function login($email, $password)
{
$user_id = user_id_from_email($email);
$email = sanitize($email);
$password = MD5($password);
return mysql_result(mysql_query("SELECT COUNT(user_id) FROM users WHERE email = '{$email}' AND password = '******'"), 0) == 1 ? $user_id : false;
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode === 'username') {
email($email, 'Your username', "Hello " . $userdata['firstname'] . "\n\nYour username is " . $userdata['firstname'] . "\n\n-our company");
} elseif ($mode === 'password') {
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
//change_password($user_data['user_id'], $generated_password);
//update_user($user_data['user_id'], array('password_recover' => '1'));
email($email, 'Your password recovery', "Hello " . $userdata['firstname'] . "\n\nYour new password is: " . $generated_password . "\n\n-our company");
}
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_from_email($email), 'first_name', 'username');
if ($mode == 'username') {
email($email, 'Your username recvory', "Hello" . $user_data['first_name'] . ",\n\nYour username is:" . $user_data['username'] . "\n\n-stumbleupon");
} else {
if ($mode == 'password') {
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
update_user($user_data['user_data'], array('password_recover' => '1'));
email($email, 'Your password recvory', "Hello" . $user_data['first_name'] . ",\n\nYour New Password is:" . $generated_password . "\n\n-StumbleUpon");
}
}
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode == 'username') {
email($email, 'Your username', "Hello " . $user_data['first_name'] . ", \n \n Your username is: " . $user_data['username'] . ",\n\n -dwcl");
} else {
if ($mode == 'password') {
//password
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
email($email, 'Your Password', "Hello " . $user_data['first_name'] . ", \n \n Your new is: " . $generated_password . ",\n\n -dwcl");
}
}
}
function recover($mode, $email)
{
$user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode == 'username') {
// recover username
email($email, 'Your username', "Hello " . $user_data['first_name'] . ",\n\nYour username is: " . $user_data['username'] . "\n\n-sparklet");
} else {
if ($mode == 'password') {
// recover password
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
// die($generated_password);
change_password($user_data['user_id'], $generated_password);
update_user($user_data['user_id'], array('password_recover' => '1'));
email($email, 'Your password recovery', "Hello " . $user_data['first_name'] . ",\n\nYour new password is: " . $generated_password . "\n\n-sparklet");
}
}
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = get_user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode == 'username') {
email($email, 'Your Username Recovery - Factionizer', "Hello " . $user_data['first_name'] . ",\n\nThank you for using the Factionizer. Your username is:\n" . $user_data['username'] . "\n\n ---Factionizer");
} else {
if ($mode == 'password') {
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
update_user($user_data['user_id'], array('password_recover' => '1'));
email($email, 'Your Password Recovery - Factionizer', "Hello " . $user_data['first_name'] . ",\n\nThank you for using the Factionizer. Your password has been reset. Once you log in with this new password, you will be prompted to change it.\n Your new password is:\n\n" . $generated_password . "\n\n ---Factionizer");
} else {
echo 'Error.';
}
}
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_id = user_id_from_email($email);
$user_data = user_data($user_id, 'user_id', 'first_name', 'username');
if ($mode === 'username') {
//recover username
sendMail("{$email}", "MCA-website username recovery mail", "Hello " . $user_data['first_name'] . ", \n\n Your username for mca page is " . $user_data['username'] . "\n\n~MCA, IIT Bombay");
} else {
if ($mode === 'password') {
//recover password
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
//changing password with new genrated password
//this is to force user to change password after resetting password
mysql_query("UPDATE `users` SET `password_recover` = 1 WHERE `user_id` = {$user_id}");
sendMail("{$email}", "MCA-website password reset mail", "Hello " . $user_data['first_name'] . ", \n\n Your password for mca page is reset and the new password is " . $generated_password . ". Please change your password after logging in.\n\n~MCA, IIT Bombay");
}
}
}
$passwd = $_POST['pwd'];
if ($eid && $passwd) {
$query = mysql_query("SELECT * FROM `register` where email='{$eid}'");
