【ecshop教程】ECSHOP用户中心修改"用户信息"增加会员密码问题验证
ECSHOP用户中心修改"用户信息"增加会员密码问题验证
目的增加会员安全性,修改会员密码需要,问题验证
教程开始
1、themes\default\user_transaction.dwt 将
<select name=
'sel_question'
>
<option value=
'0'
>{
$lang
.sel_question}</option>
{html_options options=
$passwd_questions
selected=
$profile
.passwd_question}
</select>
修改为
<select name=
'sel_question'
onblur=
"checkSelQuestion(this.value);"
id=
"sel_question"
>
<option value=
'0'
>{
$lang
.sel_question}</option>
{html_options options=
$passwd_questions
selected=
$profile
.passwd_question}
</select>
<span id=
"sel_question_notice"
style=
"color:#FF0000"
> *</span>
将
<input name=
"passwd_answer"
type=
"text"
size=
"25"
class
=
"inputBg"
maxlengt=
'20'
value=
"{$profile.passwd_answer}"
/><!-- {
if
$field
.is_need} --><span style=
"color:#FF0000"
> *</span><!-- {/
if
} -->
修改为
<input name=
"passwd_answer"
type=
"text"
size=
"25"
class
=
"inputBg"
maxlengt=
'20'
value=
""
id=
"passwd_answer"
onblur=
"checkSelAnswer(this.value);"
/><!-- {
if
$field
.is_need} --><span id=
"passwd_answer_notice"
style=
"color:#FF0000"
> *</span><!-- {/
if
} -->
2.js\user.js 找到function userEdit()中的
if
(passwd_answer.length > 0 && sel_question == 0 || document.getElementById(
'passwd_quesetion'
) && passwd_answer.length == 0)
{
msg += no_select_question +
'\n'
;
}
替换成
if
(!checkAnswer(passwd_answer)){
msg +=
'- '
+
'密码问题答案不正确'
+
'\n'
;
}
在function userEdit()后添加
function
checkAnswer(passwd_answer){
result = Ajax.call(
'user.php?act=check_passwd_answer'
,
'passwd_answer='
+ passwd_answer, null ,
'GET'
,
'TEXT'
, false );
result = result.replace(/^\s+|\s+$/g,
""
);
if
( result !=
"ok"
){
return
false;
}
else
{
return
true;
}
}
/* *
* 修改用户信息时验证密码问题
*/
function
checkSelQuestion(sel_question){
if
(sel_question == 0){
document.getElementById(
'sel_question_notice'
).innerHTML =
'必须选择您的密码问题'
;
}
else
{
result = Ajax.call(
'user.php?act=check_sel_question'
,
'sel_question='
+ sel_question, null ,
'GET'
,
'TEXT'
, false );
result = result.replace(/^\s+|\s+$/g,
""
);
if
( result ==
'ok'
){
document.getElementById(
'sel_question_notice'
).innerHTML =
'密码问题正确'
;
}
else
{
document.getElementById(
'sel_question_notice'
).innerHTML =
'请选择正确的密码问题'
;
}
}
}
/* *
* 修改用户信息时验证密码问题答案
*/
function
checkSelAnswer(passwd_answer){
if
(passwd_answer == 0){
document.getElementById(
'passwd_answer_notice'
).innerHTML =
'必须填写您的密码问题答案'
;
}
else
{
result = Ajax.call(
'user.php?act=check_passwd_answer'
,
'passwd_answer='
+ passwd_answer, null ,
'GET'
,
'TEXT'
, false );
result = result.replace(/^\s+|\s+$/g,
""
);
if
( result ==
'ok'
){
document.getElementById(
'passwd_answer_notice'
).innerHTML =
'密码问题答案正确'
;
}
else
{
document.getElementById(
'passwd_answer_notice'
).innerHTML =
'答案不正确请重新输入'
;
}
}
}
3.user.php中在
/* 用户登录界面 */
elseif
(
$action
==
'login'
)
/* 用户登录界面 */
elseif ($action == 'login')
/*验证密码问题是否正确*/
elseif
(
$action
==
'check_sel_question'
){
$sel_question
= trim(
$_GET
[
'sel_question'
]);
$question
=
$user
->check_sel_question(
$user_id
);
if
(
strcmp
(
$sel_question
,
$question
)!= 0){
echo
'false'
;
}
else
{
echo
'ok'
;
}
}
/*验证密码问题答案是否正确*/
elseif
(
$action
==
'check_passwd_answer'
){
$question
=
$user
->check_sel_question(
$user_id
);
$answer
=
$user
->check_passwd_answer(
$user_id
,
$question
);
$passwd_answer
= trim(
$_GET
[
'passwd_answer'
]);
if
(
strcmp
(
$answer
,
$passwd_answer
)!= 0){
echo
'false'
;
}
else
{
echo
'ok'
;
}
}
4.includes\modules\integrates\integrate.php,在
/* 会员手机的字段名 */
var
$field_phone
=
''
;
之后,添加
/* 会员问题的字段名 */
var
$field_question
=
''
;
/* 会员问题的回答字段名 */
var
$field_answer
=
''
;
在
/**
* 检查cookie是正确,返回用户名
*
* @access public
* @param
*
* @return void
*/
function
check_cookie()
之上,添加
/**
* 检查指定密码问题是否为注册时设置的那个
*
* @access public
* @param string $user_id 用户id
*
* @return boolean
*/
function
check_sel_question(
$user_id
){
if
(!
empty
(
$user_id
)){
$sql
=
"SELECT passwd_question"
.
$this
->field_question .
" FROM "
.
$this
->table(
$this
->user_table).
" WHERE "
.
$this
->field_id .
"='"
.
$user_id
.
"'"
;
return
$this
->db->getOne(
$sql
);
}
}
/**
* 检查指定密码问题答案是否正确
*
* @access public
* @param string $user_id 用户id
* @param string $question 密码问题
*
* @return boolean
*/
function
check_passwd_answer(
$user_id
,
$question
){
if
(!
empty
(
$user_id
)){
$sql
=
"SELECT passwd_answer"
.
$this
->field_answer .
" FROM "
.
$this
->table(
$this
->user_table).
" WHERE "
.
$this
->field_id .
"='"
.
$user_id
.
"' AND passwd_question"
.
" = '"
.
$question
.
"'"
;
return
$this
->db->getOne(
$sql
);
}
}
完成。
版权声明:本文来源于互联网,如有侵权,请联系下方邮箱,一个工作日删除!