function doreset2($data)
{
$user = $data['data']['user'];
$email = $data['data']['email'];
$emailinfo = getOpts($user, emailOptList());
if ($emailinfo['STATUS'] != 'ok') {
syserror();
}
$ans = getAtts($user, 'KLastReset.dateexp');
if ($ans['STATUS'] != 'ok') {
syserror();
}
// If the last attempt hasn't expired don't do anything but show a fake msg
if (!isset($ans['KLastReset.dateexp']) || $ans['KLastReset.dateexp'] == 'Y') {
// This line $code = isn't an attempt at security -
// it's simply to ensure the username is readable when we get it back
$code = bin2hex($data['data']['user']) . '_';
// A code that's large enough to not be worth guessing
$ran = $ans['STAMP'] . $user . $email . rand(100000000, 999999999);
$hash = hash('md4', $ran);
$ans = setAtts($user, array('ua_KReset.str' => $hash, 'ua_KReset.date' => 'now+3600', 'ua_LastReset.date' => 'now+3600'));
if ($ans['STATUS'] != 'ok') {
syserror();
}
$ok = passReset($email, $code . $hash, zeip(), $emailinfo);
if ($ok === false) {
syserror();
}
}
$pg = '<h1>Reset Sent</h1>';
$pg .= '<br>An Email has been sent that will allow you to';
$pg .= '<br>reset your password.';
$pg .= '<br>If you got your username or email address wrong,';
$pg .= '<br>you wont get the email.';
return $pg;
}
$mail->SMTPAuth = true;
//Username to use for SMTP authentication - use full email address for gmail
$mail->Username = "******";
//Password to use for SMTP authentication
$mail->Password = "******";
//Set who the message is to be sent from
$mail->setFrom('*****@*****.**', 'Misconceptions Team');
//Set an alternative reply-to address
//$mail->addReplyTo('*****@*****.**', 'First Last');
//Set who the message is to be sent to
$mail->addAddress($useremail, 'John Doe');
//Set the subject line
$mail->Subject = 'Misconceptions - Password Reset';
//Read an HTML message body from an external file, convert referenced images to embedded,
//convert HTML into a basic plain-text alternative body
$mail->msgHTML(file_get_contents('forgotpass-email'));
$mail->Body = "Your reset key is: " . $token . "<br>Just put your key <a href='localhost/misconception/main_page/passreset-index.php'> here</a> and type in a new password. Your key will expire in 48 hours";
//Replace the plain text body with one created manually
$mail->AltBody = 'This is a plain-text message body';
//send the message, check for errors
if (!$mail->send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message sent!";
}
}
}
if (isset($_POST['name'])) {
echo "this function works";
passReset($con);
}
