* Since this is the case, some changes had to be made.
*
* Replace hash("sha512", {String}) with password_verify()
*/
$dialog = isset($_GET["dialog"]) ? $_GET["dialog"] : "";
if (isset($_POST)) {
require_once "includes/userFunctions.php";
}
if (isset($_POST["username"], $_POST["password"])) {
$dialog = login($_POST["username"], $_POST["password"]);
if ($dialog == "Success") {
header("Location: account");
}
}
if (isset($_POST["username"]) && !isset($_POST["password"])) {
$dialog = sendPasswordReset($_POST["username"]);
}
if (isset($_POST["email"])) {
$dialog = sendUsername($_POST["email"]);
}
// I literally made these up.
if (isset($_GET["error"])) {
switch ($_GET["error"]) {
case 4:
$dialog = "Expired ID";
break;
case 5:
$dialog = "Invalid Username";
break;
case 7:
$dialog = "Error resetting password.";
<?php
session_start();
include 'config.php';
include 'info.php';
include 'mail.php';
//TODO. STORE SPECIAL RAND KEY IN PASSWORD RESET DATABASE.
//TODO. CREATE RESET.PHP. CHECK IF USER REQUESTED A RESET. VERIFY WITH SPECIAL KEY. REMOVE KEY FROM DATABASE. UPDATE PASSWORD.
//MYSQL CONNECTION.
mysql_connect($serverAddress, $serverUsername, $serverPassword) or die(mysql_error());
mysql_select_db($serverDatabaseName) or die(mysql_error());
$resetEmail = $_POST['reset_email'];
//MYSQL QUERY.
$queryData = mysql_query("SELECT * FROM userData WHERE portalEmail = '{$resetEmail}'");
//CHECK IF THE QUERY WAS SUCCESSFUL.
if (mysql_num_rows($queryData)) {
sendPasswordReset($resetEmail);
echo "<script>window.open('../index?error=info&title=Request%20Successful&message=An%20email%20has%20been%20sent%20containing%20a%20password%20reset%20link','_self')</script>";
} else {
echo "<script>window.open('../index?error=danger&title=Request%20Failed&message=The%20email%20you%20entered%20has%20no%20attached%20account','_self')</script>";
}
