// forgot_password.php // All Sections // Form to retrieve forgot password //* //Include global functions include_once "common.php"; //Initiate database functions include_once "ez_sql.php"; // config include_once "configuration.php"; $action = get_param("action"); if ($action == "retrieve") { $forgotemail = get_param("forgotemail"); //Validate email $oEmail = new email(); if (!$oEmail->valida($forgotemail)) { $msgFormErr = _FORGOT_PASSWORD_FORM_ERROR . "<br>"; } else { if ($retrieve = $db->get_row("SELECT studentcontact_id, studentcontact_lname, studentcontact_fname FROM studentcontact WHERE studentcontact_email='" . $forgotemail . "'")) { $name = $retrieve->studentcontact_fname . " " . $retrieve->studentcontact_lname; $id = $retrieve->studentcontact_id; $lostpassword = $db->get_var("SELECT web_users_password FROM web_users WHERE web_users_type='C' AND web_users_relid='" . $id . "'"); } else { if ($retrieve = $db->get_row("SELECT teachers_id, teachers_lname, teachers_fname FROM teachers WHERE teachers_email='" . $forgotemail . "'")) { $name = $retrieve->teachers_fname . " " . $retrieve->teachers_lname; $id = $retrieve->teachers_id; $lostpassword = $db->get_var("SELECT web_users_password FROM web_users WHERE web_users_type='T' AND web_users_relid='" . $id . "'"); } } } if (strlen($lostpassword)) {
$msgFormErr .= _ADMIN_ADD_EDIT_TEACHER_2_ENTER_FIRST . "<br>"; } if (!strlen($tlname)) { $msgFormErr .= _ADMIN_ADD_EDIT_TEACHER_2_ENTER_LAST . "<br>"; } if (!strlen($username)) { $msgFormErr .= _ADMIN_ADD_EDIT_TEACHER_2_ENTER_USER . "<br>"; } if (!strlen($password)) { $msgFormErr .= _ADMIN_ADD_EDIT_TEACHER_2_ENTER_PASS . "<br>"; } if (!strlen($email)) { $msgFormErr .= _ADMIN_ADD_EDIT_TEACHER_2_ENTER_EMAIL . "<br>"; } else { $oEmail = new email(); if (!$oEmail->valida($email)) { $msgFormErr .= _ADMIN_ADD_EDIT_TEACHER_2_EMAIL_VALID . "<br>"; } } //Check to make sure duplicate usernames are not being assigned //check for duplicate username. $tot = $db->get_var("SELECT COUNT(*) FROM web_users WHERE \nweb_users_username='******' AND web_users_id<>'{$webid}'"); if ($tot > 0) { $msgFormErr .= _ADMIN_ADD_EDIT_TEACHER_2_DUP; } //If a new user, check to make sure we're not adding dupe username. //If a new user, webid will be empty if ($webid == "") { $tot = $db->get_var("SELECT COUNT(*) FROM web_users WHERE \nweb_users_username='******'"); if ($tot > 0) { $msgFormErr .= _ADMIN_ADD_EDIT_TEACHER_2_DUP;