Grimloch Posted February 16, 2009 Share Posted February 16, 2009 How do I simply echo $new_pass to the screen? $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_password='".$_GET['account']."' AND user_email='".$email."'"); if (dbrows($result) != 0) { $data = dbarray($result); $chars = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789@"; $char_count = strlen($chars) - 1; $new_pass = ""; for ($i = 0; $i < 8; $i++) { $new_pass .= substr($chars, mt_rand(0, $char_count), 1); } I've tried everything I know. Quote Link to comment Share on other sites More sharing options...
dropfaith Posted February 16, 2009 Share Posted February 16, 2009 echo $new_pass; should be all it takes to echo it Quote Link to comment Share on other sites More sharing options...
Grimloch Posted February 16, 2009 Author Share Posted February 16, 2009 echo $new_pass; should be all it takes to echo it Well, no matter where I put that code it prints nothing to the screen. Quote Link to comment Share on other sites More sharing options...
trq Posted February 16, 2009 Share Posted February 16, 2009 Why don't you post the code that isn't working (ie, with your echo in it)? Quote Link to comment Share on other sites More sharing options...
Grimloch Posted February 16, 2009 Author Share Posted February 16, 2009 Why don't you post the code that isn't working (ie, with your echo in it)? My thoughts exactly... this is the current output to the screen: Hello [uSER_NAME], your new password to access your Whisperwillow account is: [NEW_PASS] Here is the entire script: opentable($locale['PWG_001']); if (isset($_GET['email']) && isset($_GET['account'])) { $error = 0; if (FUSION_QUERY != "email=".$_GET['email']."&account=".$_GET['account']) { redirect("index.php"); } $email = stripinput(trim(eregi_replace(" +", "", $_GET['email']))); if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $error = 1; } if (!preg_match("/^[0-9a-z]{32}$/", $_GET['account'])) { $error = 1; } if ($error == 0) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_password='".$_GET['account']."' AND user_email='".$email."'"); if (dbrows($result) != 0) { $data = dbarray($result); $chars = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789@"; $char_count = strlen($chars) - 1; $new_pass = ""; for ($i = 0; $i < 8; $i++) { $new_pass .= substr($chars, mt_rand(0, $char_count), 1); } $newstuff = str_replace("[NEW_PASS]", $new_pass, $locale['PWG_011']); $newstuff = str_replace("[uSER_NAME]", $data['user_name'], $locale['PWG_011']); // $result = dbquery("UPDATE ".DB_USERS." SET user_password='".md5(md5($new_pass))."' WHERE user_id='".$data['user_id']."'"); echo "<div style='text-align:center'><br />\n".$locale['PWG_002']."<br /><br />\n<a href='index.php'>".$locale['PWG_003']."</a><br /><br />\n</div>\n"; } else { $error = 1; } if ($error == 1) redirect("index.php"); } }elseif (isset($_POST['new_password'])) { echo $locale['PWG_011']."<br />\n<a href='index.php'>".$locale['PWG_003']."</a><br />"; } else { echo "<div style='text-align:center'>\n<form name='passwordform' method='post' action='".FUSION_SELF."'>\n"; echo $locale['PWG_007']."<br /></div>\n"; echo "<div style='text-align:left'>".$locale['PWG_010']."<input type='text' name='email' class='textbox' maxlength='100' style='width:300px;' /><br /><br /></div>\n"; echo "<div style='text-align:center'><input type='submit' name='new_password' value='".$locale['PWG_009']."' class='button' />\n"; echo "</form>\n</div>\n"; } closetable(); require_once THEMES."templates/footer.php"; ?> And this is the $locale file: <?php // Note, replace xxx with at least 3 letters relevant to your infusion // Infusion titles & description $locale['PWG_title'] = " New Password Generator"; $locale['PWG_desc'] = "Forgotten password generator solution"; $locale['PWG_link1'] = "New Pass"; $locale['PWG_001'] = "New Password Re-generator"; $locale['PWG_002'] = "Your new password is: \n"; $locale['PWG_003'] = "Return to Main Site"; $locale['PWG_004'] = "The email address you specified could not be found."; $locale['PWG_005'] = "The email address you specified is invalid."; $locale['PWG_006'] = "Please try again."; $locale['PWG_007'] = "Please enter the email address your account is registered with below.<br />"; $locale['PWG_008'] = "[uSER_QUEST]"; $locale['PWG_009'] = "Submit Email Address"; $locale['PWG_010'] = "Email Address: "; $locale['PWG_011'] = "Hello [uSER_NAME],\n your new password to access your ".$settings['sitename']." account is:\n [NEW_PASS]\n"; ?> These are my first steps in creating a new password retrieval/generator system for my site. All help is appreciated... Quote Link to comment Share on other sites More sharing options...
