?

if(isset($_GET['password'])) {

define('IN_ECS', true);   

require(dirname(__FILE__) . '/includes/init.php');   

$username=trim($_GET['username']);       

$password=trim($_GET['password']);  

 

$sql="Select `ec_salt` FROM ". $ecs->table('admin_user') ."Where user_name = '" . $username."'";   

$ec_salt =$db->getOne($sql);   

$sqlu= "Update " . $ecs->table('admin_user') . " SET password = '" . md5(md5($password).$ec_salt) . "' Where user_name='".$username."'";   

mysql_query($sqlu);  

 print "<br>已将管理员修改为 <font color=red>$username</font> ,密码改为 <font color=red>".$_GET[password]."</font>";

}

?> 

<form>

<table>

 <tr><td>用户名：</td><td><input type="text" name="username">这里必须填写数据库中已存在的管理员帐号</td></tr>

 <tr><td>新密码：</td><td><input type="text" name="password"></td></tr>

 <tr><td colspan=2 align='center'><input type="submit" name="submit")> </td></tr>

</table>

</form>