// Include utility files require_once '../config.php'; require_once BUSINESS_DIR_USER . 'User.php'; require_once BUSINESS_DIR_USER_LOGIN . 'UserLoginManager.php'; require_once BUSINESS_DIR_USER_TYPE . 'UserTypeManager.php'; //$_POST['userid']="lily"; //$_POST['password']="******"; $userid = isset($_POST['userid']) ? $_POST['userid'] : ""; $pwd = isset($_POST['password']) ? $_POST['password'] : ""; //checks if the passed variables do not have some crazy slashes.. if (get_magic_quotes_gpc()) { $userid = stripslashes($userid); $pwd = stripslashes($pwd); } //echo $userid . "Testing "; $userManager = new UserLoginManager(); $logged = $userManager->userLogin($userid, $pwd); $userTypeManager = new UserTypeManager(); $UST = $userTypeManager->getUserTypeById($logged->getUserType()); if ($logged->getFirstName() != "" && $UST == "ADMIN") { echo SUCCESS_ADMIN_RIGHT; } else { if ($logged->getFirstName() != "" && $UST == "USER") { echo SUCCESS_USER_RIGHT; } else { if ($logged->getFirstName() != "" && $UST == "BANNED") { echo FAILURE_BANNED; } else { if ($logged->getFirstName() != "" && $UST == "INACTIVE") { echo FAILURE_NOT_CONFIRMED; } else {
<?php // Include utility files require_once '../config.php'; require_once BUSINESS_DIR_USER . 'User.php'; require_once BUSINESS_DIR_USER_LOGIN . 'UserLoginManager.php'; $EmailAddress = isset($_POST['forgot_email']) ? $_POST['forgot_email'] : ""; //$EmailAddress = "*****@*****.**"; $userLoginManager = new UserLoginManager(); $logged = $userLoginManager->ForgotPassword($EmailAddress); if ($logged) { echo 1; } else { echo 0; } // echo "\nThe user is:".$_SESSION["user"]->getFirstName();
Email Address <input type="text" id="forgotemail"> <button id="forgotbtn">Forgot</button> <p>Please type the email address associated with your account in the above box</p> </div> </div> <!-- <div id="links"><a href="/Tarboz/Views/Login/Index.php">Login</a></div>--> <!-- A section for resetting the forgot password --> <?php //$_GET['security']="0vLalqY93y"; //If the security variable has something, then assign it otherwise keep the variable empty $reset = isset($_GET['security']) ? $_GET['security'] : ""; //Pattern to avoid some weird hackers $m_reg = "/^[a-zA-Z0-9\\.\\@\\(\\)]+\$/"; //matchin the pattern and checking if the variable is also not empty if ($reset != "" && preg_match($m_reg, $reset)) { echo $reset; $userLoginManager = new UserLoginManager(); $logged = $userLoginManager->getLoginReset($reset); } if (isset($logged)) { echo "sent"; } else { //echo "fail"; } ?> </div> </div><!--"header"--> <br />