<?php session_start(); include "../../php/AC.php"; if (isset($_POST["ac"]) && $_POST["ac"] == "log") { /// do after login form is submitted if ($USERS[$_POST["username"]] == $_POST["pw"]) { /// check if submitted username and password exist in $USERS array // as a features users can login using their email address // here we need to get the real user name and use that instead of the email address if (strpos($_POST["username"], "@") !== false) { // found email as user name, what is the real name? $_SESSION["logged"] = getUserNameFromEmail($_POST["username"]); } else { $_SESSION["logged"] = $_POST["username"]; } } else { audit("login", "incorrect password name for " . $_POST["username"]); echo 'Incorrect username/password. Please, try again.'; } } if (array_key_exists($_SESSION["logged"], $USERS)) { $l = strlen('/login.php'); if (isset($_POST["url"]) && $l > 0 && substr($_POST["url"], -$l) === '/login.php') { $u = $_POST["url"]; } else { $u = "/index.php"; } header("Location: " . $u); // if user is logged go to front page }
<?php session_start(); include "../../code/php/AC.php"; if (isset($_POST["email"])) { // Check if this user exists $email = $_POST["email"]; $name = getUserNameFromEmail($email); //echo "Found this name: ".$name." in our records"; if ($email == "" || $name == "unknown") { audit("newPassword", "account does not exist " . $_POST["email"]); echo "<script>message = \"This account does not exist.\";</script>"; } else { // create a new password for this account and send to user audit("newPassword", "send to " . $_POST["email"]); $pw = substr(uniqid(), 0, 8); $md5version = md5($pw); changePassword($name, $md5version); // email user $serv = split(':', $_SERVER['HTTP_HOST']); $message = "A new password has been created for account \"" . $name . "\" on " . $serv[0] . ". Login using this password: \"" . $pw . "\""; $headers = "From: alexdecastro2@gmail.com\r\n"; mail($email, 'Password Reset', $message, $headers); echo "<script>message = \"An email has been send to your account. After you receive the email, try to login again <a href='login.php'>here</a>.\";</script>"; } } ?> <!DOCTYPE html> <html lang="en"> <head>
<?php $count = 0; $locations = array(); $mappoints = array(); foreach ($req as $key => $value) { if ($count % 2 == 0) { echo "<tr style=\"background-color: #EEEEEE;\">"; } else { echo "<tr style=\"background-color: #FFFFFF;\">"; } $notFound = 0; foreach ($value as $key2 => $value2) { if ($key2 == "user email") { // now check if that user has an account echo "<td>".$value2."</td>"; if (getUserNameFromEmail($value2) == "unknown") { $notFound = 1; } } } if ($notFound == 1) { // skip this user continue; } $count = $count + 1; $brief = ""; foreach ($value as $key2 => $value2) { if ($key2 == "brief") { $brief = $value2; } }