Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(E_ALL)
- /**
- * Copyright (c) 2006, 2007
- *
- * Florian Schreier. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without modification,
- * are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- * 3. The names of its contributors may never be used to endorse or promote
- * products derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * @author tomilo <tomilo@gmx.net>
- * @author waRhawK <whk@gmx.de>
- * @package trooptool
- * @subpackage rtwwmod
- */
- require_once "config.php";
- if (isset($_POST['action']) AND ($_POST['action'] == text('pw_submit')) AND !empty($_POST['lostpw_name'])) {
- //---neues Passwort erstellen!
- $sql="SELECT
- name,
- email
- FROM
- ".PREFIX."spieler
- WHERE
- name = '".$_POST['lostpw_name']."'";
- $result = mysql_query($sql) OR die(mysql_error());
- $row = mysql_fetch_assoc($result);
- if ($row['email'] == $_POST['lostpw_email']) { //wenn email gleich, generiere neues Passwort
- //Zufallsgenerator für neues Passwort
- $zeichen="abcdefghijlmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
- $passwort="";
- mt_srand((double)microtime()*1000000);
- for ($i=0; $i<8; $i++) {
- $passwort .= $zeichen{mt_rand(0,(mb_strlen($zeichen)-1))};
- }
- //speichert neues Passwort in die Datenbank
- $sql="UPDATE
- ".PREFIX."spieler
- SET
- pass = '".md5($passwort)."'
- WHERE
- name = '".$_POST['lostpw_name']."'";
- mysql_query($sql) OR die(mysql_error());
- //versendet neues Passwort an den Spieler
- $headers = "From:".$row['email']."\n";
- $headers .= 'X-Mailer: PHP/' . phpversion() . "\n";
- $headers .= 'X-Sender-IP: ' . $_SERVER['REMOTE_ADDR'] . "\n";
- $headers .= "Content-type: text\n";
- $subject="Truppentool: New Password";
- $message="Hello ".$_POST['lostpw_name']."\n
- a new password has been generated for you:\n
- ".$passwort."\n
- you can log in with this password.";
- mail($row['email'], $subject, $message, $headers);
- //erfolgreich
- $fehler = "The new pasword will be mailed to you in a short time.";
- } else { //wenn emails nicht gleich, Fehlermeldung ausgeben
- $fehler = "Your E-Mail did not match, please give the mail provided with the registration.";
- }
- }
- write_header(text('login_header'));
- ?>
- <div class="oben"><?php include "oben.php"; ?></div>
- <div class="menu"><?php include "menu2.php"; ?></div>
- <div class="mitte2">
- <?php
- if(isset($_GET['action']) AND $_GET['action']=="lostpw") {
- ?>
- <form action="index.php?action=lostpw" method="post" accept-charset="utf-8">
- <table class="itable" cellpadding="2" cellspacing="1" width="500">
- <tr>
- <td colspan="4" class="header1"><?php echo text('pw_header')?></td>
- </tr>
- <tr>
- <td colspan="4" class="header2"><?php echo text('pw_text')?></td>
- </tr>
- <tr>
- <td class="zeile2"><nobr><label class="fieldLabel"><?php echo text('pw_name')?></label></nobr></td>
- <td><input class="ibox f100" type="text" name="lostpw_name"></td>
- <td class="zeile2"><nobr><label class="fieldLabel"><?php echo text('pw_email')?></label></nobr></td>
- <td><input class="ibox f200" type="text" name="lostpw_email"></td>
- </tr>
- <tr>
- <td colspan="4"><input class="submit" type="submit" name="action" value="<?php echo text('pw_submit')?>"></td>
- </tr>
- </table>
- </form>
- <?php
- } else {
- ?>
- <form action="index.php" method="post" accept-charset="utf-8">
- <table class="itable" cellpadding="2" cellspacing="1">
- <tr>
- <td colspan="2" class="header1"><?php echo text('login_header')?></td>
- </tr>
- <tr>
- <td class="zeile2" width="100"><label class="fieldLabel"><?php echo text('login_name')?></label></td>
- <td><input class="ibox f100" type="text" name="name"></td>
- </tr>
- <tr>
- <td class="zeile2" width="100"><label class="fieldLabel"><?php echo text('login_pass')?></label></td>
- <td><input class="ibox f100" type="password" name="pass"></td>
- </tr>
- <tr>
- <td colspan="2"><input class="submit" type="submit" value="<?php echo text('login_submit')?>"></td>
- </tr>
- </table>
- </form>
- <?php
- }
- if (isset($fehler)) {
- ?>
- <div style="border:solid 1px #C0C0C0; width:400px; text-align:center;"><?php echo $fehler?></div>
- <?php
- }
- ?>
- </div>
- </body>
- </html>
Add Comment
Please, Sign In to add comment