zhblue · zhblue · Sep 6, 2023 · Sep 6, 2023 · Sep 6, 2023 · Sep 6, 2023
diff --git a/trunk/install/db.sql b/trunk/install/db.sql
@@ -182,6 +182,7 @@ CREATE TABLE IF NOT EXISTS `users` (
   `reg_time` datetime DEFAULT NULL,
   `nick` varchar(20) NOT NULL DEFAULT '',
   `school` varchar(20) NOT NULL DEFAULT '',
+  activecode varchar(16) not null default '',
   PRIMARY KEY (`user_id`)
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4;
 

diff --git a/trunk/install/update.sql b/trunk/install/update.sql
@@ -18,7 +18,7 @@ alter table solution add column remote_oj char(16) not null default '' after jud
 alter table solution add column remote_id char(32) not null default '' after remote_oj;
 alter table news modify content mediumtext not null;
 alter table problem modify description mediumtext not null, modify input  mediumtext not null, modify output mediumtext not null;
-
+alter table users add column activecode varchar(16) not null default '' after school;
 #create fulltext index problem_title_source_index on problem(title,source);
 
 
diff --git a/trunk/web/active.php b/trunk/web/active.php
@@ -0,0 +1,11 @@
+<?php
+        require_once('./include/db_info.inc.php');
+        require_once('./include/setlang.php');
+	require_once("./include/const.inc.php");
+	require_once("./include/my_func.inc.php");
+	$code=$_GET['code'];
+  	$sql="update `users` set defunct='N',activecode=''  WHERE `activecode`=? and defunct='Y' ";
+        $result=pdo_query($sql,$code);
+	var_dump( $result);
+	header("location:loginpage.php");
+?>
diff --git a/trunk/web/admin/update_db.php b/trunk/web/admin/update_db.php
@@ -199,12 +199,14 @@
 $csql[41]="delete from $DB_NAME.compileinfo where solution_id not in (select solution_id from  $DB_NAME.solution);";
 $tsql[42]="";
 $csql[42]="delete from $DB_NAME.solution where problem_id=0 and result>4;";
-$tsql[43]="alter table problem add column remote_oj varchar(16) default NULL after solved;";
-$csql[43]="alter table problem add column remote_id varchar(16) default NULL after remote_oj;";
-$tsql[44]="alter table solution add column remote_oj char(16) not null default '' after judger;";
-$csql[44]="alter table solution add column remote_id char(16) not null default '' after remote_oj;";
-$tsql[45]="alter table news modify content mediumtext not null;";
-$csql[45]="alter table problem modify description mediumtext not null, modify input  mediumtext not null, modify output mediumtext not null;";
+$tsql[43]="alter table $DB_NAME.problem add column remote_oj varchar(16) default NULL after solved;";
+$csql[43]="alter table $DB_NAME.problem add column remote_id varchar(16) default NULL after remote_oj;";
+$tsql[44]="alter table $DB_NAME.solution add column remote_oj char(16) not null default '' after judger;";
+$csql[44]="alter table $DB_NAME.solution add column remote_id char(16) not null default '' after remote_oj;";
+$tsql[45]="alter table $DB_NAME.news modify content mediumtext not null;";
+$csql[45]="alter table $DB_NAME.problem modify description mediumtext not null, modify input  mediumtext not null, modify output mediumtext not null;";
+$tsql[46]="alter table $DB_NAME.users add column activecode varchar(16) not null default '' after school;"
+$csql[46]="";
 
 if(isset($_POST['do'])){
 	require_once("../include/check_post_key.php");

diff --git a/trunk/web/include/db_info.inc.php b/trunk/web/include/db_info.inc.php
@@ -51,6 +51,8 @@
 static  $OJ_LOGIN_MOD="hustoj"; //需要在include目录下配置login-xxxx.php来调用其他登录模块。
 static  $OJ_REGISTER=true; //允许注册新用户
 static  $OJ_REG_NEED_CONFIRM=false; //新注册用户需要审核
+static  $OJ_EMAIL_CONFIRM=false; //允许邮件激活账号
+
 static  $OJ_NEED_LOGIN=false; //需要登录才能访问
 static  $OJ_LONG_LOGIN=false; //启用长时间登录信息保留
 static  $OJ_KEEP_TIME="30";  //登录Cookie有效时间(单位:天(day),仅在上一行为true时生效)

diff --git a/trunk/web/lostpassword.php b/trunk/web/lostpassword.php
@@ -19,15 +19,15 @@
         $lost_user_id=stripslashes($lost_user_id);
         $lost_email=stripslashes($lost_email);
   }
-  $sql="SELECT `email` FROM `users` WHERE `user_id`=?";
+  $sql="SELECT `email` FROM `users` WHERE `user_id`=? and defunct='N' ";
                 $result=pdo_query($sql,$lost_user_id);
                 $row = $result[0];
  if($row && $row['email']==$lost_email&&strpos($lost_email,'@')){
    $_SESSION[$OJ_NAME.'_'.'lost_user_id']=$lost_user_id;
    $_SESSION[$OJ_NAME.'_'.'lost_key']=getToken(16);
 
