function doreset2($data) { $user = $data['data']['user']; $email = $data['data']['email']; $emailinfo = getOpts($user, emailOptList()); if ($emailinfo['STATUS'] != 'ok') { syserror(); } $ans = getAtts($user, 'KLastReset.dateexp'); if ($ans['STATUS'] != 'ok') { syserror(); } // If the last attempt hasn't expired don't do anything but show a fake msg if (!isset($ans['KLastReset.dateexp']) || $ans['KLastReset.dateexp'] == 'Y') { // This line $code = isn't an attempt at security - // it's simply to ensure the username is readable when we get it back $code = bin2hex($data['data']['user']) . '_'; // A code that's large enough to not be worth guessing $ran = $ans['STAMP'] . $user . $email . rand(100000000, 999999999); $hash = hash('md4', $ran); $ans = setAtts($user, array('ua_KReset.str' => $hash, 'ua_KReset.date' => 'now+3600', 'ua_LastReset.date' => 'now+3600')); if ($ans['STATUS'] != 'ok') { syserror(); } $ok = passReset($email, $code . $hash, zeip(), $emailinfo); if ($ok === false) { syserror(); } } $pg = '<h1>Reset Sent</h1>'; $pg .= '<br>An Email has been sent that will allow you to'; $pg .= '<br>reset your password.'; $pg .= '<br>If you got your username or email address wrong,'; $pg .= '<br>you wont get the email.'; return $pg; }
$mail->SMTPAuth = true; //Username to use for SMTP authentication - use full email address for gmail $mail->Username = "******"; //Password to use for SMTP authentication $mail->Password = "******"; //Set who the message is to be sent from $mail->setFrom('*****@*****.**', 'Misconceptions Team'); //Set an alternative reply-to address //$mail->addReplyTo('*****@*****.**', 'First Last'); //Set who the message is to be sent to $mail->addAddress($useremail, 'John Doe'); //Set the subject line $mail->Subject = 'Misconceptions - Password Reset'; //Read an HTML message body from an external file, convert referenced images to embedded, //convert HTML into a basic plain-text alternative body $mail->msgHTML(file_get_contents('forgotpass-email')); $mail->Body = "Your reset key is: " . $token . "<br>Just put your key <a href='localhost/misconception/main_page/passreset-index.php'> here</a> and type in a new password. Your key will expire in 48 hours"; //Replace the plain text body with one created manually $mail->AltBody = 'This is a plain-text message body'; //send the message, check for errors if (!$mail->send()) { echo "Mailer Error: " . $mail->ErrorInfo; } else { echo "Message sent!"; } } } if (isset($_POST['name'])) { echo "this function works"; passReset($con); }