bug日志易优cms二次模版验证问题答案忘记了, 二次模版验证问题修改不了该改哪块代码
不用着急,为大伙整了个易优修改重置后台密码小工具
方便大家忘记后台登陆密码时,快速重置
将下面的文件保存php文件,上传到网站根目录,浏览器访问 http://你的网址/XX.php ,按照操作执行就可以。
修改完之后,请立即删除该文件,免得被其他人修改。
<!DOCTYPE html> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>密码修改工具 - 易优CMS</title> </head> <body> <?php error_reporting(E_ALL & ~E_NOTICE); header('Content-Type: text/html; charset=UTF-8'); // 数据绝对路径 defined('DATA_PATH') or define('DATA_PATH', __DIR__ . '/data/'); // 运行缓存 defined('RUNTIME_PATH') or define('RUNTIME_PATH', DATA_PATH . 'runtime/'); // 安装程序定义 defined('DEFAULT_INSTALL_DATE') or define('DEFAULT_INSTALL_DATE',1525756440); // 序列号 defined('DEFAULT_SERIALNUMBER') or define('DEFAULT_SERIALNUMBER','20180508131400oCWIoa'); // 定义应用目录 defined('APP_PATH') or define('APP_PATH', __DIR__ . '/application/'); defined('EXT') or define('EXT', '.php'); defined('DS') or define('DS', DIRECTORY_SEPARATOR); defined('THINK_PATH') or define('THINK_PATH', __DIR__ . DS); defined('CACHE_PATH') or define('CACHE_PATH', RUNTIME_PATH . 'cache' . DS); defined('ROOT_PATH') or define('ROOT_PATH', dirname(realpath(APP_PATH)) . DS); // 插件目录 defined('WEAPP_DIR_NAME') or define('WEAPP_DIR_NAME', 'weapp'); defined('WEAPP_PATH') or define('WEAPP_PATH', ROOT_PATH . WEAPP_DIR_NAME . DS); $version = getCmsVersion(); // 系统版本号 $database = include_once "application/database.php"; $dbHost = trim($database['hostname']); $dbport = $database['hostport'] ? $database['hostport'] : '3306'; $dbName = trim($database['database']); $dbUser = trim($database['username']); $dbPwd = trim($database['password']); $dbPrefix = empty($database['prefix']) ? 'ey_' : trim($database['prefix']); $charset = trim($database['charset']); $conn = @mysqli_connect($dbHost, $dbUser, $dbPwd,$dbName,$dbport); if (mysqli_connect_error()){ $msg = "连接数据库失败!".mysqli_connect_error($conn); tips($msg); } mysqli_set_charset($conn, $charset); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $type = $_POST['type']; if (1 == $type) { // 修改后台登录密码 $user_name = $_POST['user_name']; $password = $_POST['password']; if (empty($password)) { tips("新密码不能为空!"); } $config = include_once "application/config.php"; $auth_code = $config['AUTH_CODE']; $sql = "SELECT value FROM `{$dbPrefix}config` WHERE name = 'system_auth_code' AND inc_type='system' ORDER BY id ASC LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['value'])) { $auth_code = $row['value']; } } if (version_compare($version,'v1.5.7','<')) { $password = md5($auth_code.$password); } else { $entry = pwd_encry_type('bcrypt'); if ('bcrypt' == $entry) { $main_lang = 'cn'; $sql = "SELECT mark FROM `{$dbPrefix}language` ORDER BY id ASC LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['mark'])) { $main_lang = $row['mark']; } } $crypt_auth_code = ''; $sql = "SELECT value FROM `{$dbPrefix}config` WHERE name = 'system_crypt_auth_code' AND inc_type='system' AND lang='{$main_lang}' LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['value'])) { $crypt_auth_code = $row['value']; } } if (!empty($crypt_auth_code)) { $password = crypt($password, $crypt_auth_code); } else { $password = md5($auth_code.$password); } } else { $password = md5($auth_code.$password); } } $sql = "UPDATE `{$dbPrefix}admin` SET `password`='{$password}' WHERE `user_name`='{$user_name}'"; $ret = mysqli_query($conn,$sql); if ($ret) { $msg = "修改成功"; } else { $msg = "修改失败,请官方客服!"; } tips($msg); } else if (2 == $type) // 修改插件安装密码 { $password = $_POST['password']; if (empty($password)) { tips("新密码不能为空!"); } $config = include_once "application/config.php"; $auth_code = $config['AUTH_CODE']; $sql = "SELECT value FROM `{$dbPrefix}config` WHERE name='system_auth_code' AND inc_type='system' ORDER BY id ASC LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['value'])) { $auth_code = $row['value']; } } $password = md5($auth_code.$password); $t = time(); $sql = "UPDATE `{$dbPrefix}config` SET `value`='{$password}', `update_time`='{$t}' WHERE `name`='weapp_installpwd' AND `inc_type`='weapp'"; $ret = mysqli_query($conn,$sql); if ($ret) { delFile('./data/runtime/cache', true); $msg = "修改成功"; } else { $msg = "修改失败,请官方客服!"; } tips($msg); } else if (3 == $type) // 修改插件问题与答案 { $ask = $_POST['ask']; if (empty($ask)) { tips("新问题不能为空!"); } $answer = $_POST['answer']; if (empty($answer)) { tips("新答案不能为空!"); } $config = include_once "application/config.php"; $auth_code = $config['AUTH_CODE']; $sql = "SELECT value FROM `{$dbPrefix}config` WHERE name='system_auth_code' AND inc_type='system' ORDER BY id ASC LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['value'])) { $auth_code = $row['value']; } } $answer = md5($auth_code.$answer); $t = time(); $sql = "UPDATE `{$dbPrefix}setting` SET `value`='{$ask}', `update_time`='{$t}' WHERE `name`='weapp_install_ask' AND `inc_type`='weapp'"; $sql2 = "UPDATE `{$dbPrefix}setting` SET `value`='{$answer}', `update_time`='{$t}' WHERE `name`='weapp_install_answer' AND `inc_type`='weapp'"; if (@mysqli_query($conn,$sql) && @mysqli_query($conn,$sql2)) { delFile('./data/runtime/cache', true); $msg = "修改成功"; } else { $msg = "修改失败,请官方客服!"; } tips($msg); } else if (4 == $type) // 修改二次安全验证的答案 { $answer = trim($_POST['answer']); if (empty($answer)) { tips("新答案不能为空!"); } $config = include_once "application/config.php"; $auth_code = $config['AUTH_CODE']; $sql = "SELECT value FROM `{$dbPrefix}config` WHERE name='system_auth_code' AND inc_type='system' ORDER BY id ASC LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['value'])) { $auth_code = $row['value']; } } $entry = pwd_encry_type('bcrypt'); if ('bcrypt' == $entry) { $crypt_auth_code = ''; $sql = "SELECT value FROM `{$dbPrefix}config` WHERE name = 'system_crypt_auth_code' AND inc_type='system' ORDER BY id ASC LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['value'])) { $crypt_auth_code = $row['value']; } } if (!empty($crypt_auth_code)) { $answer = crypt($answer, $crypt_auth_code); } else { $answer = md5($auth_code.$answer); } } else { $answer = md5($auth_code.$answer); } $t = time(); $sql1 = "UPDATE `{$dbPrefix}setting` SET `value`='{$answer}', `update_time`='{$t}' WHERE `name`='security_answer' AND `inc_type`='security'"; if (@mysqli_query($conn,$sql1)) { delFile('./data/runtime/cache', true); $msg = "修改成功"; } else { $msg = "修改失败,请官方客服!"; } tips($msg); } else if (5 == $type) // 修改后台登录锁定时间 { $web_login_errexpire = intval($_POST['web_login_errexpire']); $t = time(); $sql1 = "UPDATE `{$dbPrefix}config` SET `value`='{$web_login_errexpire}', `update_time`='{$t}' WHERE `name`='web_login_errexpire' AND `inc_type`='web'"; if (@mysqli_query($conn,$sql1)) { delFile('./data/runtime/cache', true); $msg = "修改成功"; } else { $msg = "修改失败,请官方客服!"; } tips($msg); } else if (6 == $type) // 解除后台强制扫码登录 { $data = []; $sql = "SELECT data FROM `{$dbPrefix}weapp` WHERE code = 'EyouGzhLogin' LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['data'])) { $data = unserialize($row['data']); } break; } $data['gzh']['force'] = 0; $serdata = serialize($data); $sql1 = "UPDATE `{$dbPrefix}weapp` SET `data`='{$serdata}' WHERE `code`='EyouGzhLogin'"; if (@mysqli_query($conn,$sql1)) { delFile('./data/runtime/cache', true); $msg = "解除成功"; } else { $msg = "解除失败,请官方客服!"; } tips($msg); } } else { /*管理员列表*/ $sql = "SELECT * FROM `{$dbPrefix}admin`"; $ret = mysqli_query($conn,$sql); $select_html = ""; while($row = mysqli_fetch_array($ret)) { $select_html .= "<option value='{$row['user_name']}'>{$row['user_name']}</option>"; } /*end*/ /*插件问题列表*/ $weapp_askanswer_list = []; $sql = "SELECT value FROM `{$dbPrefix}setting` WHERE name='weapp_askanswer_list' AND inc_type='weapp' ORDER BY id ASC LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['value'])) { $weapp_askanswer_list = json_decode($row['value'], true); } } $ask_select_html = ""; foreach ($weapp_askanswer_list as $key => $value) { $ask_select_html .= "<option value='{$key}'>{$value}</option>"; } /*end*/ /*二次安全验证的问题名称*/ $security_ask = ''; $sql = "SELECT value FROM `{$dbPrefix}setting` WHERE name = 'security_ask' AND inc_type='security' ORDER BY id ASC LIMIT 1"; $ret = mysqli_query($conn,$sql); while($row = mysqli_fetch_array($ret)) { if (!empty($row['value'])) { $security_ask = $row['value']; } } /*end*/ } mysqli_close($conn); function tips($msg) { die('<script type="text/javascript">alert("'.$msg.'");window.location.href = "setpwd.php";</script>'); } /** * 获取CMS的版本号 * @return [type] [description] */ function getCmsVersion() { $version = 'v1.0.0'; $version_txt_path = './data/conf/version.txt'; if(file_exists($version_txt_path)) { $fp = fopen($version_txt_path, 'r'); $content = fread($fp, filesize($version_txt_path)); fclose($fp); $version = $content ? $content : $version; } return $version; } /** * 获取密码加密方式 * @param string $encry_pwd * @return [type] [description] */ function pwd_encry_type($encry_pwd = '') { $entry = 'md5'; if (32 != strlen($encry_pwd)) { if (defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1) { $entry = 'bcrypt'; } } return $entry; } /** * 递归删除文件夹 * * @param string $path 目录路径 * @param boolean $delDir 是否删除空目录 * @return boolean */ function delFile($path, $delDir = FALSE) { if(!is_dir($path)) return FALSE; $handle = @opendir($path); if ($handle) { while (false !== ( $item = readdir($handle) )) { if ($item != "." && $item != "..") is_dir("$path/$item") ? delFile("$path/$item", $delDir) : @unlink("$path/$item"); } closedir($handle); if ($delDir) { return @rmdir($path); } }else { if (file_exists($path)) { return @unlink($path); } else { return FALSE; } } } ?> <style type="text/css"> *, ::after, ::before { box-sizing: border-box; } .logo { width: 100%; text-align: center; margin: 30px 0 10px 0; } .logo img { text-align: center; } .info { margin: 0 20px; padding: 10px 20px; font-size: 14px; margin-top: 15px; background: #f7f7f7; text-align: center; } .border { width: 100%; clear: both; border-bottom: 1px dashed #dedede; } .box { width: 400px; margin: 40px auto; } .name { font-size: 24px; text-align: center; margin-bottom: 20px; } .fexl { display: flex; align-items: center; margin-bottom: 20px; } .fexl .title { width: 75px; text-align: right; margin-right: 10px; font-size: 15px; color: #666; } .fexl .select { width: 308px; display: inline-block; position: relative; vertical-align: middle; padding: 0; overflow: hidden; cursor: pointer; color: #555; background-color: #fff; border: 1px solid #DCDFE6; text-shadow: none; border-radius: 4px; transition: box-shadow 0.25s ease; z-index: 2; } .fexl .select select { padding: 8px 10px; font-size: 15px; color: #606266; width: 100%; border: none; background: transparent; background-image: none; -webkit-appearance: none; -moz-appearance: none; cursor: pointer; } .fexl .input input { width: 308px; height: 35px; display: inline-block; position: relative; vertical-align: middle; padding: 0 10px; overflow: hidden; font-size: 15px; color: #555; background-color: #fff; border: 1px solid #DCDFE6; text-shadow: none; border-radius: 4px; transition: box-shadow 0.25s ease; z-index: 2; } .fexl .input .time { width: 292px; } .submit { margin-top: 30px; } .submit input { display: block; color: #fff; text-align: center; margin: 0 auto; padding: 5px 10px; font-size: 16px; background: #ff6700; border: 1px solid #ff6700; border-radius: 4px; outline: 0; cursor: pointer; } .kefu { position: fixed; right: 10px; bottom: 120px; z-index: 100; width: 150px; height: 205px; background: #fff; } .kefu .wenben { padding: 0 16px; } .kefu .wenben p { margin: 0 ; text-align: center; color: #cd8941; } </style> <div class="logo"> <img src="https://www.eyoucms.com/uploads/allimg/20220117/5-22011F92315649.png"> </div> <br/> <div class="info"> <font style="color: red; font-size: 14px;">注意:修改完之后,建议删掉该文件,免得被其他人修改入侵!