list($UserID, $Username, $Email) = $DB->next_record(); if ($UserID) { // Email exists in the database // Set ResetKey, send out email, and set $Sent to 1 to show success page $ResetKey = Users::make_secret(); $DB->query("\n\t\t\t\t\t\tUPDATE users_info\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tResetKey = '" . db_string($ResetKey) . "',\n\t\t\t\t\t\t\tResetExpires = '" . time_plus(60 * 60) . "'\n\t\t\t\t\t\tWHERE UserID = '{$UserID}'"); require SERVER_ROOT . '/classes/templates.class.php'; $TPL = new TEMPLATE(); $TPL->open(SERVER_ROOT . '/templates/password_reset.tpl'); // Password reset template $TPL->set('Username', $Username); $TPL->set('ResetKey', $ResetKey); $TPL->set('IP', $_SERVER['REMOTE_ADDR']); $TPL->set('SITE_NAME', SITE_NAME); $TPL->set('SITE_URL', NONSSL_SITE_URL); Misc::send_email($Email, 'Password reset information for ' . SITE_NAME, $TPL->get(), 'noreply'); $Sent = 1; // If $Sent is 1, recover_step1.php displays a success message //Log out all of the users current sessions $Cache->delete_value("user_info_{$UserID}"); $Cache->delete_value("user_info_heavy_{$UserID}"); $Cache->delete_value("user_stats_{$UserID}"); $Cache->delete_value("enabled_{$UserID}"); $DB->query("\n\t\t\t\t\t\tSELECT SessionID\n\t\t\t\t\t\tFROM users_sessions\n\t\t\t\t\t\tWHERE UserID = '{$UserID}'"); while (list($SessionID) = $DB->next_record()) { $Cache->delete_value("session_{$UserID}" . "_{$SessionID}"); } $DB->query("\n\t\t\t\t\t\tUPDATE users_sessions\n\t\t\t\t\t\tSET Active = 0\n\t\t\t\t\t\tWHERE UserID = '{$UserID}'\n\t\t\t\t\t\t\tAND Active = 1"); } else { $Err = 'There is no user with that email address.'; }
// Create invite tree record $DB->query("INSERT INTO invite_tree (UserID, InviterID, TreePosition, TreeID, TreeLevel) VALUES ('$UserID', '$InviterID', '$TreePosition', '$TreeID', '$TreeLevel')"); include(SERVER_ROOT.'/classes/class_templates.php'); $TPL=NEW TEMPLATE; $TPL->open(SERVER_ROOT.'/templates/new_registration.tpl'); $TPL->set('Username',$_REQUEST['username']); $TPL->set('TorrentKey',$torrent_pass); $TPL->set('SITE_NAME',SITE_NAME); $TPL->set('SITE_URL',SITE_URL); send_email($_REQUEST['email'],'New account confirmation at '.SITE_NAME,$TPL->get(),'noreply'); $Sent=1; } } elseif($_GET['invite']) { // If they haven't submitted the form, check to see if their invite is good $DB->query("SELECT InviteKey FROM invites WHERE InviteKey='".db_string($_GET['invite'])."'"); if($DB->record_count() == 0){ error('Invite not found!'); } } include('step1.php'); } elseif(!OPEN_REGISTRATION) { if (isset($_GET['welcome'])) {
/** * Initiate a password reset * * @param int $UserID The user ID * @param string $Username The username * @param string $Email The email address */ public static function resetPassword($UserID, $Username, $Email) { $ResetKey = Users::make_secret(); G::$DB->query("\n\t\t\tUPDATE users_info\n\t\t\tSET\n\t\t\t\tResetKey = '" . db_string($ResetKey) . "',\n\t\t\t\tResetExpires = '" . time_plus(60 * 60) . "'\n\t\t\tWHERE UserID = '{$UserID}'"); require SERVER_ROOT . '/classes/templates.class.php'; $TPL = new TEMPLATE(); $TPL->open(SERVER_ROOT . '/templates/password_reset.tpl'); // Password reset template $TPL->set('Username', $Username); $TPL->set('ResetKey', $ResetKey); $TPL->set('IP', $_SERVER['REMOTE_ADDR']); $TPL->set('SITE_NAME', SITE_NAME); $TPL->set('SITE_URL', NONSSL_SITE_URL); Misc::send_email($Email, 'Password reset information for ' . SITE_NAME, $TPL->get(), 'noreply'); }