Example #1
0
include_once 'PasswordHash.php';
// session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (isset($_POST['username']) && isset($_POST['email'])) {
        $username = $_POST['username'];
        $email = $_POST['email'];
        $stmt = $db->prepare('SELECT Email FROM Utilizador WHERE username = :user');
        $stmt->bindParam(':user', $username, PDO::PARAM_STR);
        $stmt->execute();
        $result = $stmt->fetch();
        if ($result[0] == $email) {
            // Generating Password
            $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#\$%&*_";
            /*$password = substr( str_shuffle( $chars ), 0, 8 );*/
            $code = substr(str_shuffle($chars), 0, 8);
            $link = "http://" . getUrlWithoutPage() . "/change_password_vialink.php?username="******"&codePw=" . $code;
            /*
            			$stmt = $db->prepare('UPDATE Utilizador SET Pword= :temppw WHERE username = :user');
            					$stmt->bindParam(':temppw',create_hash($password), PDO::PARAM_STR);
            					$stmt->bindParam(':user',$username, PDO::PARAM_STR);
            					$stmt->execute();
            */
            $stmt = $db->prepare('INSERT INTO resetPw (userId,tempCode) VALUES (?,?)');
            $stmt->execute(array(getUserIDbyUsername($username), create_hash($code)));
            echo $message = "Hello!\n\r\n\r\nIf you don't have an account on Polly or didn't ask for a new password please ignore this email. \n\r\n\r\nYour new password: "******"\n You can also click the following link to reset the password right now. Note that this link can only be used once, so if you don't reset your password you'll have to use the one we gave you in this email. \n LINK:" . $link;
            mail($email, 'New Password', $message, 'From: polly@forms.com');
            ///		header('Location: polls_index.php');
        }
    }
}
?>
Example #2
0
                 // COMENTAR ESTE CODIGO PARA TIRAR A VERIFICAÇÂO
                 $stmt = $db->prepare('SELECT count(IdUser) FROM Utilizador WHERE Email = :mail');
                 $stmt->bindParam(':mail', $email, PDO::PARAM_STR);
                 $stmt->execute();
                 $result2 = $stmt->fetch();
                 // FIM DE CODIGO A COMENTAR
                 if ($result[0] >= 1) {
                     // store session data
                     echo "Username already taken.";
                 } else {
                     if ($result2[0] >= 1) {
                         echo "Email already taken.";
                     } else {
                         include "mail.php";
                         $code = substr(md5(uniqid(rand(), true)), 16, 16);
                         $link = "http://" . getUrlWithoutPage() . "/validateAccount.php?username="******"&codeValidate=" . $code;
                         emailconf($email, $link, $code);
                         $stmt = $db->prepare('INSERT INTO Utilizador(IdUser,Username,Pword,Email,Nome,Facebook,Active,RegCode) VALUES (?,?,?,?,?,?,?,?)');
                         $options = ['cost' => 12];
                         //A linha seguinte não é suportada pelo gnomo
                         //$stmt->execute(array(NULL,$utilizadore, password_hash($passuorde, PASSWORD_DEFAULT, $options) ) );
                         $stmt->execute(array(NULL, $utilizadore, create_hash($passuorde), $email, $name, '0', '0', $code));
                         echo "Success! Validation code has been sent to your email!";
                     }
                 }
             }
         }
     }
 } else {
     echo "Please, fill all the form fields...";
 }