Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function genRandomString($length) {
- $characters = '0123456789abcdefghijklmnopqrstuvwxyz';
- $string = '';
- for ($p = 0; $p < $length; $p++) {
- $string .= $characters[mt_rand(0, strlen($characters))];
- }
- return $string;
- }
- include('db-connect.php');
- $to = $_POST['email'];
- $password = genRandomString(8);
- $salt = "blahblahblah";
- $hash = sha1($salt . $password) . sha1($password . $salt);
- # This commented out code is just for testing, IRC friends.
- # It also throws an exception at $STH->fetch();
- # $STH = $DBH->prepare("UPDATE members SET password=? WHERE email=?");
- # $STH->execute(array($hash, $to));
- # $STH->fetch();
- try {
- $STH = $DBH->prepare("UPDATE members SET password=? WHERE email=?");
- $STH->execute(array($hash, $to));
- } catch(PDOException $e) {
- $exit = "There was a database error. Try again or <a href='contact'>let us know</a>.";
- include('forgot.php');
- exit(1);
- }
- try {
- if (! $STH->fetch()) {
- $exit = "The e-mail address you submitted was not found in the database.";
- include('forgot.php');
- exit(1);
- }
- } catch(PDOException $e) {
- $exit = $e;
- include('forgot.php');
- exit(1);
- }
- $subject = 'ESL School Rater Login Info';
- $message = "Howdy!\r\rAs requested, here is your login information:\r\rusername: $username\rpassword: $password\r\rMosey on over to $_URL/login to login, and don't forget to change your password in your profile!\r\rHasta la vista!\r\rESL School Rater";
- $headers = "From:noreply@eslschoolrater.com\r\nReply-To:noreply@eslschoolrater.com\r\nX-Mailer:PHP/" . phpversion();
- if (mail($to, $subject, $message, $headers) == false) {
- $exit = 'The email couldn\'t be sent. Are you sure you entered a valid address?';
- include('forgot.php');
- exit(1);
- }
- $exit = 'Password successfully reset!';
- include('forgot.php');
- exit(0);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement