle = $inmembername;
$memberfiletitle =~ s/ /\_/isg;
$filetomake = "$ikondir" . "members/$memberfiletitle.cgi";
open(FILE, ">$filetomake");
flock(FILE, 2) if ($OS_USED eq "Unix");
print FILE "$inmembername|$newpassword|$membertitle|$membercode|$numberofposts|$newemailaddress|$newshowemail|$ipaddress|$newhomepage|$newaolname|$newicqnumber|$newlocation|$newinterests|$joineddate|$lastpostdate|$newsignature|$newtimedifference|$privateforums|$inuseravatar|$misc1|$misc2|$misc3|$newpersonalavatar|$newpersonalwidth|$newpersonalheight|";
close(FILE);
if ($newsignature) {
$previewsig = &signikoncode($newsignature);
}
if ($badwords) {
@pairs = split(/\&/,$badwords);
foreach (@pairs) {
($bad, $good) = split(/=/,$_);
chop $good;
$previewsig=~ s/$bad/$good/isg;
}
}
$output .= qq~
<tr>
<td bgcolor=$miscbacktwo valign=middle align=center><font face="$font" color=$fontcolormisc><b>个人信息已经保存</b></font></td></tr>
<tr>
<td bgcolor=$miscbackone valign=middle><font face="$font" color=$fontcolormisc>
具体情况:
<ul>
<li><a href="$forumsummaryprog">返回论坛首页</a>
</ul>
</td></tr>
<tr>
<td bgcolor=$miscbackone valign=middle><font face="$font" color=$postfontcolor>
你的新签名预览:<br>
<hr><br>
$previewsig
<br>
<hr>
</font>
</td>
</tr>
</table></td></tr></table>
~;
if (($passwordverification eq "yes") && ($emailfunctions ne "off") && ($newemailaddress ne $emailaddress)) {
$output =~ s/具体情况:/你的新密码已经通过 Email 发送给你了!/g;
}
} # end save details.
########### Lets stop people trying to get the Admin's password.
sub blocked {
if ($inmembername eq "") { $inusername = "客人"; }
$ipaddress = $ENV{'REMOTE_ADDR'};
$inmembername =~ s/\_/ /g;
$output .= qq~
<p>
<tr>
<td bgcolor=$miscbacktwo valign=middle colspan=2 align=center><font face="$font" color=$fontcolormisc><b><font color=$fonthighlight>不允许发送管理员的密码</b></font></td></tr>
<tr>
<td bgcolor=$miscbackone><font face="$font" color=$fontcolormisc>
<b>从安全角度考虑,管理员的密码是锁定的,不允许通过 Email 来寄送。</b><p>
为了防止有 hacker 攻击服务器,你的 IP 地址 $ipaddress 已经被记入,并通过 Email 发送给管理员了。<br>
你用的浏览器: $ENV{'HTTP_USER_AGENT'}<p>
如果你不是故意的,你不要过于担心。<p><p>
---- 山鹰糊 <a href=http://www.cgier.com/ target=_blank>http://www.cgier.com/</a>
</td></tr></table></td></tr></table>
~;
$message .= "\n";
$message .= "$boardname\n";
$message .= "$boardurl/$forumsummaryprog\n\n";
$message .= "------------------------------------\n";
$message .= "这是自动发送的邮件。\n\n";
$message .= "很可能是有人想通过他们指定的\n";
$message .= "电子邮件得到您的超级密码!\n";
$message .= "但他们不能通过这种方式得到您的密码。\n";
$message .= "这仅仅是一封警告邮件。\n";
$message .= "------------------------------------\n\n";
$message .= "注册名: $inmembername\n";
$message .= "IP地址: $ipaddress\n\n";
$message .= "------------------------------------\n";
$to = "$adminemail_in";
$from = "$homename <$adminemail_out>";
$subject = "警告!!可能是 hacker 在攻击您的论坛!";
&sendmail($from, $from, $to, $SMTP_SERVER, $subject, $message );
$output =~ s/用户资料/警告!/g;
&output(
-Title => $boardname,
-ToPrint => $output,
-Version => $versionnumber
);
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -