<?php
require_once("/config.php");
session_start();
if(!empty($_POST["security"])){
if($_SESSION["security"] != $_POST["security"]) { $errors[] = "输入无效. 请重试."; }
}
$security = rand(10000, 100000);
$_SESSION["security"] = $security;
if(!empty($_POST["accountname"]) && !empty($_POST["password"]) && !empty($_POST["charactername"]) && !empty($_POST["security"])){
$mysql_connect = mysqli_connect($mysql["host"], $mysql["username"], $mysql["password"]) or die("无法链接数据库.");
mysqli_select_db($mysql_connect, $mysql["characters"]) or die("无法链接服务器数据库.");
$post_accountname = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["accountname"])));
$check_account_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM auth.account WHERE username = '".$post_accountname."'");
$check_account_results = mysqli_fetch_array($check_account_query);
if($check_account_results[0]==0){ $errors[] = "账户不存在.请重试."; }
$post_password = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["password"])));
$post_password_final = mysqli_real_escape_string($mysql_connect, SHA1("".$post_accountname.":".$post_password.""));
$check_password_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM auth.account WHERE sha_pass_hash = '".$post_password_final."'");
$check_password_results = mysqli_fetch_array($check_password_query);
if($check_password_results[0]==0){ $errors[] = "密码错误.请重试."; }
$post_charactername = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["charactername"])));
$check_character_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM characters.characters WHERE name = '".$post_charactername."'");
$check_character_results = mysqli_fetch_array($check_character_query);
if($check_character_results[0]==0){ $errors[] = "角色名不存在.请重试."; }
$check_accountguid_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM characters.characters,auth.account WHERE characters.characters.`name` = '".$post_charactername."' AND characters.characters.account = auth.account.id AND auth.account.username = '".$post_accountname."'");
$check_accountguid_results = mysqli_fetch_array($check_accountguid_query);
if($check_accountguid_results[0]==0){ $errors[] = "账户角色不匹配.请重试."; }
if(!is_array($errors)){
mysqli_query($mysql_connect, "DELETE character_spell,character_classless FROM character_spell,character_classless,characters.characters WHERE characters.name = '".$post_accountname."' AND character_spell.guid = characters.guid AND character_classless.guid = characters.guid;") or die(mysqli_error($mysql_connect));
$errors[] = '<h2>成功重置账号<font color="red">'.$post_accountname.'</font>下角色:<font color="blue">'.$post_charactername.'</font>的天赋及技能</h2>.';
}
mysqli_close($mysql_connect);
}
function error_msg(){
global $errors;
if(is_array($errors)){
foreach($errors as $msg){
echo '<div class="errors">'.$msg.'</div>';
}
}
}
?>
<!DOCTYPE html>
" />
" />
" />
<?php echo $site["title"]; ?>
<br> function checkform ( form )<br> {</p> <pre><code> if (form.accountname.value == "") { alert( "账户名称未填写. 请重试." ); form.accountname.focus(); return false; } else { if (form.accountname.value.length < 1) { alert( "账户名称小于1个字符,请重试" ); form.accountname.focus(); return false; } } if (form.password.value == "") { alert( "密码是空的. 请重试." ); form.password.focus(); return false; } else { if (form.password.value.length < 6) { alert( "密码长度小于6个字符,请重试!" ); form.password.focus(); return false; } } if (form.charactername.value == "") { alert( "角色名是空的. 请重试." ); form.charactername.focus(); return false; } else { if (form.charactername.value.length < 1) { alert( "角色名长度小于1个字符,请重试!" ); form.charactername.focus(); return false; } } if (form.security.value == "") { alert( "验证码是空的. 请重试." ); form.security.focus(); return false; } </code></pre> <p>return true ;<br> }<br>
|
"> |
||||||||||
<?php error_msg(); ?>" method="POST" onsubmit="return checkform(reg);" name="reg">
<?php echo $site["realmlist"]; ?>
|
||||||||||
