getpwd2.php

希望这个对大家有用

<?php
$totalRows_rsMember = 0;
?>
<?php require_once('Connections/member.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$colname_rsMember = "-1";
if (isset($_POST['txtUsername'])) {
  $colname_rsMember = (get_magic_quotes_gpc()) ? $_POST['txtUsername'] : addslashes($_POST['txtUsername']);
}
mysql_select_db($database_member, $member);
$query_rsMember = sprintf("SELECT username, question FROM members WHERE username = %s", GetSQLValueString($colname_rsMember, "text"));
$rsMember = mysql_query($query_rsMember, $member) or die(mysql_error());
$row_rsMember = mysql_fetch_assoc($rsMember);
$totalRows_rsMember = mysql_num_rows($rsMember);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>回答问题</title>
<link href="style/style.css" rel="stylesheet" type="text/css" />
<script language="javascript">
function checkFormData () {
  if ( form1.txtAnswer.value == "" ) {
    alert ( "答案不能为空，请重新输入！" );
	form1.txtAnswer.focus();
	return false;
  }
}
</script>
</head>

<body>
<?php include( "menu.php" ); ?>
<?php
if ($totalRows_rsMember == 0) {
  header ( "Location: message.php?error=3" );
  exit;
}
?>
  <form action="getpwd3.php" method="post" name="form1" id="form1" onsubmit="return checkFormData()">
    <table width="300" border="1" align="center" rules="none">
      <tr bgcolor="#0066CC">
        <th colspan="2" class="title" scope="col">第二步：回答问题</th>
      </tr>
      <tr>
        <td height="25" align="right">安全问题：</td>
        <td height="25"><?php echo $row_rsMember['question']; ?></td>
      </tr>
      <tr>
        <td height="25" align="right">答案：</td>
        <td height="25"><input name="txtAnswer" type="text" id="txtAnswer" /></td>
      </tr>
      <tr>
        <td height="35" align="right"><input name="hidUsername" type="hidden" id="hidUsername" value="<?php echo $row_rsMember['username']; ?>" /></td>
        <td height="35"><input name="Submit" type="button" onclick="javascript:history.back()" value="上一步" />
          &nbsp;&nbsp;
          <input type="submit" name="Submit2" value="下一步" /></td>
      </tr>
    </table>
  </form>
</body>
</html>
<?php
mysql_free_result($rsMember);
?>