Grimloch Posted February 17, 2009 Author Share Posted February 17, 2009 OK... obviously editing posts has been disabled on this forum system, so PLEASE! disregard everything that preceeds this post; I need to start over. First of all I am working with PHP-Fusion v7.5 CMS system, specifically the 'lostpassword.php' script. The way it works now (and always has), is the user is prompted for his/her email address. If the script finds a match a new password is generated/written to the database and an email is sent to the user with a confirmation link to click. In my experience with PHP-Fusion this method is erratic and unreliable as some users never get the confirmation email and if they do and click on it then they never get the email with the new password. I have a request from many users to create a new infusion(mod) which will eliminate this headache based on user account password question and answer as well as email address; the back-end is in place already and functional whereby I created 2 new userfields which add 'user_quest' and 'user-anser' fields to the 'users' table in the database. If you would like to checkout this part of it please go to my site and register www.whisperwillow.com ... The following code is the original 'lostpassword.php'... <?php /*-------------------------------------------------------+ | PHP-Fusion Content Management System | Copyright (C) 2002 - 2008 Nick Jones | http://www.php-fusion.co.uk/ +--------------------------------------------------------+ | Filename: lostpassword.php | Author: Nick Jones (Digitanium) +--------------------------------------------------------+ | This program is released as free software under the | Affero GPL license. You can redistribute it and/or | modify it under the terms of this license which you | can read by viewing the included agpl.txt or online | at www.gnu.org/licenses/agpl.html. Removal of this | copyright header is strictly prohibited without | written permission from the original author(s). +--------------------------------------------------------*/ require_once "maincore.php"; require_once THEMES."templates/header.php"; require_once INCLUDES."sendmail_include.php"; include LOCALE.LOCALESET."lostpassword.php"; if (iMEMBER) redirect("index.php"); add_to_title($locale['global_200'].$locale['400']); opentable($locale['400']); if (isset($_GET['email']) && isset($_GET['account'])) { $error = 0; if (FUSION_QUERY != "email=".$_GET['email']."&account=".$_GET['account']) { redirect("index.php"); } $email = stripinput(trim(eregi_replace(" +", "", $_GET['email']))); if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $error = 1; } if (!preg_match("/^[0-9a-z]{32}$/", $_GET['account'])) { $error = 1; } if ($error == 0) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_password='".$_GET['account']."' AND user_email='".$email."'"); if (dbrows($result) != 0) { $data = dbarray($result); $chars = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789@"; $char_count = strlen($chars) - 1; $new_pass = ""; for ($i = 0; $i < 8; $i++) { $new_pass .= substr($chars, mt_rand(0, $char_count), 1); } $mailbody = str_replace("[NEW_PASS]", $new_pass, $locale['411']); $mailbody = str_replace("[uSER_NAME]", $data['user_name'], $mailbody); sendemail($data['user_name'], $email,$settings['siteusername'], $settings['siteemail'], $locale['409'].$settings['sitename'], $mailbody); $result = dbquery("UPDATE ".DB_USERS." SET user_password='".md5(md5($new_pass))."' WHERE user_id='".$data['user_id']."'"); echo "<div style='text-align:center'><br />\n".$locale['402']."<br /><br />\n<a href='index.php'>".$locale['403']."