resendpassword.php

   1 <?php
   2 require ('config.php');
   3 $page_name = 'Lost Password';
   4 require ('top.inc.php');
   5 require ('encryption.inc.php');
   6
   7 echo '<div class="alert">';
   8
   9 if (mysql_num_rows (mysql_query ('SELECT `id` FROM `iplog` WHERE `actiontype` = 4 AND `remoteip` = \''.$_SERVER['REMOTE_ADDR'].'\' AND `logsec` > '.(time()-86400))) > 2)
  10         echo 'To prevent email flooding you can only resend a password three times a day. Try again later.';
  11 elseif (isset ($_POST['submit']))
  12 {
  13         if (!isset ($_POST['uname']))
  14                 echo 'Enter your username.';
  15         elseif (empty ($_POST['email']))
  16                 echo 'Enter your email address.';
  17         elseif (!mysql_result (mysql_query ('SELECT COUNT(*) FROM `users` WHERE
  18 `username` = \''.mysql_real_escape_string ($_POST['uname']).'\' AND
  19 `email` = \''.mysql_real_escape_string ($_POST['email']).'\''), 0))
  20                 echo 'No user with that name and email address found.';
  21         else
  22         {
  23                 $pass = mysql_fetch_row (mysql_query ('SELECT `password`, `regip` FROM `users` WHERE
  24 `username` = \''.mysql_real_escape_string ($_POST['uname']).'\' AND
  25 `email` = \''.mysql_real_escape_string ($_POST['email']).'\' LIMIT 1'));
  26                 mysql_query ('INSERT INTO `iplog` (`logsec`, `actiontype`, `remoteip`) VALUES (\''.time().'\', 4, \''.$_SERVER['REMOTE_ADDR'].'\')');
  27                 $userid = mysql_insert_id($db);
  28                 $mail_body = 'Password for user at '.$cfg['bds']['name'].':
  29         '.decrypt ($pass[0], $pass[1]).'
  30 This request was made from the IP '.$_SERVER['REMOTE_ADDR'].' at '.date2(time());
  31                 if (mail ($_POST['email'], 'Lost Password', $mail_body))
  32                         echo 'E-mail sent. Return to the <a href="login.php">login page</a>.';
  33                 else
  34                         echo 'Can\'t send email. Go and harass one of the admins to change your pass or something.';
  35         }
  36 }
  37
  38 echo '</div>
  39
  40 <div class="c3">Resend Password</div>
  41
  42 <div class='.colour().'>
  43 <form method="post" action="'.urlpath(2).'">
  44 Enter your username and the email you entered in the "Private Email Address" field to have your password emailed to you.<br/>
  45 Username:<br/>
  46 <input type="text" name="uname" /><br/>
  47 Email:<br/>
  48 <input type="text" name="email" /><br/>
  49 <input type="submit" name="submit" value="Send"/>
  50 </form>
  51 </div>';
  52
  53 require ('foot.php');
  54 ?>