function Set_Password_Reset($email) { $date = date("Y-m-d H:i:s"); $reset_code = random_string(20); $query = "UPDATE `users` SET `password_reset_code`='" . $reset_code . "', `password_reset_date`='" . $date . "' WHERE `email`='" . $email . "';"; $reset = query($query); if ($reset) { $to = $email; $subject = "Here's your Lexiconga password reset link"; $message = "Hello " . Get_Public_Name_By_Email($email) . "\r\n\r\nSomeone has requested a password reset link for your Lexiconga account. If it was you, you can reset your password by going to the link below and entering a new password for yourself:\r\n"; $message .= "http://lexicon.ga/?passwordreset&account=" . Get_User_Id($email) . "&code=" . $reset_code . "\r\n\r\n"; $message .= "If it wasn't you who requested the link, you can ignore this email since it was only sent to you, but you might want to consider changing your password when you have a chance.\r\n\r\n"; $message .= "The password link will only be valid for today until you use it.\r\n\r\n"; $message .= "Thanks!\r\nThe Lexiconga Admins"; $header = "From: Lexiconga Password Reset <*****@*****.**>\r\n" . "Reply-To: help@lexicon.ga\r\n" . "X-Mailer: PHP/" . phpversion(); if (mail($to, $subject, $message, $header)) { return true; } else { return "could not send"; } } else { return false; } }
break; case "accountsettingsupdated": $notificationMessage = "Your settings have been updated."; break; } $_SESSION['current_status'] = ""; } if (isset($_GET['logout']) && $current_user > 0) { session_destroy(); header('Location: ./?loggedout'); } elseif (isset($_GET['login']) && $current_user <= 0) { if (isset($_POST['email']) && isset($_POST['password'])) { if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { if (EmailExists($_POST['email'])) { if (Validate_Login($_POST['email'], $_POST['password'])) { $_SESSION['user'] = Get_User_Id($_POST['email']); query("UPDATE `users` SET `last_login`='" . date("Y-m-d H:i:s") . "' WHERE `id`=" . $_SESSION['user'] . ";"); } else { $_SESSION['current_status'] = "loginfailed"; } } else { $_SESSION['current_status'] = "emaildoesnotexist"; } } else { $_SESSION['current_status'] = "emailinvalid"; } } else { $_SESSION['current_status'] = "loginemailorpasswordblank"; } header('Location: ./'); } elseif (isset($_GET['createaccount'])) {