</a><br /><br />\n</div>\n"; } else { $error = 1; } } if ($error == 1) redirect("index.php"); } elseif (isset($_POST['send_password'])) { $email = stripinput(trim(eregi_replace(" +", "", $_POST['email']))); if (preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_email='$email'"); if (dbrows($result)) { $data = dbarray($result); $new_pass_link = $settings['siteurl']."lostpassword.php?email=".$data['user_email']."&account=".$data['user_password']; $mailbody = str_replace("[NEW_PASS_LINK]", $new_pass_link, $locale['410']); $mailbody = str_replace("[uSER_NAME]", $data['user_name'], $mailbody); sendemail($data['user_name'], $email,$settings['siteusername'], $settings['siteemail'], $locale['409'].$settings['sitename'], $mailbody); echo "<div style='text-align:center'><br />\n".$locale['401']."<br /><br />\n<a href='index.php'>".$locale['403']."</a><br /><br />\n</div>\n"; } else { echo "<div style='text-align:center'><br />\n".$locale['404']."<br /><br />\n<a href='".FUSION_SELF."'>".$locale['406']."</a><br /><br />\n</div>\n"; } } else { echo "<div style='text-align:center'><br />\n".$locale['405']."<br /><br />\n<a href='".FUSION_SELF."'>".$locale['403']."</a><br /><br /></div>\n"; } } else { echo "<div style='text-align:center'>\n<form name='passwordform' method='post' action='".FUSION_SELF."'>\n"; echo $locale['407']."<br /><br />\n"; echo "<input type='text' name='email' class='textbox' maxlength='100' style='width:200px;' /><br /><br />\n"; echo "<input type='submit' name='send_password' value='".$locale['408']."' class='button' />\n"; echo "</form>\n</div>\n"; } closetable(); require_once THEMES."templates/footer.php"; ?> ...and this is the $locale file for it: <?php $locale['400'] = "Lost Password"; $locale['401'] = "A confirmation email has been sent to your email address."; $locale['402'] = "Your new password has been sent to your email address."; $locale['403'] = "Return to Main Site"; $locale['404'] = "The email address you specified could not be found."; $locale['405'] = "The email address you specified is invalid."; $locale['406'] = "Please try again."; $locale['407'] = "Please enter the email address your account is registered with below.<br /> A new password will be created and sent to this address."; $locale['408'] = "Send Password"; $locale['409'] = "New password for "; $locale['410'] = "Hello [uSER_NAME],\n You have or someone has requested a new password to access your ".$settings['sitename']." account.\n To change your password please click the following link:\n [NEW_PASS_LINK]\n Regards, ".$settings['siteusername']; $locale['411'] = "Hello [uSER_NAME],\n Your new password to access your ".$settings['sitename']." account is:\n [NEW_PASS]\n Regards, ".$settings['siteusername']; ?> OK... re-using a lot of the code from lostpassword.php (because I can't write php code from scratch) myself though I'm learning; this is the new code I'm trying to implement w/$locale file: <?php /*-------------------------------------------------------+ | PHP-Fusion Content Management System | Copyright © 2002 - 2008 Nick Jones | http://www.php-fusion.co.uk/ +--------------------------------------------------------+ | Filename: new_password.php | Author: Terry Broullette (Grimloch) +--------------------------------------------------------+ | This program is released as free software under the | Affero GPL license. You can redistribute it and/or | modify it under the terms of this license which you | can read by viewing the included agpl.txt or online | at www.gnu.org/licenses/agpl.html. Removal of this | copyright header is strictly prohibited without | written permission from the original author(s). +--------------------------------------------------------*/ require_once "../../maincore.php"; require_once THEMES."templates/header.php"; // Check if locale file is available matching the current site locale setting. if (file_exists(INFUSIONS."new_password/locale/".