LOGIN
***********************************************************/
session_start();
require 'dbc.php';
require '../' . $site . '/mail/PHPMailer-master/PHPMailerAutoload.php';
switch ($_GET['action']) {
case 'login':
login();
break;
case 'register':
register();
break;
case 'reset':
recover();
break;
}
function login()
{
global $link;
foreach ($_POST as $key => $value) {
$data[$key] = $value;
// post variables are filtered
}
$user_email = $data['user_email'];
$pass = $data['pass'];
if (strpos($user_email, '@') === false) {
$user_cond = "user_name='{$user_email}'";
} else {
$user_cond = "user_email='{$user_email}'";
<!-- MAIN CONTENT -->
<div id="content">
<form action="#" id="login-form">
<?php
if (isset($_GET['success']) === true && empty($_GET['success']) === true) {
?>
<div class="confirmation-box round"> Thanks, we have emailed you. Please Check your email.</div>
<?php
} else {
$mode_allowed = array('username', 'password');
if (isset($_GET['mode']) === true && in_array($_GET['mode'], $mode_allowed) === true) {
if (isset($_POST['email']) === true) {
if (email_exists($_POST['email']) === true) {
recover($_GET['mode'], $_POST['email']);
header('Location: Recovery.php?success');
} else {
if (empty($_POST['email']) === true) {
echo '<div class="error-box round">' . 'Please enter an email address.' . '</div>';
} else {
echo '<div class="error-box round">' . 'We couldn\'t find that email address.' . '</div>';
}
}
}
?>
</form>
<form action="" method="post" id="login-form" novalidate autocomplete="off">
<fieldset>
<?php
require_once dirname(__FILE__) . "/../../../include/master.inc.php";
$error = "";
$success = "";
if (isset($_POST['recover'])) {
if (!recover($_POST['email'])) {
$error = "Invalid Email.";
} else {
$success = "Password successfully sent to the respective Email Address.";
}
} else {
$error = "Invalid Request";
}
if ($error != "") {
$_SESSION['response']['recover']['error'] = $error;
redirect(BASEURL . "app/recover.php");
} else {
if ($success != "") {
$_SESSION['response']['login']['success'] = $success;
redirect(BASEURL . "app/index.php");
}
}
//recover script for both Username And Password
//$email = ''; //for declar global variable
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = mysql_real_escape_string(htmlentities(input_validation($_POST['email'])));
$type = mysql_real_escape_string(htmlentities(input_validation($_GET['type'])));
$type_allowed = array('ForgotPassword');
if (isset($type) === true && in_array($type, $type_allowed) === true) {
if (empty($email) === true) {
$errors[] = 'You need to enter your email address which you have used for Signup';
} elseif (filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
$errors[] = 'A valid email addres is required.';
}
if (email_exists($con, $email) === false) {
$errors[] = 'Oops, we can\'t recognize you. Please try again';
} else {
recover($con, $email, $type);
// same function user for recover both Username And Password
$_SESSION['recover_password_email'] = $email;
//for success message check
//for Logout user log;
$remark = 'Recover login details.';
insert_user_log($con, user_id_from_email($con, $email), 9, REMOTE_IP, $remark);
if ($_GET['type'] == 'ForgotPassword') {
header('Location: auth.php?type=ForgotPassword&Success');
exit;
}
}
}
//array check
}
//end isset
#
#
#
#
#
#
#
#
#
#
#
require "newsettings.php";
if (isset($_REQUEST["key"])) {
switch ($_REQUEST["key"]) {
case "recover":
$OUTPUT = recover();
break;
case "confirm":
$OUTPUT = confirm($_REQUEST);
break;
case "create":
$OUTPUT = create($_REQUEST);
break;
case "creation":
$OUTPUT = creation($_REQUEST);
break;
default:
$OUTPUT = newcomp();
}
} else {
$OUTPUT = newcomp();
if ($_GET["mode"] == "username") {
echo "<h1>Recover your Username</h1>";
echo "<p>Please enter your email address to recover your username.</p>";
}
}
}
if (isset($_GET["success"]) === true && empty($_GET["success"]) === true) {
?>
<h2>You will recieve an email you requested shortly!</h2>
<?php
} else {
$mode_allowed = array("username", "password");
if (isset($_GET["mode"]) === true && in_array($_GET["mode"], $mode_allowed)) {
if (isset($_POST["email"]) === true && empty($_POST["email"]) === false) {
if (email_exists($_POST["email"]) === true) {
recover($_GET["mode"], $_POST["email"]);
header("Location: {$linkToALL}/recover.php?success");
exit;
} else {
echo "<p class='error_recover'>Oops, we couldn't find that email address!</p>";
}
}
?>
<form class="form-horizontal recover_form" method="POST">
<div class="form-group form-group-default">
<div class="row">
<div class="col-md-4">
<span class="form_span">Please enter your email address:</span>
<input type="text" class="form-control" name="email">
</div>
</div>
