$contact = isset($_POST['f_caver_contact']) ? $_POST['f_caver_contact'] : ''; $password = generatePassword(10, 8); $string = isset($_POST['f_caver_check']) ? $_POST['f_caver_check'] : ''; $user_check = isset($_SESSION['userCheck']) ? $_SESSION['userCheck'] : ''; if (!$_SESSION['do_check'] || md5(getIp() . strtolower($string)) == $user_check) { $sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver`"; $sql .= " WHERE Login = '******' AND Contact ='" . $contact . "'"; $data = getDataFromSQL($sql, __FILE__, $frame, __FUNCTION__); if ($data['Count'] > 0) { if ($data[0]['Activated'] == 'YES') { $sql = "UPDATE `" . $_SESSION['Application_host'] . "`.`T_caver`"; $sql .= " SET Password ='******'"; $sql .= " WHERE Id = " . $data[0]['Id']; $req = execSQL($sql, $frame, __FILE__, __FUNCTION__); if (!defined('NO_PHPBB_INSTALLED')) { chgPwdphpBBuser($login, $password); } sendNewPwdMail($data[0], $password); //echo $password; trackAction("pwd_user", $data[0]['Id'], "T_caver"); $_SESSION['user_pwd_sent'] = true; } else { $activated = false; $_SESSION['user_pwd_sent'] = false; } } else { $_SESSION['user_pwd_sent'] = false; $_SESSION['send_retry'] += 1; } } else { $_SESSION['user_pwd_sent'] = false;
$new_password = isset($_POST['c_caver_new_password']) ? $_POST['c_caver_new_password'] : ''; $key = isset($_POST['c_key']) ? $_POST['c_key'] : ''; $password = crypt_xor(stripslashes($password), $key); $new_password = crypt_xor(stripslashes($new_password), $key); $login = addslashes($_SESSION['user_login']); $sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver` "; $sql .= "WHERE `Id` = " . $_SESSION['user_id'] . " "; $sql .= "AND `Password` = '" . getCryptedPwd($login, $password) . "'"; $data = getDataFromSQL($sql, __FILE__, $frame, __FUNCTION__); if ($data['Count'] > 0) { $sql = "UPDATE `" . $_SESSION['Application_host'] . "`.`T_caver` "; $sql .= "SET `Password` = " . returnDefault(getCryptedPwd($login, $new_password), 'text') . " "; $sql .= "WHERE `Id` = " . $_SESSION['user_id']; $req = execSQL($sql, $frame, __FILE__, __FUNCTION__); if (!defined('NO_PHPBB_INSTALLED')) { chgPwdphpBBuser($login, $new_password); } $pwd_saved = true; } else { $pwd_saved = false; } } } if (allowAccess(caver_delete_himself)) { //Delete an account : if (isset($_POST['delete_user'])) { $password = isset($_POST['d_caver_password']) ? $_POST['d_caver_password'] : ''; $key = isset($_POST['d_key']) ? $_POST['d_key'] : ''; $password = crypt_xor(stripslashes($password), $key); $login = isset($_POST['d_caver_login']) ? $_POST['d_caver_login'] : ''; $sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver` ";