function recover($mode, $email)
{
// recupereaza numele de utilizator sau parola - $mode poate lua valoarea de 'username' sau 'password'
include 'core/db/db_connection.php';
$mode = sanitize($mode);
$email = sanitize($email);
$user_data = user_data(get_user_id_from_email($email), 'user_id', 'first_name', 'username');
if ($mode == 'username') {
email($email, 'Your username', "\n\t\t\t\tHello " . $user_data['first_name'] . ", <br><br>\n\t\t\t\tYour username is " . $user_data['username'] . " <br><br>\n\t\t\t\t-worldtour team\n\t\t\t");
} else {
if ($mode == 'password') {
$generated_password = substr(md5(rand(777, 7777)), 0, 7);
// generam o parola random de 7 caractere pe care o criptam cu md5
change_password($user_data['user_id'], $generated_password);
update_user($user_data['user_id'], array('pwd_recovery' => '1'));
// folosim un 'flag' asupra contului pentru a forta utilizatorul sa-si schimbe parola generata de noi prima oara cand se logheaza
email($email, 'Password recovery', "\n\t\t\t\tHello " . $user_data['first_name'] . ", <br><br>\n\t\t\t\tYour new password is " . $generated_password . "<br><br>\n\t\t\t\tKindly note that this is a temporary password and you are required to change it on your first log in. <br><br>\n\t\t\t\t-worldtour team\n\t\t\t");
}
}
}
$query = $con->prepare("SELECT email FROM user WHERE email LIKE :email LIMIT 20 ");
$query->execute(array(':email' => '%' . $user_log_s_email . '%'));
//$result = $query->fetch(PDO::FETCH_ASSOC);
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$results[] = $row['email'];
}
echo json_encode($results);
//*/work without this
}
//search for username from email or date_of_birth (dob)
if (isset($_POST['user_log_email']) && isset($_POST['select_log_type']) && isset($_POST['user_log_start_date']) && isset($_POST['user_log_end_date'])) {
$email = mysql_real_escape_string(htmlentities(input_validation($_POST['user_log_email'])));
$log_type = mysql_real_escape_string(htmlentities(input_validation($_POST['select_log_type'])));
$start_date = mysql_real_escape_string(htmlentities(input_validation($_POST['user_log_start_date'])));
$end_date = mysql_real_escape_string(htmlentities(input_validation($_POST['user_log_end_date'])));
$user_id = get_user_id_from_email($con, $email);
//single item
if (!empty($email) && empty($log_type) && empty($start_date) && empty($end_date)) {
$query = $con->prepare("SELECT * FROM user_log WHERE user_id=:user_id ORDER BY datetime DESC");
$query->execute(array(':user_id' => $user_id));
} elseif (empty($email) && !empty($log_type) && empty($start_date) && empty($end_date)) {
$query = $con->prepare("SELECT * FROM user_log WHERE log_type=:log_type ORDER BY datetime DESC");
$query->execute(array(':log_type' => $log_type));
} elseif (empty($email) && empty($log_type) && !empty($start_date) && empty($end_date)) {
$query = $con->prepare("SELECT * FROM user_log WHERE datetime LIKE :datetime ORDER BY datetime DESC");
$query->execute(array(':datetime' => '%' . $start_date . '%'));
} elseif (empty($email) && empty($log_type) && empty($start_date) && !empty($end_date)) {
$query = $con->prepare("SELECT * FROM user_log WHERE datetime LIKE :datetime ORDER BY datetime DESC");
$query->execute(array(':datetime' => '%' . $end_date . '%'));
} elseif (!empty($email) && !empty($log_type) && empty($start_date) && empty($end_date)) {
$query = $con->prepare("SELECT * FROM user_log WHERE user_id=:user_id AND log_type=:log_type ORDER BY datetime DESC");
