function recover($mode, $email) { // recupereaza numele de utilizator sau parola - $mode poate lua valoarea de 'username' sau 'password' include 'core/db/db_connection.php'; $mode = sanitize($mode); $email = sanitize($email); $user_data = user_data(get_user_id_from_email($email), 'user_id', 'first_name', 'username'); if ($mode == 'username') { email($email, 'Your username', "\n\t\t\t\tHello " . $user_data['first_name'] . ", <br><br>\n\t\t\t\tYour username is " . $user_data['username'] . " <br><br>\n\t\t\t\t-worldtour team\n\t\t\t"); } else { if ($mode == 'password') { $generated_password = substr(md5(rand(777, 7777)), 0, 7); // generam o parola random de 7 caractere pe care o criptam cu md5 change_password($user_data['user_id'], $generated_password); update_user($user_data['user_id'], array('pwd_recovery' => '1')); // folosim un 'flag' asupra contului pentru a forta utilizatorul sa-si schimbe parola generata de noi prima oara cand se logheaza email($email, 'Password recovery', "\n\t\t\t\tHello " . $user_data['first_name'] . ", <br><br>\n\t\t\t\tYour new password is " . $generated_password . "<br><br>\n\t\t\t\tKindly note that this is a temporary password and you are required to change it on your first log in. <br><br>\n\t\t\t\t-worldtour team\n\t\t\t"); } } }
$query = $con->prepare("SELECT email FROM user WHERE email LIKE :email LIMIT 20 "); $query->execute(array(':email' => '%' . $user_log_s_email . '%')); //$result = $query->fetch(PDO::FETCH_ASSOC); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $results[] = $row['email']; } echo json_encode($results); //*/work without this } //search for username from email or date_of_birth (dob) if (isset($_POST['user_log_email']) && isset($_POST['select_log_type']) && isset($_POST['user_log_start_date']) && isset($_POST['user_log_end_date'])) { $email = mysql_real_escape_string(htmlentities(input_validation($_POST['user_log_email']))); $log_type = mysql_real_escape_string(htmlentities(input_validation($_POST['select_log_type']))); $start_date = mysql_real_escape_string(htmlentities(input_validation($_POST['user_log_start_date']))); $end_date = mysql_real_escape_string(htmlentities(input_validation($_POST['user_log_end_date']))); $user_id = get_user_id_from_email($con, $email); //single item if (!empty($email) && empty($log_type) && empty($start_date) && empty($end_date)) { $query = $con->prepare("SELECT * FROM user_log WHERE user_id=:user_id ORDER BY datetime DESC"); $query->execute(array(':user_id' => $user_id)); } elseif (empty($email) && !empty($log_type) && empty($start_date) && empty($end_date)) { $query = $con->prepare("SELECT * FROM user_log WHERE log_type=:log_type ORDER BY datetime DESC"); $query->execute(array(':log_type' => $log_type)); } elseif (empty($email) && empty($log_type) && !empty($start_date) && empty($end_date)) { $query = $con->prepare("SELECT * FROM user_log WHERE datetime LIKE :datetime ORDER BY datetime DESC"); $query->execute(array(':datetime' => '%' . $start_date . '%')); } elseif (empty($email) && empty($log_type) && empty($start_date) && !empty($end_date)) { $query = $con->prepare("SELECT * FROM user_log WHERE datetime LIKE :datetime ORDER BY datetime DESC"); $query->execute(array(':datetime' => '%' . $end_date . '%')); } elseif (!empty($email) && !empty($log_type) && empty($start_date) && empty($end_date)) { $query = $con->prepare("SELECT * FROM user_log WHERE user_id=:user_id AND log_type=:log_type ORDER BY datetime DESC");