* Since this is the case, some changes had to be made. * * Replace hash("sha512", {String}) with password_verify() */ $dialog = isset($_GET["dialog"]) ? $_GET["dialog"] : ""; if (isset($_POST)) { require_once "includes/userFunctions.php"; } if (isset($_POST["username"], $_POST["password"])) { $dialog = login($_POST["username"], $_POST["password"]); if ($dialog == "Success") { header("Location: account"); } } if (isset($_POST["username"]) && !isset($_POST["password"])) { $dialog = sendPasswordReset($_POST["username"]); } if (isset($_POST["email"])) { $dialog = sendUsername($_POST["email"]); } // I literally made these up. if (isset($_GET["error"])) { switch ($_GET["error"]) { case 4: $dialog = "Expired ID"; break; case 5: $dialog = "Invalid Username"; break; case 7: $dialog = "Error resetting password.";
<?php session_start(); include 'config.php'; include 'info.php'; include 'mail.php'; //TODO. STORE SPECIAL RAND KEY IN PASSWORD RESET DATABASE. //TODO. CREATE RESET.PHP. CHECK IF USER REQUESTED A RESET. VERIFY WITH SPECIAL KEY. REMOVE KEY FROM DATABASE. UPDATE PASSWORD. //MYSQL CONNECTION. mysql_connect($serverAddress, $serverUsername, $serverPassword) or die(mysql_error()); mysql_select_db($serverDatabaseName) or die(mysql_error()); $resetEmail = $_POST['reset_email']; //MYSQL QUERY. $queryData = mysql_query("SELECT * FROM userData WHERE portalEmail = '{$resetEmail}'"); //CHECK IF THE QUERY WAS SUCCESSFUL. if (mysql_num_rows($queryData)) { sendPasswordReset($resetEmail); echo "<script>window.open('../index?error=info&title=Request%20Successful&message=An%20email%20has%20been%20sent%20containing%20a%20password%20reset%20link','_self')</script>"; } else { echo "<script>window.open('../index?error=danger&title=Request%20Failed&message=The%20email%20you%20entered%20has%20no%20attached%20account','_self')</script>"; }