</font> </div> <div class="box"> <div class="name">后台登录密码重置</div> <form action="setpwd.php" method="post"> <div class="fexl"> <div class="title">用户名:</div> <div class="select"> <select name="user_name"> <?php echo $select_html;?> </select> </div> </div> <div class="fexl"> <div class="title">新密码:</div> <div class="input"> <input type="password" name="password" value=""> </div> </div> <input type="hidden" name="type" value="1"> <div class="submit"> <input type="submit" name="submit" value="确认修改"> </div> </form> </div> <?php if (version_compare($version,'v1.4.7','<')) { ?> <?php if (version_compare($version,'v1.4.2','>')) { ?> <div class="border"></div> <div class="box"> <div class="name">插件问题与答案重置</div> <form action="setpwd.php" method="post"> <div class="fexl"> <div class="title">新问题:</div> <div class="select"> <select name="ask"> <?php echo $ask_select_html;?> </select> </div> </div> <div class="fexl"> <div class="title">新答案:</div> <div class="input"> <input type="text" name="answer" value=""> </div> </div> <input type="hidden" name="type" value="3"> <div class="submit"> <input type="submit" name="submit" value="确认修改"> </div> </form> </div> <?php } else { ?> <div class="border"></div> <div class="box"> <div class="name">插件安装密码重置</div> <form action="setpwd.php" method="post"> <div class="fexl"> <div class="title">新密码:</div> <div class="input"> <input type="password" name="password" value=""> </div> </div> <input type="hidden" name="type" value="2"> <div class="submit"> <input type="submit" name="submit" value="确认修改"> </div> </form> </div> <?php } ?> <?php } else if (version_compare($version,'v1.5.6','>')) { ?> <div class="border"></div> <div class="box"> <div class="name">密保问题重置</div> <form action="setpwd.php" method="post"> <div class="fexl"> <div class="title">问题名称:</div> <div class="input"> <?php echo $security_ask;?> </div> </div> <div class="fexl"> <div class="title">新的答案:</div> <div class="input"> <input type="text" name="answer" value=""> </div> </div> <input type="hidden" name="type" value="4"> <div class="submit"> <input type="submit" name="submit" value="确认修改"> </div> </form> </div> <?php } ?> <?php if (version_compare($version,'v1.5.6','>')) { ?> <div class="border"></div> <div class="box"> <div class="name">后台登录锁定</div> <form action="setpwd.php" method="post"> <div class="fexl"> <div class="title">锁定时间:</div> <div class="input"> <input class="time" type="text" name="web_login_errexpire" value="" onkeyup="this.value=this.value.replace(/[^\d]/g,'');" onpaste="this.value=this.value.replace(/[^\d]/g,'')"> <span style="color: #666;">秒</span> </div> </div> <input type="hidden" name="type" value="5"> <div class="submit"> <input type="submit" name="submit" value="确认修改"> </div> </form> </div> <?php } ?> <?php if (is_dir('./weapp/EyouGzhLogin/')) { ?> <div class="border"></div> <div class="box"> <div class="name">解除后台强制扫码登录</div> <form action="setpwd.php" method="post"> <input type="hidden" name="type" value="6"> <div class="submit"> <input type="submit" name="submit" value="确认解除"> </div> </form> </div> <?php } ?> <div class="kefu"> <img src="https://www.eyoucms.com/skin/images/eywx.jpg" style="width: 150px;"> <div class="wenben"> <p>扫码加微信客服</p> <p>进微信交流群</p> </div> </div> </body> </html>
相关文章
