# The following works for only >= PHP 5.2.0, hence not working on arc server. //return filter_var($email, FILTER_VALIDATE_EMAIL); return true; } $username = $_REQUEST['username']; $user_exists = check_user_exists($username); if ($user_exists == false) { $msg = "User <b>{$username}</b> not found. Please check the username entered."; } else { $user_profile = get_user_by_name($username); $email = $user_profile->email; # Remove the following line once get_user_profile works if (trim($email) == "") { $msg = "Email address not present for <b>{$username}</b>. Please contact sysadmin to reset your password."; } else { if (check_valid_email($email) === false) { $msg = "Email address <b>{$email}</b> not valid. Please contact sysadmin to reset your password."; } else { $new_password = get_random_password(); $password_changed = change_user_password($username, $new_password); if ($password_changed === false) { $msg = "Error while resetting password. Please try again."; } else { $subject = "[BLIS] New password for " . $username; $to_addr = $email; $body = "Your password has been reset.\nPlease note that passwords are case-sensitive.\n\n" . "Username: "******"\n" . "New Password: "******"\n\n" . "Please login to update your password.\n" . "http://lis.cc.gatech.edu"; if (mail($email, $subject, $body)) { $msg = "New password emailed to <u>" . $email . "</u>"; } else { $msg = "Error sending email to <u>" . $email . "</u>. Please contact sysadmin to reset your password."; }
/** * This function registers a new user. */ public function register($name, $email, $password) { global $mysqli; check_valid_email($email); $loginpw = $password; $password = password_hash($password, PASSWORD_DEFAULT); $empty = ''; // check for name $query = "SELECT id FROM UserData WHERE name=?"; $stmt = $mysqli->prepare($query); $stmt->bind_param("s", $name); $stmt->execute(); $stmt->bind_result($id); if ($stmt->fetch()) { header("HTTP/1.1 406 Not Acceptable"); echo NOT_NAME_UNIQUE; exit; } $stmt->close(); if ($this->_userid < 0 || $this->_logged_in) { $sql = 'INSERT INTO Users (session_token) VALUES (?)'; $stmt = $mysqli->prepare($sql); $stmt->bind_param('s', $empty); $res = $stmt->execute(); $insertId = $mysqli->insert_id; } else { $insertId = $this->_userid; $res = true; } if ($res) { $sql = 'INSERT INTO UserData (id,name, email, password) VALUES (?,?, ?, ?)'; $stmt = $mysqli->prepare($sql); $stmt->bind_param('isss', $insertId, $name, $email, $password); $res = $stmt->execute(); } if ($res) { $this->login($name, $loginpw); unset($loginpw); return $this; } header("HTTP/1.1 406 Not Acceptable"); echo NOT_EMAIL_UNIQUE; exit; }