<?phpinclude('../include/db-connect.php');$value = $_POST['resetpw'];$va

1. <?php
2. include('../include/db-connect.php');
3. $value = $_POST['resetpw'];
4.  
5. $value = stripslashes($value);
6. $value = mysql_real_escape_string($value);
7.  
8. //User / Email check before anything else
9. $sql = "SELECT email,username FROM users WHERE username='$value' OR email='$value'";
10. $result=mysql_query($sql);
11. $count=mysql_num_rows($result);
12.  
13. if($count >= "1")
14. {
15.         while($row = mysql_fetch_array($result))
16.         {
17.                 $emailAddress = $row['email'];
18.                 $userName = $row['username'];
19.         }
20.         genPassword($userName,$emailAddress);
21.  
22.  
23.  
24.  
25. }else{ // Else no user / email found
26.         echo "FAIL! Value = $value, Count = $count\n";
27. }
28.  
29. function emailUser($userName,$emailAddress,$newPass)
30. {
31. //      echo "Emailing -> $emailAddress, User -> $userName Pass -> $newPass \n";
32.         require_once "Mail.php";
33.         $from = "iPhoneVideos <site@iphonevideos.ca>";
34.         $to = "$userName <$emailAddress>";
35.         $subject = "Password Reset For iPhoneVideos";
36.         $message = "Your password has been reset to $newPass\n Enjoy\n\n iPhone Video's";
37.         $host = "localhost";
38.         $smtpUsername = "site@iphonevideos.ca";
39.         $smtpPassword = "vagina";
40.         $headers = array ('From' => $from, 'To' => $to, 'Subject' => $subject);
41.                         $smtp = Mail::factory('smtp',
42.                         array ('host' => $host, 'auth' => true, 'username' => $smtpUsername, 'password' => $smtpPassword));
43.                         $mail = $smtp->send($to, $headers, $message);
44.  
45.         if(PEAR::isError($mail))
46.         {
47.                 echo ("<p>" . $mail->getMessage() . "</p>");
48.         }else{
49.                 echo ("<p>Message seccuessfully sent</p>");
50.         }
51.  
52. }
53. function genPassword($userName,$emailAddress) {
54.         $length = 8;
55.         $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLOMNPQRSTUVWXYZ';
56.         $newPass = '';
57.         for ($p = 0; $p < $length; $p++) {
58.                 $newPass .= $characters[mt_rand(0, strlen($characters))];
59.         }
60.         $updatePass = md5($newPass);
61.         mysql_query("UPDATE users SET password='$updatePass'");
62.         emailUser($userName,$emailAddress,$newPass);
63. }
64.  
65. ?>