Beispiel #1
0
 public static function forgotPW($account_name, $account_email)
 {
     $account_name = mysql_real_escape_string($account_name);
     $account_email = mysql_real_escape_string($account_email);
     if (empty($account_name) || empty($account_email)) {
         echo '<b class="red_text">Please enter both fields.</b>';
     } else {
         connect::selectDB('logondb');
         $result = mysql_query("SELECT COUNT('id') FROM account\r\n\t\t\t\t\t\t\t\t   WHERE username='******' AND email='" . $account_email . "'");
         if (mysql_result($result, 0) == 0) {
             echo '<b class="red_text">The username or email is incorrect.</b>';
         } else {
             //Success, lets send an email & add the forgotpw thingy.
             $code = RandomString();
             $emailSent = website::sendEmail($account_email, $GLOBALS['default_email'], 'Forgot Password', "\r\n\t\t\t\tHello there. <br/><br/>\r\n\t\t\t\tA password reset has been requested for the account " . $account_name . " <br/>\r\n\t\t\t\tIf you wish to reset your password, click the following link: <br/>\r\n\t\t\t\t<a href='" . $GLOBALS['website_domain'] . "?p=forgotpw&code=" . $code . "&account=" . account::getAccountID($account_name) . "'>\r\n\t\t\t\t" . $GLOBALS['website_domain'] . "?p=forgotpw&code=" . $code . "&account=" . account::getAccountID($account_name) . "</a>\r\n\r\n\t\t\t\t<br/><br/>\r\n\r\n\t\t\t\tIf you did not request this, just ignore this message.<br/><br/>\r\n\t\t\t\tSincerely, The Management.");
             if ($emailSent) {
                 $account_id = self::getAccountID($account_name);
                 connect::selectDB('webdb');
                 mysql_query("DELETE FROM password_reset WHERE account_id='" . $account_id . "'");
                 mysql_query("INSERT INTO password_reset (code,account_id)\r\n\t\t\t\t    VALUES ('" . $code . "','" . $account_id . "')");
                 echo "An email containing a link to reset your password has been sent to the Email address you specified.\r\n\t\t\t\t\t      If you've tried to send other forgot password requests before this, they won't work. <br/>";
             } else {
                 echo '<h4 class="red_text">Failed to send email! (Check error logs for details)</h4>';
             }
         }
     }
 }