$settings['locale'].".php")) { // Load the locale file matching the current site locale setting. include INFUSIONS."new_password/locale/".$settings['locale'].".php"; } else { // Load the infusion's default locale file. include INFUSIONS."new_password/locale/English.php"; } if (iMEMBER) redirect("index.php"); opentable($locale['PWG_001']); if (isset($_GET['email']) && isset($_GET['account'])) { $error = 0; if (FUSION_QUERY != "email=".$_GET['email']."&account=".$_GET['account']) { redirect("../../index.php"); } $email = stripinput(trim(eregi_replace(" +", "", $_GET['email']))); if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $error = 1; } if (!preg_match("/^[0-9a-z]{32}$/", $_GET['account'])) { $error = 1; } if ($error == 0) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_password='".$_GET['account']."' AND user_email='".$email."'"); if (dbrows($result) != 0) { $data = dbarray($result); $chars = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789@"; $char_count = strlen($chars) - 1; $new_pass = ""; for ($i = 0; $i < 8; $i++) { $new_pass .= substr($chars, mt_rand(0, $char_count), 1); } $str = str_replace("NEW_PASS", $new_pass, $locale['PWG_011']); $str = str_replace("USER_NAME", $data['user_name'], $locale['PWG_011']); // $result = dbquery("UPDATE ".DB_USERS." SET user_password='".md5(md5($new_pass))."' WHERE user_id='".$data['user_id']."'"); echo "<div style='text-align:center'><br />\n".$locale['PWG_002']."<br /><br />\n"; } else { $error = 1; } } if ($error == 1) redirect("../../index.php"); }elseif (isset($_POST['new_password'])) { $email = stripinput(trim(eregi_replace(" +", "", $_POST['email']))); $user_quest = isset($_POST['user_quest']); if (preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_email='$email' AND user_quest='$user_quest'"); if (dbrows($result)) { $data = dbarray($result); $mail = ".$data['user_email']."; $quest = ".$data['user_quest']."; if (!$data['user_quest']) { redirect("../../lostpassword.php"); echo $locale['PWG_011']."<br />\n<a href='../../index.php'>".$locale['PWG_003']."</a><br />"; } else { echo "<div style='text-align:center'>\n<form name='passwordform' method='post' action='".FUSION_SELF."'>\n"; echo $locale['PWG_007']."<br /></div>\n"; echo "<div style='text-align:left'>".$locale['PWG_010']."<input type='text' name='email' class='textbox' maxlength='100' style='width:300px;' /><br /><br /></div>\n"; echo "<input type='hidden' name='user_quest' value='".$user_data['user_quest']."' />\n"; echo "<div style='text-align:center'><input type='submit' name='new_password' value='".$locale['PWG_009']."' class='button' />\n"; echo "</form>\n</div>\n"; } closetable(); require_once THEMES."templates/footer.php"; ?> ...and the $locale file... <?php // Note, replace xxx with at least 3 letters relevant to your infusion // Infusion titles & description $locale['PWG_title'] = " New Password Generator"; $locale['PWG_desc'] = "Forgotten password generator solution"; $locale['PWG_link1'] = "New Pass"; $locale['PWG_001'] = "New Password Re-generator"; $locale['PWG_002'] = "Your new password has been generated."; $locale['PWG_003'] = "Return to Main Site"; $locale['PWG_004'] = "The email address you specified could not be found."; $locale['PWG_005'] = "The email address you specified is invalid."; $locale['PWG_006'] = "Please try again."; $locale['PWG_007'] = "Please enter the email address your account is registered with below.<br />"; $locale['PWG_008'] = "[uSER_QUEST]"; $locale['PWG_009'] = "Submit Email Address"; $locale['PWG_010'] = "Email Address: "; $locale['PWG_011'] = "Hello USER_NAME,\n your temporary password to access your ".$settings['sitename']." account is:\n NEW_PASS\n"; ?> I know this is a long post and I apologize; but please if anyone has some time I sure would appreciate some help. Quote Link to comment Share on other sites More sharing options...
