ecshop管理员邮箱的唯一作用是用来找回密码,默认只能使用用户名(不区分大小写)和密码登录,在验证用户名和密码之前,对提交的表单域进行判断,如果输入的是邮箱,则查询邮箱对应的用户名并进行转换,从而登录系统。
实现方法:
编辑/admin/privilege.php,查找:
$_POST
[
‘username’
]
=
isset
(
$_POST
[
‘username’
]
)
?
trim
(
$_POST
[
‘username’
]
)
:
”
;
$_POST
[
‘password’
]
=
isset
(
$_POST
[
‘password’
]
)
?
trim
(
$_POST
[
‘password’
]
)
:
”
;
下面添加“邮箱->用户名”转换代码,结果如下:
$_POST
[
‘username’
]
=
isset
(
$_POST
[
‘username’
]
)
?
trim
(
$_POST
[
‘username’
]
)
:
”
;
$_POST
[
‘password’
]
=
isset
(
$_POST
[
‘password’
]
)
?
trim
(
$_POST
[
‘password’
]
)
:
”
;
/* 邮箱登录 */
if
(
is_email
(
$_POST
[
‘username’
]
)
)
{
$sql
=
“select user_name”
.
” FROM “
.
$ecs
->
table
(
‘admin_user’
)
.
” WHERE email = ‘”
.
$_POST
[
‘username’
]
.
“‘”
;
$_POST
[
‘username’
]
=
$db
->
getOne
(
$sql
)
;
}
$sql
=
“SELECT `ec_salt` FROM “
.
$ecs
->
table
(
‘admin_user’
)
.
“WHERE user_name = ‘”
.
$_POST
[
‘username’
]
.
“‘”
;
$ec_salt
=
$db
->
getOne
(
$sql
)
;
