From b9cec89541f837b61a1dc4a61b044a31e19be297 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=80=81=E5=91=A8=E9=83=A8=E8=90=BD?= Date: Fri, 21 Feb 2020 16:55:43 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20=E9=82=AE=E4=BB=B6?= =?UTF-8?q?=E9=AA=8C=E8=AF=81=E9=93=BE=E6=8E=A5=E6=9C=89=E6=95=88=E6=9C=9F?= =?UTF-8?q?=E5=86=85=E5=8F=AF=E4=BB=A5=E5=BC=BA=E5=88=B6=E4=BF=AE=E6=94=B9?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E9=82=AE=E7=AE=B1=E7=9A=84Bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- upload/source/function/function_spacecp.php | 7 ++++++- upload/source/include/misc/misc_emailcheck.php | 9 +++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/upload/source/function/function_spacecp.php b/upload/source/function/function_spacecp.php index fdad0c118..0310c5b59 100644 --- a/upload/source/function/function_spacecp.php +++ b/upload/source/function/function_spacecp.php @@ -610,7 +610,12 @@ function emailcheck_send($uid, $email) { global $_G; if($uid && $email) { - $hash = authcode("$uid\t$email\t$_G[timestamp]", 'ENCODE', md5(substr(md5($_G['config']['security']['authkey']), 0, 16))); + // 用户论坛字段表内authstr字段保存token和时间戳,实现邮件链接不可重复使用 + $timestamp = $_G['timestamp']; + $idstring = substr(md5($email), 0, 6); + C::t('common_member_field_forum')->update($uid, array('authstr' => "$timestamp\t3\t$idstring")); + + $hash = authcode("$uid\t$email\t$timestamp", 'ENCODE', md5(substr(md5($_G['config']['security']['authkey']), 0, 16))); $verifyurl = $_G['siteurl'].'home.php?mod=misc&ac=emailcheck&hash='.urlencode($hash); $mailsubject = lang('email', 'email_verify_subject'); $mailmessage = lang('email', 'email_verify_message', array( diff --git a/upload/source/include/misc/misc_emailcheck.php b/upload/source/include/misc/misc_emailcheck.php index 8e8f03044..aafc52c3c 100644 --- a/upload/source/include/misc/misc_emailcheck.php +++ b/upload/source/include/misc/misc_emailcheck.php @@ -21,6 +21,13 @@ if($_GET['hash']) { if($uid && isemail($email) && $time > TIMESTAMP - 86400) { $member = getuserbyuid($uid); + // 校验用户论坛字段表内authstr字段保存的token和时间戳,实现邮件链接不可重复使用 + $member = array_merge(C::t('common_member_field_forum')->fetch($uid), $member); + list($dateline, $operation, $idstring) = explode("\t", $member['authstr']); + if($dateline != $time || $operation != 3 || $idstring != substr(md5($email), 0, 6)) { + showmessage('email_check_error', 'index.php'); + } + $setarr = array('email'=>$email, 'emailstatus'=>'1'); if($_G['member']['freeze'] == 2) { $setarr['freeze'] = 0; @@ -42,6 +49,8 @@ if($uid && isemail($email) && $time > TIMESTAMP - 86400) { } updatecreditbyaction('realemail', $uid); C::t('common_member')->update($uid, $setarr); + // 清除用户论坛字段表内保存的authstr字段 + C::t('common_member_field_forum')->update($uid, array('authstr' => '')); C::t('common_member_validate')->delete($uid); dsetcookie('newemail', "", -1); -- Gitee