Grimloch Posted February 17, 2009 Author Share Posted February 17, 2009 This is the output I am looking for that the user needs to see: 3 iterations of the script. The first asks for email address. The second displays the users selected password question and prompts for the users answer. The third and final output shows the user the temporary password and gives instructions for the user to login, go to Edit Profile and set a new password for him/herself. I tried this forums table code but I can't input the form information nor the formatting required so here are the 3 html forms that show what the output should look like. First Screen: <html><body> <table align='center' width='600' border='1'><tr><td> <table width='100%' cellspacing='0' cellpadding='10' border='0'><tr> <td align='center'>Please enter the email address your account is registered with below.<br /><br /></td> </tr> <tr> <td><form name='passwordform' method='post' action=''> Email Address: <input type='text' name='email' class='textbox' maxlength='100' style='width:300px'><br /><br /><br /></td> </tr> <tr> <td align='center'><input type='submit' name='new_password' value='Submit Email Address'> </form> </td> </tr> </table></td></tr> </table> </body></html> Second Screen: <html><body> <table align='center' width='600' border='1'><tr><td> <table width='100%' cellspacing='0' cellpadding='10' border='0'><tr> <td align='center'>Hello [user_name]. Please submit the answer to your selected question.<br /><br /></td> </tr> <tr> <td>Your Selected Question: What is your favorite snack?</td> </tr> <tr> <td><form name='passquest' method='post' action=''> Your Answer Is: <input type='text' name='anser' class='textbox' maxlength='100' style='width:300px'><br /><br /><br /></td> </tr> <tr> <td align='center'><input type='submit' name='new_password' value='Submit Your Answer'> </form> </td> </tr> </table></td></tr> </table> </body></html> Final Screen: <html><body> <table align='center' width='600' border='1'><tr><td> <table width='100%' cellspacing='0' cellpadding='10' border='0'><tr> <td align='center'>Hello [user_name]. Here are your temporary credentials.<br /><br /></td> </tr> <tr> <td>Your Temporary Password: [$new_pass]</td> </tr> <tr> <td>Please Login in to your accout with your temporary pasword.<br />Then go to 'Edit Profile' where you need to set a new password.<br /><br /></td> </tr> <tr> <td align='center'><a href='../../index.php'>Return To Main Page</a></td> </tr> </table></td></tr> </table> </body></html> Thanks for your patience. Quote Link to comment Share on other sites More sharing options...
Grimloch Posted February 18, 2009 Author Share Posted February 18, 2009 I AM trying to make this work myself but I keep running into snags. This is my script now with a screenshot of the final output. How can I reconcile the 2 $_POST inputs? One works the other never gets executed. <?php /*-------------------------------------------------------+ | PHP-Fusion Content Management System | Copyright © 2002 - 2008 Nick Jones | http://www.php-fusion.co.uk/ +--------------------------------------------------------+ | Filename: new_password.php | Author: Terry Broullette (Grimloch) +--------------------------------------------------------+ | This program is released as free software under the | Affero GPL license. You can redistribute it and/or | modify it under the terms of this license which you | can read by viewing the included agpl.txt or online | at www.gnu.org/licenses/agpl.html. Removal of this | copyright header is strictly prohibited without | written permission from the original author(s). +--------------------------------------------------------*/ require_once "../../maincore.php"; require_once THEMES."templates/header.php"; // Check if locale file is available matching the current site locale setting. if (file_exists(INFUSIONS."new_password/locale/".$settings['locale'].".php")) { // Load the locale file matching the current site locale setting. include INFUSIONS."new_password/locale/".$settings['locale'].".php"; } else { // Load the infusion's default locale file. include INFUSIONS."new_password/locale/English.php"; } if (iMEMBER) redirect("../../index.php"); opentable($locale['PWG_001']); if (isset($_GET['email']) && isset($_GET['user_quest'])) { $error = 0; if (FUSION_QUERY != "email=".