API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 9th, 2017
272
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.60 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $email = 'admin@runohotel.com';
  3.  
  4. if (isset($_GET['code'])) {
  5. $hashcode = filter($_GET['code']);
  6. $check = dbquery("SELECT username FROM `passrecovery` WHERE hash='$hashcode'");
  7. if ($check->num_rows) {
  8. $r = $check->fetch_assoc();
  9. $username = $r['username'];
  10. echo 'Hey, $username, your password has been sent to your mail account.';
  11. $pass = substr(md5(uniqid(mt_rand(), 1)), 3, 10);
  12. $udpass = dbquery("UPDATE `users` SET password='$pass' WHERE username='$username'");
  13. // send mail
  14. $check = dbquery("SELECT mail FROM `users` WHERE username='$username'");
  15. $r = $check->fetch_assoc();
  16. $to = $r['mail'];
  17. $subject = 'Your new password - {hotelName}';
  18. $message = "Your login information \r\nUsername: $username\r\nPassword: $pass";
  19. $header = "From: " . $email;
  20. $sentmail = mail($to, $subject, $message, $header);
  21. $endquery = dbquery("DELETE FROM `passrecovery` WHERE hash='$hashcode'");
  22. } else {
  23. echo 'Invalid key';
  24. }
  25. }
  26. if (isset($_POST['submit'])) {
  27. // Look for their user
  28. $user = filter($_POST['username']);
  29. $check = dbquery("SELECT mail FROM `users` WHERE username='$user'");
  30. // If we find a row
  31. if ($check->num_rows) {
  32. $r = $check->fetch_assoc();
  33. $code = dbquery("SELECT NULL FROM `passrecovery` WHERE username='$user'");
  34. if ($code->num_rows) {
  35. $hash = md5(uniqid(mt_rand(), true));
  36. $query1 = dbquery("INSERT INTO `passrecovery`(username, hash) VALUES ('$user', '$hash')");
  37. echo 'Please check your email (It may appear in the Junk folder).';
  38. $to = $r['mail'];
  39. $subject = "Password reset - {hotelName}";
  40. $header = "Content-type: text/html\r\n";
  41. $header .= "From: " . $email;
  42. $message = "Your confirmation link<br>\r\n";
  43. $message .= "<a href={siteurl}/forgot?code=$hash> Click here to get a password sent to you.\r\n </a><br>";
  44. $message .= "If you cannot click the link, copy and paste this link to your URL bar..\r\n<br>";
  45. $message .= "{siteurl}/forgot?code=" . $hash;
  46. $sentmail = mail($to, $subject, $message, $header);
  47. }
  48. } // If no row was found
  49. else {
  50. echo "An error has occured. <br> If you are sure you entered your username correctly, please contact an administrator.";
  51. }
  52. } else {
  53. ?>
  54.  
  55. <form method="post">
  56. <input type="text" name="username"/>
  57. <input type="submit" name="submit" value="Submit"/>
  58. </form>
  59. <?php } ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!