 
-	require_once "include/email.class.php";     // 新版本的邮件发送信息请填写到这个文件中
+	require_once ("include/email.class.php");     // 新版本的邮件发送信息请填写到这个文件中
 /* 弃用留存，不做修改
 	//******************** 配置信息 ********************************
 	$smtpserver = "smtp.qiye.aliyun.com";//SMTP服务器

diff --git a/trunk/web/register.php b/trunk/web/register.php
@@ -2,6 +2,8 @@
 require_once("./include/db_info.inc.php");
 if(isset($OJ_REGISTER)&&!$OJ_REGISTER) exit(0);
 require_once("./include/my_func.inc.php");
+require_once( './include/setlang.php' );
+require_once("./include/email.class.php");     // 新版本的邮件发送信息请填写到这个文件中
 if(isset($OJ_CSRF)&&$OJ_CSRF)require_once("./include/csrf_check.php");
 $err_str="";
 $err_cnt=0;
@@ -99,27 +101,39 @@
 if (isset($OJ_REG_SPEED) && $OJ_REG_SPEED > 0 ) {
 
     // 查询最近1小时内该IP地址已经注册的用户数量
-    $sql = "SELECT COUNT(*) FROM `users` WHERE `ip` = ? AND `reg_time` > DATE_SUB(NOW(), INTERVAL 1 HOUR)";
-    $result = pdo_query($sql, $ip);
+    $sql = "SELECT COUNT(*) FROM `users` WHERE (`ip` = ? or email = ? ) AND `reg_time` > DATE_SUB(NOW(), INTERVAL 1 HOUR)";
+    $result = pdo_query($sql, $ip,$email);
     $count = intval($result[0][0]);
 
     if ($count > $OJ_REG_SPEED ) {
         // 如果数量大于$OJ_REG_SPEED ，则表示该IP地址在最近1小时内已经注册过$OJ_REG_SPEED个账户
         print "<script language='javascript'>\n";
-        print "alert('您的IP地址已经注册过$OJ_REG_SPEED个账户，请稍后再试。\\n');\n";
+        print "alert('您的IP地址或Email已经注册过".$OJ_REG_SPEED."个账户，请稍后再试。\\n');\n";
         print "history.go(-1);\n</script>";
         exit(0);
     }
 }
+if(isset($OJ_EMAIL_CONFIRM) && $OJ_EMAIL_CONFIRM) 
+	$_SESSION[$OJ_NAME.'_'.'activecode']=getToken(16);
+else
+	$_SESSION[$OJ_NAME.'_'.'activecode']="";
 
 if(isset($OJ_REG_NEED_CONFIRM)&&$OJ_REG_NEED_CONFIRM) $defunct="Y";
 else $defunct="N";
 $sql="INSERT INTO `users`("
-."`user_id`,`email`,`ip`,`accesstime`,`password`,`reg_time`,`nick`,`school`,`defunct`)"
-."VALUES(?,?,?,NOW(),?,NOW(),?,?,?)";
-//echo "$sql:$user_id,$email,$ip,$password,$nick,$school,$defunct";
-$rows=pdo_query($sql,$user_id,$email,$ip,$password,$nick,$school,$defunct);// or die("Insert Error!\n");
-//echo $rows;
+."`user_id`,`email`,`ip`,`accesstime`,`password`,`reg_time`,`nick`,`school`,`defunct`,activecode)"
+."VALUES(?,?,?,NOW(),?,NOW(),?,?,?,?)";
+$rows=pdo_query($sql,$user_id,$email,$ip,$password,$nick,$school,$defunct,$_SESSION[$OJ_NAME.'_'.'activecode']);// or die("Insert Error!\n");
+//发送激活邮件
+if (isset($OJ_EMAIL_CONFIRM) && $OJ_EMAIL_CONFIRM ) {
+	$link= 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI'])."active.php?code=".$_SESSION[$OJ_NAME.'_'.'activecode'];
+	email($email,"$MSG_ACTIVE_YOUR_ACCOUNT",
+		"$MSG_CLICK_COPY $MSG_ACTIVE_YOUR_ACCOUNT $user_id :\n ".$link );
+
+	$view_errors= "$MSG_CHECK $MSG_EMAIL $email $MSG_CLICK_COPY $MSG_ACTIVE_YOUR_ACCOUNT";
+	require("template/".$OJ_TEMPLATE."/error.php");
+	exit(0);
+}
 $sql="INSERT INTO `loginlog` VALUES(?,?,?,NOW())";
 pdo_query($sql,$user_id,"no save",$ip);