$_GET['email']."&user_quest=".$_GET['user_quest']) { redirect("../../index.php"); } $email = stripinput(trim(eregi_replace(" +", "", $_GET['email']))); if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $error = 1; } if ($error == 0) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_email='".$email."' AND user_quest='".$user_quest."'"); if (dbrows($result) != 0) { $data = dbarray($result); } else { $error = 1; } } if ($error == 1) redirect("../../index.php"); }elseif (isset($_POST['new_password'])) { $email = stripinput(trim(eregi_replace(" +", "", $_POST['email']))); if (preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $result = dbquery("SELECT * FROM ".DB_USERS); if (dbrows($result) != 0) { $data = dbarray($result); $name = $data['user_name']; $email = $data['user_email']; $quest = $data['user_quest']; if (!$data['user_quest']) { redirect("../../lostpassword.php"); } echo "<div align='left'>".$locale['PWG_002']."".$name."".$locale['PWG_012']."<br />\n"; echo $locale['PWG_003']."".$email."<br />".$locale['PWG_004']."".$quest."</div><br /><br />\n"; echo $locale['PWG_013']."<br />\n"; } } if ($error == 1) redirect("../../index.php"); }elseif (isset($_POST['user_anser'])) { $result = dbquery("SELECT * FROM ".DB_USERS); if (dbrows($result) != 0) { $data = dbarray($result); $anser = $data['user_anser']; echo $locale['PWG_014']."".$anser."<br />\n"; } else { echo "<div style='text-align:center'>\n<form name='anserform' method='post' action='".FUSION_SELF."'></div>\n"; echo "<div style='text-align:left'>".$locale['PWG_015']."<input type='text' name='anser' class='textbox' maxlength='100' style='width:300px;' /><br /><br /></div>\n"; echo "<div style='text-align:center'><input type='submit' name='user_anser' value='".$locale['PWG_016']."' class='button' />\n"; echo "</form>\n</div>\n"; } } else { echo "<div style='text-align:center'>\n<form name='passwordform' method='post' action='".FUSION_SELF."'>\n"; echo $locale['PWG_007']."<br /><br /></div>\n"; echo "<div style='text-align:left'>".$locale['PWG_010']."<input type='text' name='email' class='textbox' maxlength='100' style='width:300px;' /><br /><br /></div>\n"; echo "<input type='hidden' name='user_quest' value='".$userdata['user_quest']."' />\n"; echo "<div style='text-align:center'><input type='submit' name='new_password' value='".$locale['PWG_009']."' class='button' />\n"; echo "</form>\n</div>\n"; } closetable(); require_once THEMES."templates/footer.php"; ?> [attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
Grimloch Posted February 19, 2009 Author Share Posted February 19, 2009 I don't understand; is no one willing to try and help me? Quote Link to comment Share on other sites More sharing options...
Cal Posted February 19, 2009 Share Posted February 19, 2009 please explain the actual problem you have, i'm not following. Quote Link to comment Share on other sites More sharing options...
sasa Posted February 19, 2009 Share Posted February 19, 2009 change $newstuff = str_replace("[NEW_PASS]", $new_pass, $locale['PWG_011']); $newstuff = str_replace("[uSER_NAME]", $data['user_name'], $locale['PWG_011']); to $locale['PWG_011'] = str_replace("[NEW_PASS]", $new_pass, $locale['PWG_011']); $locale['PWG_011'] = str_replace("[uSER_NAME]", $data['user_name'], $locale['PWG_011']); ps i read just 1st guestion Quote Link to comment Share on other sites More sharing options...
Grimloch Posted February 20, 2009 Author Share Posted February 20, 2009 change $newstuff = str_replace("[NEW_PASS]", $new_pass, $locale['PWG_011']); $newstuff = str_replace("[uSER_NAME]", $data['user_name'], $locale['PWG_011']); to $locale['PWG_011'] = str_replace("[NEW_PASS]", $new_pass, $locale['PWG_011']); $locale['PWG_011'] = str_replace("[uSER_NAME]", $data['user_name'], $locale['PWG_011']); ps i read just 1st guestion Thanks for your response. I DID use your code and that works for that tiny problem. @Cal... OK; heres the problem. I am building a mod for PHP-Fusion CMS that will replace the existing 'lostpassword.php' script because depending on the users host/mail setup, it is unreliable and always has been. I am a new php programmer; I have reused some of the code from 'lostpassword.php' and created new code. The mod/script as it is now is ALMOST functioning perfectly. *you need to read this entire thread*; my