//looks for the user with the given id in the database
$numrows = mysql_num_rows($query);
//finds the number of rows related to the query
if ($numrows != 0) {
while ($row = mysql_fetch_assoc($query)) {
$dbemail = $row['email'];
//store the email and password fromm database into variables
$dbpwd = $row['password'];
$dbuser = $row['user_name'];
}
//checking if they match
if ($eid == $dbemail && $passwd == $dbpwd) {
echo "Congratulations. You are logged in!<br>";
$uid = user_id_from_email($eid);
$_SESSION['uid'] = $uid;
$_SESSION['user_id'] = $dbuser;
//echo $_SESSION['uid'];
//echo "welcome!" .$_SESSION['user_id'].". <a href='logout.php'>click here</a> to log out!";
header("location:useraccount.html");
} else {
echo "oops!! invalid user credentials!";
}
} else {
die("there are no users with the given email");
}
} else {
die("enter username and password");
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode == 'username') {
email($email, 'Your username', "Hello " . $user_data['first_name'] . ",\n\nYour username is : " . $user_data['username'] . "\n\n-Shoppcart");
} elseif ($mode == 'password') {
$generated_password = substr(md5(rand(999, 999999)), 0, 8);
change_password($user_data['user_id'], $generated_password);
$user_id = $user_data['user_id'];
mysql_query("UPDATE `users` SET `password_recover`=1 WHERE `user_id` = '{$user_id}'");
email($email, 'Your Password', "Hello " . $user_data['first_name'] . ",\n\nYour New Password is : " . $generated_password . "\n\n-Shoppcart");
}
}
//recover script for both Username And Password
//$email = ''; //for declar global variable
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = mysql_real_escape_string(htmlentities(input_validation($_POST['email'])));
$type = mysql_real_escape_string(htmlentities(input_validation($_GET['type'])));
$type_allowed = array('ForgotPassword');
if (isset($type) === true && in_array($type, $type_allowed) === true) {
if (empty($email) === true) {
$errors[] = 'You need to enter your email address which you have used for Signup';
} elseif (filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
$errors[] = 'A valid email addres is required.';
}
if (email_exists($con, $email) === false) {
$errors[] = 'Oops, we can\'t recognize you. Please try again';
} else {
recover($con, $email, $type);
// same function user for recover both Username And Password
$_SESSION['recover_password_email'] = $email;
//for success message check
//for Logout user log;
$remark = 'Recover login details.';
insert_user_log($con, user_id_from_email($con, $email), 9, REMOTE_IP, $remark);
if ($_GET['type'] == 'ForgotPassword') {
header('Location: auth.php?type=ForgotPassword&Success');
exit;
}
}
}
//array check
}
//end isset
}
}
} else {
$errors[] = 'enter all the fields given';
}
if (isset($_GET['success']) && empty($_GET['success'])) {
echo 'Your password has been changed';
} else {
//if any of the posts are not empty and there are no errors
if (empty($_POST) === false && empty($errors) === true) {
$email_code = $_GET['email'];
$query = mysql_query("SELECT (`email`) FROM `Login` WHERE `email_code` = '{$email_code}'");
while ($result = mysql_fetch_assoc($query)) {
$email = $result['email'];
}
change_password(user_id_from_email($email), $_POST['password']);
header('Location:recoverpage.php?success');
} else {
if (empty($errors) !== true) {
echo output_errors($errors);
}
}
?>
<form action="" method="post">
<ul>
<h1>Change your password here</h1>
<li>
New password:<br>
<input type="password" name="password">
</li>
function login($email, $password)
{
$user_id = user_id_from_email($email);
$email = sanitize($email);
$password = md5($password);
return mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '{$email}' AND `password` = '{$password}'"), 0) == 1 ? $user_id : false;
}
function recover($mode, $email)
{
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(user_id_from_email($email), "azs_employee_id", "firstname", "username");
if ($mode == "username") {
// Recover username
// email($email, "Your username", "Hello " . $user_data["firstname"] . "\n\nYour username is: " . $user_data["username"] . "\n\n -CONVO Portal");
} else {
if ($mode == "password") {
// Recover password
$generated_password = substr(sh1(rand(999, 999999)), 0, 8);
//die($generated_password);
change_password($user_data["azs_employee_id"], $generated_password);
update_user($user_data["azs_employee_id"], array("password_recover" => "1"));
//email($email, "Your password recovery", "Hello " . $user_data["firstname"] . "\n\nYour new password is: " . $generated_password . "\n\n -CONVO Portal");
}
}
}
