<td style="padding-left: 15px; padding-top: 12px; padding-right: 15px;" valign="top" align="left"> <br> <h3>Forgot Password</h3> <p> Enter your e-mail address or username to retrieve your login details. <p> <font color="RED"><? if ($cgi['email']) { $cgi['email'] = addslashes($cgi['email']); $q = mysql_query("SELECT userName,admin FROM UserDetails WHERE email LIKE '%$cgi[email]%' LIMIT 0,1") or die(mysql_error()); $a = mysql_fetch_array($q, MYSQL_ASSOC); if ($a[admin] == 1) { $strErr.= "You are not allowed to change an admin's password<br />"; } if ($a['userName'] and $cgi[admin] == 0) { $newpass = genRandomPas(); $str = "<html><body>Your login: {$a[userName]} \n password: $newpass </body></html>"; mysql_query("UPDATE UserDetails SET password='******' WHERE userName='******'") or die(mysql_error()); //echo $str; //change this: $subject = rand(0, 1) ? $a['userName'] : (rand(0, 1) ? "$a[userName]'s password" : "WW2: $a[userName]"); $email = new clsMAIL($cgi['email'], $subject, $str, "Your login: {$a[userName]} \n password: $newpass"); $email->addheader("To", "\"$a[userName]\" <$cgi[email]>"); if ($email->send()) { echo ("Message sent to $a[userName], check your email for the password :)"); } else { echo "There was an error sending the email message"; } } else { $strErr.= "There is no user with such e-mail address"; }
} elseif (getUserDetailsByEmail($cgi['email'])) { $echoS = "That e-mail has already been taken."; } elseif (!$cgi['tos']) { $echoS = "You should agree to comply with the terms of service."; } elseif (!$cgi['rules']) { $echoS = "You should agree to comply with the rules."; } elseif (!$cgi['cheat']) { $echoS = "You should promise not to try to gain an unfair advantage by breaking the rules."; } elseif (!$cgi['account']) { $echoS = "You should agree to have ONLY one " . $conf["sitename"] . " account."; } elseif (!$cgi['turing'] || (strtolower($cgi['turing']) != strtolower($_SESSION['number']))) { $echoS = "You should type the text that you see on the image."; } else { //echo "Registering"; $isResistered = 1; $pas = genRandomPas(); createUser($cgi['username'], $cgi['race'], $cgi['email'], $pas, $cgi['uniqid']); if ($cgi['uniqid']) { updateUser($cgi['uniqid'], " uu=uu+10 "); } $us = getUserDetailsByName($cgi['username'], " ID "); addIP($HTTP_SERVER_VARS['REMOTE_ADDR'], $us->ID); //echo "==".$cgi['email']."=="; $html = "<html><body>Your name is: {$cgi['username']} <br>\n Your activation password is {$pas}</body></html>"; $plain = "Your name is: {$cgi['username']} \n Your activation password is {$pas}"; $email = new clsMAIL($cgi['email'], "World War II :: {$cgi['username']}", $html, $plain); $email->addheader("To", "\"$cgi[username]\" <$cgi[email]>"); if ($email->send()) { echo "<br><br><center><font color=red>Your activation password was sent to your e-mail.</font></center><br><br><br><br>"; } else { echo "There was an error sending the email message";