Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting (E_ALL ^ E_NOTICE);
- session_start();
- $userid = $_SESSION['sID'];
- $username = $_SESSION['uoName'];
- ?>
- <?php
- if (!$username && !$userid){
- if ($_POST['resetbtn']){
- $user = $_POST['username'];
- $email = $_POST['email'];
- $secQ = $_POST['secQ'];
- $secA = $_POST['secA'];
- if ($username){
- if ($email){
- if ( (strlen($email) > 7) && (strstr($email, "@")) && (strstr($email, ".")) ){
- require("config1.php");
- if ($row['secQ'] != $secQ){
- echo "Security Question does not match account.";
- } else if ($row['secA'] != $secA){
- echo "Security Answer given was incorrect.";
- }
- $query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
- $numrows = mysql_num_rows($query);
- if ($numrows == 1){
- $row = mysql_fetch_assoc($query);
- $dbemail = $row['email'];
- } else if ($email == $dbemail){
- $password == rand();
- $password == md5($password);
- $password == substr($pass, 0, 15);
- mysql_query("UPDATE users SET password='$password' WHERE username='$username'");
- $query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
- $numrows = mysql_num_rows($query);
- if ($numrows == 1){
- $webmaster = "Dragon@AECalendar.net";
- $headers = "From: Dragon<$webmaster>";
- $subject = "AECalendar Password Reset";
- $message = "Hello, your password has been reset as requested. If you did not request your password to be reset, please contact us via the website. Your new password is shown below\n";
- $message .= "Password: $password\n Please visit the website, and login to your account, with the new password, it can then be changed via the Account page.\n";
- if ( mail ($email, $subject, $message, $headers) ){ mysql_close();
- echo "Your password has been reset and an email was sent to you, with your new password.";
- }
- else
- echo "An error has occured and your email was not sucessfully sent containing your new password.";
- }
- else
- echo "An error has occured and the password was not successfully reset.";
- }
- else
- echo "You have entered an incorrect email address.";
- }
- }
- else
- echo "The username you have entered, was not found.";
- }
- else
- echo"Please enter a valid email address.";
- }
- else
- echo "Please enter your email address.";
- }
- echo "<br><h2 align='center'>Reset Your Account Password</h2><form action='./forgotpass.php' method='post'>
- <body id='confirm-page'>
- <table align='center'>
- <tr>
- <td>Username:</td>
- <td><input type='text' name='username' /></td>
- </tr>
- <tr>
- <td>Email:</td>
- <td><input type='text' name='email' /></td>
- </tr>
- <tr>
- <td>Security Question:</td>
- <td><select name='secQ'><option value='0'>What is your mother's maiden name?</option><option value='1'>What city were you born in?</option><<option value='3'>What year did you graduate from High School?</option><option value='4'>What was the name of your first boyfriend/girlfriend?</option><option value='5'>What is your favorite model of car?</option><option value='Choose' selected>Please select..</option></select></td>
- </tr>
- <tr>
- <td>Security Question Answer:</td>
- <td><input type='text' name='secA' /></td>
- </tr>
- <tr>
- <td><input type='submit' name='resetbtn' value='Reset Password' /></td>
- </tr>
- </table>
- </form></body>";
- ?>
Add Comment
Please, Sign In to add comment