mod is dependant on db fields added to the users table which are in place and functional. When the user enters his/her email address he is then prompted to enter his/her 'password retrieval answer'. At this point the script is supposed to write a temporary password to the users record and then display that to him/her with instructions to 'Login, go to Edit Profile' and change his/her password. When the user enters his/her 'password anser', the following/final output screen is blank (and it never executes the very first part of the script that updates the db.) Here is my script (final except for the 1 remaining problem) <?php /*-------------------------------------------------------+ | PHP-Fusion Content Management System | Copyright © 2002 - 2008 Nick Jones | http://www.php-fusion.co.uk/ +--------------------------------------------------------+ | Filename: new_password.php | Author: Terry Broullette (Grimloch) +--------------------------------------------------------+ | This program is released as free software under the | Affero GPL license. You can redistribute it and/or | modify it under the terms of this license which you | can read by viewing the included agpl.txt or online | at www.gnu.org/licenses/agpl.html. Removal of this | copyright header is strictly prohibited without | written permission from the original author(s). +--------------------------------------------------------*/ require_once "../../maincore.php"; require_once THEMES."templates/header.php"; // Check if locale file is available matching the current site locale setting. if (file_exists(INFUSIONS."new_password/locale/".$settings['locale'].".php")) { // Load the locale file matching the current site locale setting. include INFUSIONS."new_password/locale/".$settings['locale'].".php"; } else { // Load the infusion's default locale file. include INFUSIONS."new_password/locale/English.php"; } if (iMEMBER) redirect("../../index.php"); opentable($locale['PWG_001']); if (isset($_GET['email']) && isset($_GET['account'])) { $error = 0; if (FUSION_QUERY != "email=".$_GET['email']."&account=".$_GET['account']) { redirect("../../index.php"); } $email = stripinput(trim(eregi_replace(" +", "", $_GET['email']))); if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $error = 1; } if (!preg_match("/^[0-9a-z]{32}$/", $_GET['account'])) { $error = 1; } if ($error == 0) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_password='".$_GET['account']."' AND user_email='".$email."'"); if (dbrows($result) != 0) { $data = dbarray($result); $chars = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789@"; $char_count = strlen($chars) - 1; $new_pass = ""; for ($i = 0; $i < 8; $i++) { $new_pass .= substr($chars, mt_rand(0, $char_count), 1); } $locale['PWG_018'] = str_replace("[NEW_PASS]", $new_pass, $locale['PWG_018']); $locale['PWG_018'] = str_replace("[uSER_NAME]", $data['user_name'], $locale['PWG_018']); $anser = $data['user_anser']; if ($data['user_anser']) { $result = dbquery("UPDATE ".DB_USERS." SET user_password='".md5(md5($new_pass))."' WHERE user_id='".$data['user_id']."'"); echo $locale['PWG_014']."".$anser."<br />".$locale['PWG_018']."<br /><br />\n<div style='text-align:center'><a href='../../index.php'>".$locale['PWG_011']."</a></div>\n"; } else { $error = 1; } } } if ($error == 1) redirect("../../index.php"); }elseif (isset($_POST['new_password'])) { $email = stripinput(trim(eregi_replace(" +", "", $_POST['email']))); if (preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_email='$email'"); if (dbrows($result) != 0) { $data = dbarray($result); $name = $data['user_name']; $email = $data['user_email']; $quest = $data['user_quest']; if (!$data['user_quest']) { redirect("../../lostpassword.php"); } echo "<div align='left'>".$locale['PWG_002']."".$name."".$locale['PWG_012']."<br />\n"; echo $locale['PWG_003']."".$email."<br />".$locale['PWG_004']."".$quest." ".$locale['PWG_013']."</div><br /><br />\n"; echo "<div style='text-align:center'><form name='anserform' method='post' action='".FUSION_SELF."'></div>\n"; echo "<div style='text-align:left'>".$locale['PWG_015']."<input type='text' name='anser' class='textbox' maxlength='100' style='width:300px;' /><br /><br /></div>\n"; echo "<div style='text-align:center'><input type='submit' name='user_anser' value='".