function login($email, $password) { $user_id = user_id_from_email($email); $email = sanitize($email); $password = MD5($password); return mysql_result(mysql_query("SELECT COUNT(user_id) FROM users WHERE email = '{$email}' AND password = '******'"), 0) == 1 ? $user_id : false; }
function recover($mode, $email) { $mode = sanitize($mode); $email = sanitize($email); $user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username'); if ($mode === 'username') { email($email, 'Your username', "Hello " . $userdata['firstname'] . "\n\nYour username is " . $userdata['firstname'] . "\n\n-our company"); } elseif ($mode === 'password') { $generated_password = substr(md5(rand(999, 999999)), 0, 8); //change_password($user_data['user_id'], $generated_password); //update_user($user_data['user_id'], array('password_recover' => '1')); email($email, 'Your password recovery', "Hello " . $userdata['firstname'] . "\n\nYour new password is: " . $generated_password . "\n\n-our company"); } }
function recover($mode, $email) { $mode = sanitize($mode); $email = sanitize($email); $user_data = user_data(user_id_from_email($email), 'first_name', 'username'); if ($mode == 'username') { email($email, 'Your username recvory', "Hello" . $user_data['first_name'] . ",\n\nYour username is:" . $user_data['username'] . "\n\n-stumbleupon"); } else { if ($mode == 'password') { $generated_password = substr(md5(rand(999, 999999)), 0, 8); change_password($user_data['user_id'], $generated_password); update_user($user_data['user_data'], array('password_recover' => '1')); email($email, 'Your password recvory', "Hello" . $user_data['first_name'] . ",\n\nYour New Password is:" . $generated_password . "\n\n-StumbleUpon"); } } }
function recover($mode, $email) { $mode = sanitize($mode); $email = sanitize($email); $user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username'); if ($mode == 'username') { email($email, 'Your username', "Hello " . $user_data['first_name'] . ", \n \n Your username is: " . $user_data['username'] . ",\n\n -dwcl"); } else { if ($mode == 'password') { //password $generated_password = substr(md5(rand(999, 999999)), 0, 8); change_password($user_data['user_id'], $generated_password); email($email, 'Your Password', "Hello " . $user_data['first_name'] . ", \n \n Your new is: " . $generated_password . ",\n\n -dwcl"); } } }
function recover($mode, $email) { $user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username'); if ($mode == 'username') { // recover username email($email, 'Your username', "Hello " . $user_data['first_name'] . ",\n\nYour username is: " . $user_data['username'] . "\n\n-sparklet"); } else { if ($mode == 'password') { // recover password $generated_password = substr(md5(rand(999, 999999)), 0, 8); // die($generated_password); change_password($user_data['user_id'], $generated_password); update_user($user_data['user_id'], array('password_recover' => '1')); email($email, 'Your password recovery', "Hello " . $user_data['first_name'] . ",\n\nYour new password is: " . $generated_password . "\n\n-sparklet"); } } }
function recover($mode, $email) { $mode = sanitize($mode); $email = sanitize($email); $user_data = get_user_data(user_id_from_email($email), 'user_id', 'first_name', 'username'); if ($mode == 'username') { email($email, 'Your Username Recovery - Factionizer', "Hello " . $user_data['first_name'] . ",\n\nThank you for using the Factionizer. Your username is:\n" . $user_data['username'] . "\n\n ---Factionizer"); } else { if ($mode == 'password') { $generated_password = substr(md5(rand(999, 999999)), 0, 8); change_password($user_data['user_id'], $generated_password); update_user($user_data['user_id'], array('password_recover' => '1')); email($email, 'Your Password Recovery - Factionizer', "Hello " . $user_data['first_name'] . ",\n\nThank you for using the Factionizer. Your password has been reset. Once you log in with this new password, you will be prompted to change it.\n Your new password is:\n\n" . $generated_password . "\n\n ---Factionizer"); } else { echo 'Error.'; } } }
function recover($mode, $email) { $mode = sanitize($mode); $email = sanitize($email); $user_id = user_id_from_email($email); $user_data = user_data($user_id, 'user_id', 'first_name', 'username'); if ($mode === 'username') { //recover username sendMail("{$email}", "MCA-website username recovery mail", "Hello " . $user_data['first_name'] . ", \n\n Your username for mca page is " . $user_data['username'] . "\n\n~MCA, IIT Bombay"); } else { if ($mode === 'password') { //recover password $generated_password = substr(md5(rand(999, 999999)), 0, 8); change_password($user_data['user_id'], $generated_password); //changing password with new genrated password //this is to force user to change password after resetting password mysql_query("UPDATE `users` SET `password_recover` = 1 WHERE `user_id` = {$user_id}"); sendMail("{$email}", "MCA-website password reset mail", "Hello " . $user_data['first_name'] . ", \n\n Your password for mca page is reset and the new password is " . $generated_password . ". Please change your password after logging in.\n\n~MCA, IIT Bombay"); } } }
