$email = $_POST['email'];
//check email in db
$results = $db->select("username", "Member", 'email="' . $email . '"');
//stores the username in a variable for the storing of their resetID
$user = getUsername($results);
$email_exist = $results->num_rows;
//records count
//if returned value is more than 0, email exists
if ($email_exist > 0) {
// send an email and replace div
if (sendMail($user)) {
echo '<script > window.setTimeout(function(){window.location.href = "index.php";}, 5000);</script>';
echo "<p>An email has been sent, redirecting to the homepage</p>";
}
} else {
if ($email_exist === 0) {
//display that the email does not exist
loadForm(true);
echo "<span class='emFail'>This email address is not in our system!</span>";
}
}
}
}
?>
</div>
<div id="toHome">
<a href="index.php" > <img id="logo1" alt ="classified logo" src="style\class.png"style="width:100px;height:80px"/></a>
</div>
</body>
</html>
/**
* Authenticate a user.
*
* @param string $username
* @param string $password
* @return true if there were no errors and user was authenticated, error string if there was an error.
*/
function authenticate($username, $password, $flavor)
{
// Authenticate user.
try {
// TODO move to use PHP Auth?
$dbCon = RingsideApiDbDatabase::getDatabaseConnection();
$userDb = new Api_Dao_User();
$uid = $userDb->login($username, $password, $dbCon);
return $uid;
} catch (Exception $e) {
$error = '';
$code = $e->getCode();
if ($code == NO_USER) {
$error = "No User with User Name {$username} exists!<BR><a href=\"register.php\">Sign Up!</a>";
} else {
if ($code == BAD_PASSWORD) {
$error = 'Invalid Password';
} else {
$error = $e->getMessage();
}
}
loadForm($flavor, $error, $_REQUEST);
}
return false;
}
loadForm(true);
} else {
//if the passwords do not match - or password is left blank - load the form again
//with an error message. Send false indicating that the password check failed.
if (!checkPasswordMatch()) {
loadForm(false);
} else {
$db = new DbObject();
$passwordCheck = new PasswordChecker();
$passwordUsernamePass = $passwordCheck->isValid($_SESSION["username"], $_POST["currentPassword"]);
if ($passwordUsernamePass) {
$newPassword = password_hash($_POST["newPassword1"], PASSWORD_DEFAULT);
$passwordArray = array("password" => $newPassword, "username" => $_SESSION["username"]);
$usernamePasswordChangeSuccess = $db->update($passwordArray, "Member", "username");
if ($usernamePasswordChangeSuccess == 1) {
$_SESSION["loggedIn"] = false;
echo "<h2>Password succesfully changed! Please log in with your new credentials</h2>\n <h2><a href='login.php'>Log in</a> to log in</h2>";
}
} else {
loadForm(false);
}
}
}
?>
</div>
<div id="toHome">
<a href="index.php" > <img id="logo1" alt ="classified logo" src="style\class.png"style="width:100px;height:80px"/></a>
</div>
</body>
</html>
exit('No direct script access allowed');
}
checkServiceSession();
if (!isset($_REQUEST['action'])) {
exit("Form Action Not Specified");
}
//echo "Error::";
//printArray($_POST);
//printArray($_GET);
//exit();
$action = $_REQUEST['action'];
unset($_REQUEST['action']);
//exit("Error:: $action");
//multitablesubmit,multiinserts
if ($action == 'load') {
loadForm();
} elseif ($action == 'autoload') {
autoloadForm();
} elseif ($action == 'mail') {
mailForm();
} elseif ($action == 'dbmail') {
saveToDB();
mailForm();
} elseif ($action == 'submit') {
saveToDB();
} elseif ($action == 'delete') {
deleteForm();
} elseif ($action == 'updatebyid') {
updateFormById();
} elseif ($action == 'unique') {
checkUnique();