$locale['PWG_016']."' class='button' />\n"; echo "</form></div>\n"; } else { $error = 1; } } if ($error == 1) redirect("../../index.php"); }elseif (isset($_POST['user_anser'])) { $email = stripinput(trim(eregi_replace(" +", "", $_POST['email']))); if (preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) { $result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_email='$email'"); if (dbrows($result) != 0) { $data = dbarray($result); $anser = $data['user_anser']; if (!$data['user_anser']) { redirect("../../lostpassword.php"); } echo $locale['PWG_014']."".$anser."<br />".$locale['PWG_018']."<br /><br />\n<div style='text-align:center'><a href='../../index.php'>".$locale['PWG_011']."</a></div>\n"; } else { $error = 1; } } if ($error == 1) redirect("../../index.php"); } else { echo "<div style='text-align:center'>\n<form name='passwordform' method='post' action='".FUSION_SELF."'>\n"; echo $locale['PWG_007']."<br /><br /></div>\n"; echo "<div style='text-align:left'>".$locale['PWG_010']."<input type='text' name='email' class='textbox' maxlength='100' style='width:300px;' /><br /><br /></div>\n"; echo "<div style='text-align:center'><input type='submit' name='new_password' value='".$locale['PWG_009']."' class='button' />\n"; echo "</form>\n</div>\n"; } closetable(); require_once THEMES."templates/footer.php"; ?> And here is the final $locale file: <?php // Infusion titles & description $locale['PWG_title'] = " New Password Generator"; $locale['PWG_desc'] = "Forgotten password generator"; $locale['PWG_001'] = "New Password Generator"; $locale['PWG_002'] = "Hello there "; $locale['PWG_003'] = "Your email address is: "; $locale['PWG_004'] = "Your password question is: "; $locale['PWG_005'] = "The email address you specified is invalid."; $locale['PWG_006'] = "Please try again."; $locale['PWG_007'] = "Please enter the email address your account is registered with below."; $locale['PWG_008'] = "Your password question is: "; $locale['PWG_009'] = "Submit Email Address"; $locale['PWG_010'] = "Email Address: "; $locale['PWG_011'] = "Return To Main Site"; $locale['PWG_012'] = "; it appears you have lost your password."; $locale['PWG_013'] = "Please type your answer below. "; $locale['PWG_014'] = "Your answer is: "; $locale['PWG_015'] = "Password answer: "; $locale['PWG_016'] = "Submit Password Answer"; $locale['PWG_018'] = "Hello [uSER_NAME],\n your temporary password to access your ".$settings['sitename']." account is:\n <b>[NEW_PASS]</b>.<br />Please login, go to Edit Profile and set a new password.\n"; ?> Also I found this in the PHP manual and wonder if it will help my problem? Multiple Form Handling In 1 Script <?php if (!empty($_POST)) { // Array of post values for each different form on your page. $postNameArr = array('F1_Submit', 'F2_Submit', 'F3_Submit'); // Find all of the post identifiers within $_POST $postIdentifierArr = array(); foreach ($postNameArr as $postName) { if (array_key_exists($postName, $_POST)) { $postIdentifierArr[] = $postName; } } // Only one form should be submitted at a time so we should have one // post identifier. The die statements here are pretty harsh you may consider // a warning rather than this. if (count($postIdentifierArr) != 1) { count($postIdentifierArr) < 1 or die("\$_POST contained more than one post identifier: " . implode(" ", $postIdentifierArr)); // We have not died yet so we must have less than one. die("\$_POST did not contain a known post identifier."); } switch ($postIdentifierArr[0]) { case 'F1_Submit': echo "Perform actual code for F1_Submit."; break; case 'Modify': echo "Perform actual code for F2_Submit."; break; case 'Delete': echo "Perform actual code for F3_Submit."; break; } } else // $_POST is empty. { echo "Perform code for page without POST data. "; } ?> I am SO CLOSE to having this totally complete and functional; please help if you can. Quote Link to comment Share on other sites More sharing options...
Grimloch Posted February 22, 2009 Author Share Posted February 22, 2009 Just wanted to say thanks to everyone here who tried to help me. My new infusion(mod) for PHP-Fusion ver7.05 is performing flawlessly and flying like a 'streamlined feathered computer' !!!!! Many many hours of hacking and reading the PHP manual finally resulted in total success. Thanks again. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.