if ($p == "welcome") {
include "welcome.php";
$embedcode = welcome($wavephoto, $myid);
} elseif ($p == "about") {
include "about.php";
$embedcode = about($wavephoto, $wavephoto2);
} elseif ($p == "learnmore") {
include "learnmore.php";
$embedcode = learnmore($wavephoto);
} elseif ($p == "signup") {
header("Location: signup.php");
} elseif ($p == "signin") {
header("Location: signin.php");
} elseif ($p == "forgotpassword") {
include "forgotpassword.php";
$embedcode = forgotpassword($wavephoto);
} elseif ($p == "statistics") {
include "statistics.php";
$embedcode = statistics($wavephoto);
} elseif ($p == "faq") {
include "faq.php";
$embedcode = faq($wavephoto);
} elseif ($p == "invite") {
include "invite.php";
$embedcode = invite($wavephoto, $myid);
} elseif ($p == "random") {
include "random.php";
$p = randomsite();
$pagetype = "project";
include "autoembed.php";
$embedcode = autoembed($p);
$username = strtolower(trim($_POST['username']));
//searchusers($username, $tile_name);
searchdata($username);
break;
case "search":
$search = $_POST['search'];
searchdata($search);
break;
case "searchusers_new":
$tile_name = strtolower(trim($_POST['tile_name']));
$username = strtolower(trim($_POST['username']));
searchusers_new($username, $tile_name);
break;
case "forgotpassword":
$email = mysql_real_escape_string($_POST['email']);
forgotpassword($email);
break;
case "resetpassword":
$newpassword = $_POST['password'];
$acktkey = $_POST['activkey'];
resetpassword($newpassword, $acktkey);
break;
case "register":
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
$user_id = mysql_real_escape_string($_POST['user_id']);
$secondary_email = mysql_real_escape_string($_POST['secondary_email']);
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$gender = mysql_real_escape_string($_POST['gender']);
$location = mysql_real_escape_string($_POST['location']);
function initchangepassword()
{
global $smarty;
$email = $_REQUEST['email'];
$db_query = "SELECT `user_id`, `username`, `email` FROM `users` WHERE `email` = '" . mysql_real_escape_string($email) . "' AND `activated` = '0'";
$db_result = mysql_query($db_query);
if (mysql_num_rows($db_result) > 0) {
$db_row = mysql_fetch_array($db_result, MYSQL_ASSOC);
$resetkey = md5(rand(0, 999999));
$db_query = "UPDATE `users` SET `resetkey` = '" . $resetkey . "' WHERE `user_id` = '" . $db_row['user_id'] . "'";
$db_result = mysql_query($db_query);
$message = <<<PASSWORD_EMAIL
A username and/or password request has been initiated on your account. If you have not made this request simply ignore this message. If you continue to receive this message please contact the administration of Imperial Kingdoms.
Username: {$db_row['username']}
To change your password you must confirm this request by visiting the URL below.
http://{$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}?fn=changepassword&username={$db_row['username']}&resetkey={$resetkey}
Reset Key: {$resetkey}
- Imperial Kingdoms Administration
PASSWORD_EMAIL;
$message = str_replace("\n", "\r\n", $message);
mail($db_row['email'], 'Imperial Kingdoms - Username / Password Request', $message, "From: admin@imperialkingdoms.com\r\n" . "Reply-To: admin@imperialkingdoms.com\r\n" . "X-Mailer: PHP/" . phpversion());
$smarty->append('status', 'An email has been sent with a reset key attached. Please enter your username, the reset key, and the new password below.');
$smarty->display('login_changepassword.tpl');
} else {
$smarty->append('status', 'The email requested does not exist or has not been activated.');
forgotpassword();
exit;
}
}
<div class="col-md-4">
<?php
if (isset($_SESSION[$uniqueCode])) {
header('Location: ' . $website_url);
} else {
?>
<h2>Forgot password</h2><hr />
<form method="post">
<div class="input-group margin-bottom-sm" style="margin-bottom: 5px;">
<span class="input-group-addon"><i class="fa fa-user fa-fw"></i></span>
<input class="form-control" type="email" name="email" placeholder="email" />
</div>
<div class="input-group" style="margin-bottom: 5px;">
<input class="btn btn-success" type="submit" name="forgotPasswordSubmit" value="Submit" />
</div>
</form>
<div style="margin-right: 5px; float: right;">
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['forgotPasswordSubmit'])) {
echo forgotpassword();
}
}
?>
</div>
<?php
}
?>
</div>
</div>
