%
Dim Founderr,useremail
Dim topic,mailbody,sendmsg
Dim answer,repassword,username,password
Dim Rs,sql
Dim Errmsg,Sucmsg
Founderr = False
If Not IsObject(Conn) Then ConnectionDatabase
Response.Write "
"
Founderr = False
If Founderr Then
Response.Write ""
Else
If Trim(Request("action")) = "step1" Then
Call step1
ElseIf Trim(Request("action")) = "step2" Then
Call step2
ElseIf Trim(Request("action")) = "step3" Then
Call step3
Else
Call main
End If
If Founderr Then Response.Write ""
End If
Sub step1()
If Newasp.checkpost = False Then
Errmsg = Errmsg + "您提交的数据不合法,请不要从外部提交发言。"
Founderr = True
Exit Sub
End If
If Trim(Request("username")) = "" Then
Founderr = True
Errmsg = Errmsg + "请输入您的用户名。"
Exit Sub
Else
UserName = Newasp.CheckBadstr(Request("username"))
End If
If CInt(Newasp.IsCloseMail) = 1 Then
Set Rs = Newasp.Execute("SELECT * FROM [NC_User] WHERE username='" & UserName & "'")
Else
Set Rs = Newasp.Execute("SELECT * FROM [NC_User] WHERE username='" & UserName & "'")
End If
If Rs.EOF And Rs.bof Then
Founderr = True
Errmsg = Errmsg + "您输入的用户名并不存在,请重新输入。或者由于该系统不支持邮件发送,只能通过联系站长获得密码。"
Else
If Rs("UserGrade") = 999 Then
Founderr = True
Errmsg = Errmsg + "找回密码失败,请和管理员联系取回密码。"
Set Rs = Nothing
Exit Sub
End If
If Rs(13) = "" Or IsNull(Rs(13)) Then
Founderr = True
Errmsg = Errmsg + "该用户没有填写密码问题及答案,只有填写的用户方能继续。"
Else
Response.Write "
"
End If
End If
Rs.Close
Set Rs = Nothing
End Sub
Sub step2()
If Trim(Request("username")) = "" Then
Founderr = True
Errmsg = Errmsg + "请输入您的用户名。"
Exit Sub
Else
UserName = Newasp.CheckBadstr(Request("username"))
End If
If Newasp.checkpost = False Then
Errmsg = Errmsg + "您提交的数据不合法,请不要从外部提交发言。"
Founderr = True
Exit Sub
End If
If Trim(Request("answer")) = "" Then
Founderr = True
Errmsg = Errmsg + "请输入您的问题答案。"
Exit Sub
Else
Answer = md5(Trim(Request("answer")))
End If
Set Rs = Newasp.Execute("SELECT * FROM NC_User WHERE username='" & UserName & "' And answer='" & Answer & "'")
If Rs.EOF And Rs.bof Then
Founderr = True
Errmsg = Errmsg + "您输入的问题答案不正确,请重新输入。"
Set Rs = Nothing
Exit Sub
Else
If Rs("UserGrade") = 999 Then
Founderr = True
Errmsg = Errmsg + "找回密码失败,请和管理员联系取回密码。"
Set Rs = Nothing
Exit Sub
End If
Response.Write ""
End If
Rs.Close
Set Rs = Nothing
End Sub
Sub step3()
If Newasp.checkpost = False Then
Errmsg = Errmsg + "您提交的数据不合法,请不要从外部提交发言。"
Founderr = True
Exit Sub
End If
If Trim(Request("username")) = "" Then
Founderr = True
Errmsg = Errmsg + "请输入您的用户名。"
Exit Sub
Else
UserName = Newasp.CheckBadstr(Request("username"))
End If
If Newasp.IsValidPassword(Request("answer")) = False Then
ErrMsg = ErrMsg + "密码问题答案中含有非法字符!"
Founderr = True
Exit Sub
End If
If Trim(Request("answer")) = "" Then
Founderr = True
Errmsg = Errmsg + "请输入您的问题答案。"
Exit Sub
Else
Answer = md5(Request("answer"))
End If
If Trim(Request("password")) = "" Or Len(Request("password")) > 30 Or Len(Request("password")) < 5 Then
Founderr = True
Errmsg = Errmsg + "请输入您的新密码(长度不能大于30小于5)。"
Exit Sub
ElseIf Trim(Request("repassword")) = "" Then
Founderr = True
Errmsg = Errmsg + "请再次输入您的新密码。"
Exit Sub
ElseIf Trim(Request("password")) <> Trim(Request("repassword")) Then
Founderr = True
Errmsg = Errmsg + "您输入的新密码和确认不一样,请确认您填写的信息。"
Exit Sub
Else
PassWord = md5(Request("password"))
End If
Set Rs = Server.CreateObject("adodb.recordset")
SQL = "SELECT * FROM [NC_user] WHERE username='" & UserName & "' And answer='" & Answer & "'"
Rs.Open SQL, Conn, 1, 3
If Rs.EOF And Rs.bof Then
Founderr = True
Errmsg = Errmsg + "您输入的问题答案不正确,请重新输入。"
Else
If Rs("UserGrade") = 999 Then
Founderr = True
Errmsg = Errmsg + "找回密码失败,请和管理员联系取回密码。"
Set Rs = Nothing
Exit Sub
End If
If CInt(Newasp.IsCloseMail) = 0 Then
RePassword = Request.Form("password")
Answer = Request.Form("answer")
PassWord = Rs("password")
UsereMail = Rs("usermail")
Call sendusermail
If SendMail = "OK" Then
SendMsg = "系统已经发送一封邮件到您注册时填写的邮箱,在打开邮件中的密码激活地址后,您的新密码将正式启用。"
Else
Rs("password") = md5(RePassword)
Rs.Update
SendMsg = "由于系统错误,给您发送的密码资料未成功。您已经修改密码成功,请使用新密码登陆系统。"
End If
Else
Rs("password") = PassWord
Rs.Update
End If
Response.Write ""
End If
Rs.Close
Set Rs = Nothing
End Sub
Sub main()
Response.Write ""
End Sub
Sub sendusermail()
On Error Resume Next
Topic = "您在" & Newasp.SiteName & "的密码信息"
MailBody = MailBody & ""
MailBody = MailBody & "
"
Select Case CInt(Newasp.SendMailType)
Case 0
SendMsg = "由于系统错误,给您发送的密码资料未成功。请点击右边的连接将您的密码激活:激活密码"
Case 1
Call jmail(UsereMail, Topic, MailBody)
Case 2
Call Cdonts(UsereMail, Topic, MailBody)
Case 3
Call aspemail(UsereMail, Topic, MailBody)
Case Else
SendMsg = "由于系统错误,给您发送的密码资料未成功。请点击右边的连接将您的密码激活:激活密码"
End Select
End Sub
%>