$passwd = $_POST['pwd']; if ($eid && $passwd) { $query = mysql_query("SELECT * FROM `register` where email='{$eid}'"); //looks for the user with the given id in the database $numrows = mysql_num_rows($query); //finds the number of rows related to the query if ($numrows != 0) { while ($row = mysql_fetch_assoc($query)) { $dbemail = $row['email']; //store the email and password fromm database into variables $dbpwd = $row['password']; $dbuser = $row['user_name']; } //checking if they match if ($eid == $dbemail && $passwd == $dbpwd) { echo "Congratulations. You are logged in!<br>"; $uid = user_id_from_email($eid); $_SESSION['uid'] = $uid; $_SESSION['user_id'] = $dbuser; //echo $_SESSION['uid']; //echo "welcome!" .$_SESSION['user_id'].". <a href='logout.php'>click here</a> to log out!"; header("location:useraccount.html"); } else { echo "oops!! invalid user credentials!"; } } else { die("there are no users with the given email"); } } else { die("enter username and password"); }
function recover($mode, $email) { $mode = sanitize($mode); $email = sanitize($email); $user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username'); if ($mode == 'username') { email($email, 'Your username', "Hello " . $user_data['first_name'] . ",\n\nYour username is : " . $user_data['username'] . "\n\n-Shoppcart"); } elseif ($mode == 'password') { $generated_password = substr(md5(rand(999, 999999)), 0, 8); change_password($user_data['user_id'], $generated_password); $user_id = $user_data['user_id']; mysql_query("UPDATE `users` SET `password_recover`=1 WHERE `user_id` = '{$user_id}'"); email($email, 'Your Password', "Hello " . $user_data['first_name'] . ",\n\nYour New Password is : " . $generated_password . "\n\n-Shoppcart"); } }
//recover script for both Username And Password //$email = ''; //for declar global variable if ($_SERVER["REQUEST_METHOD"] == "POST") { $email = mysql_real_escape_string(htmlentities(input_validation($_POST['email']))); $type = mysql_real_escape_string(htmlentities(input_validation($_GET['type']))); $type_allowed = array('ForgotPassword'); if (isset($type) === true && in_array($type, $type_allowed) === true) { if (empty($email) === true) { $errors[] = 'You need to enter your email address which you have used for Signup'; } elseif (filter_var($email, FILTER_VALIDATE_EMAIL) === false) { $errors[] = 'A valid email addres is required.'; } if (email_exists($con, $email) === false) { $errors[] = 'Oops, we can\'t recognize you. Please try again'; } else { recover($con, $email, $type); // same function user for recover both Username And Password $_SESSION['recover_password_email'] = $email; //for success message check //for Logout user log; $remark = 'Recover login details.'; insert_user_log($con, user_id_from_email($con, $email), 9, REMOTE_IP, $remark); if ($_GET['type'] == 'ForgotPassword') { header('Location: auth.php?type=ForgotPassword&Success'); exit; } } } //array check } //end isset
} } } else { $errors[] = 'enter all the fields given'; } if (isset($_GET['success']) && empty($_GET['success'])) { echo 'Your password has been changed'; } else { //if any of the posts are not empty and there are no errors if (empty($_POST) === false && empty($errors) === true) { $email_code = $_GET['email']; $query = mysql_query("SELECT (`email`) FROM `Login` WHERE `email_code` = '{$email_code}'"); while ($result = mysql_fetch_assoc($query)) { $email = $result['email']; } change_password(user_id_from_email($email), $_POST['password']); header('Location:recoverpage.php?success'); } else { if (empty($errors) !== true) { echo output_errors($errors); } } ?> <form action="" method="post"> <ul> <h1>Change your password here</h1> <li> New password:<br> <input type="password" name="password"> </li>
function login($email, $password) { $user_id = user_id_from_email($email); $email = sanitize($email); $password = md5($password); return mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '{$email}' AND `password` = '{$password}'"), 0) == 1 ? $user_id : false; }
function recover($mode, $email) { $mode = sanitize($mode); $email = sanitize($email); $user_data = user_data(user_id_from_email($email), "azs_employee_id", "firstname", "username"); if ($mode == "username") { // Recover username // email($email, "Your username", "Hello " . $user_data["firstname"] . "\n\nYour username is: " . $user_data["username"] . "\n\n -CONVO Portal"); } else { if ($mode == "password") { // Recover password $generated_password = substr(sh1(rand(999, 999999)), 0, 8); //die($generated_password); change_password($user_data["azs_employee_id"], $generated_password); update_user($user_data["azs_employee_id"], array("password_recover" => "1")); //email($email, "Your password recovery", "Hello " . $user_data["firstname"] . "\n\nYour new password is: " . $generated_password . "\n\n -CONVO Portal"); } } }