-
Notifications
You must be signed in to change notification settings - Fork 2
/
forgot.php
59 lines (45 loc) · 1.39 KB
/
forgot.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<?php
/** include header **/
include("header.php");
/** set page name **/
$page = 'forgot';
/** reset error vars **/
$error = 0;
$error_message = '';
/** do login **/
if(isset($_POST['forgot']))
{
/** get username and password **/
$username = mysql_real_escape_string($_POST['username']);
/** check if all required fields are filled **/
if(empty($username))
{
$error = 1;
$error_message = 'Please fill in all the required fields.';
}else
/** check login details **/
$query = mysql_query("SELECT * FROM members WHERE username = '".$username."' LIMIT 1");
if(@mysql_num_rows($query) == 0)
{
$error = 1;
$error_message = 'Incorrect username.';
}else
/** no error? **/
if($error == 0)
{
/** get users info **/
$query = "SELECT * FROM members WHERE username = '".$username."' LIMIT 1";
$row = mysql_fetch_array(mysql_query($query));
$email = $row['email'];
srand ((double) microtime( )*1000000);
$random_number = rand( );
$query = "UPDATE members SET password='" .sha1($random_number). "' WHERE username='" .$username. "'";
mysql_query($query) or die(mysql_error());
send_welcome($email, $username, $random_number);
/** redirect **/
redirect($url->url_base . '/');
}
}
/** include footer **/
include("footer.php");
?>