-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlostpassword.php
executable file
·50 lines (39 loc) · 1.25 KB
/
lostpassword.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?php
/* include header */
include("header.php");
/* set page name */
$page = "lost_password";
/* attempt to reset password */
if(isset($_POST['task']) && $_POST['task'] == "doreset")
{
// check if email exists
$q = mysql_query("SELECT user_email FROM members WHERE user_email = '".$_POST['email']."' LIMIT 1");
if(!mysql_num_rows($q))
{
$is_error = 1;
$message = "Account not found, please try again.";
}
// reset password
if($is_error != 1)
{
// get user info
$uinf = sql_row("SELECT * FROM members WHERE user_email = '".$_POST['email']."' LIMIT 1");
// generate new password
$new = randomStr(6, 8);
// update database
mysql_query("UPDATE members SET user_password = '".sha1($new)."' WHERE user_id = '".$uinf['user_id']."'");
// send new password email
$message = "Hi,\n\nYour new password is: " . $new . "\n\nThanks";
send_generic($_POST['email'], $config['admin_email'], "Password Reset", $message);
// set success
$is_success = 1;
$message = "A new password has successfully been emailed to you.";
}
}
/* set template vars */
$tpl->is_error = $is_error;
$tpl-> is_success = $is_success;
$tpl->message = $message;
/* include footer */
include("footer.php");
?>