<?phperror_reporting (E_ALL ^ E_NOTICE);session_start();$userid = $_SESSIO

1. <?php
2. error_reporting (E_ALL ^ E_NOTICE);
3. session_start();
4. $userid = $_SESSION['sID'];
5. $username = $_SESSION['uoName'];
6. ?>
7. <?php
8. if (!$username && !$userid){
9.  
10. if ($_POST['resetbtn']){
11.  
12. $user = $_POST['username'];
13. $email = $_POST['email'];
14. $secQ = $_POST['secQ'];
15. $secA = $_POST['secA'];
16.  
17. if ($username){
18. if ($email){
19. if ( (strlen($email) > 7) && (strstr($email, "@")) && (strstr($email, ".")) ){
20. require("config1.php");
21.  
22. if ($row['secQ'] != $secQ){
23. echo "Security Question does not match account.";
24.  
25. } else if ($row['secA'] != $secA){
26. echo "Security Answer given was incorrect.";
27. }
28.  
29. $query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
30. $numrows = mysql_num_rows($query);
31. if ($numrows == 1){
32.  
33.  
34. $row = mysql_fetch_assoc($query);
35.  
36.  
37.  
38.  
39. $dbemail = $row['email'];
40. } else if ($email == $dbemail){
41.  
42. $password == rand();
43. $password == md5($password);
44. $password == substr($pass, 0, 15);
45.  
46. mysql_query("UPDATE users SET password='$password' WHERE username='$username'");
47.  
48. $query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
49. $numrows = mysql_num_rows($query);
50. if ($numrows == 1){
51.  
52. $webmaster = "Dragon@AECalendar.net";
53. $headers = "From: Dragon<$webmaster>";
54. $subject = "AECalendar Password Reset";
55. $message = "Hello, your password has been reset as requested. If you did not request your password to be reset, please contact us via the website. Your new password is shown below\n";
56. $message .= "Password: $password\n Please visit the website, and login to your account, with the new password, it can then be changed via the Account page.\n";
57.  
58. if ( mail ($email, $subject, $message, $headers) ){ mysql_close();
59. echo "Your password has been reset and an email was sent to you, with your new password.";
60.  
61. }
62. else
63. echo "An error has occured and your email was not sucessfully sent containing your new password.";
64.  
65. }
66. else
67. echo "An error has occured and the password was not successfully reset.";
68. }
69. else
70. echo "You have entered an incorrect email address.";
71.  
72. }
73.  
74. }
75. else
76. echo "The username you have entered, was not found.";
77.  
78. }
79. else
80. echo"Please enter a valid email address.";
81.  
82. }
83. else
84. echo "Please enter your email address.";
85.  
86.  
87. }
88.  
89.  
90. echo "<br><h2 align='center'>Reset Your Account Password</h2><form action='./forgotpass.php' method='post'>
91. <body id='confirm-page'>
92. <table align='center'>
93. <tr>
94. <td>Username:</td>
95. <td><input type='text' name='username' /></td>
96. </tr>
97. <tr>
98. <td>Email:</td>
99. <td><input type='text' name='email' /></td>
100. </tr>
101. <tr>
102. <td>Security Question:</td>
103. <td><select name='secQ'><option value='0'>What is your mother's maiden name?</option><option value='1'>What city were you born in?</option><<option value='3'>What year did you graduate from High School?</option><option value='4'>What was the name of your first boyfriend/girlfriend?</option><option value='5'>What is your favorite model of car?</option><option value='Choose' selected>Please select..</option></select></td>
104. </tr>
105. <tr>
106. <td>Security Question Answer:</td>
107. <td><input type='text' name='secA' /></td>
108. </tr>
109. <tr>
110. <td><input type='submit' name='resetbtn' value='Reset Password' /></td>
111. </tr>
112. </table>
113. </form></body>";
114.  
115.  
116. ?>