Jump to content

Setting new password

krymly

By krymly
in Third Party Scripts

Recommended Posts

krymly Newbie

krymly

Posted
Posted

Ok, basicly I am using a php site with scripts from a third party. There is one thing not working like its supposed to be.

This is the full script of the page where I think the mistake is:

<?php
/**
* Copyright (c) 2006, 2007
*
* Florian Schreier. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* 3. The names of its contributors may never be used to endorse or promote
* products derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @author tomilo <[email protected]>
* @author waRhawK <[email protected]>
* @package trooptool
* @subpackage rtwwmod
*/
require_once "config.php";

  if (isset($_POST['action']) AND ($_POST['action'] == text('pw_submit')) AND !empty($_POST['lostpw_name'])) {
  	//---neues Passwort erstellen!
  	$sql="SELECT
  	        name,
  	        email
  	      FROM
  	        ".PREFIX."spieler
  	      WHERE
  	        name = '".$_POST['lostpw_name']."'";
  	$result = mysql_query($sql) OR die(mysql_error());
  	$row = mysql_fetch_assoc($result);
  	if ($row['email'] == $_POST['lostpw_email']) { //wenn email gleich, generiere neues Passwort
  		//Zufallsgenerator für neues Passwort
  		$zeichen="abcdefghijlmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
  		$passwort="";
  		mt_srand((double)microtime()*1000000);
  		for ($i=0; $i<8; $i++) {
  			$passwort .= $zeichen{mt_rand(0,(mb_strlen($zeichen)-1))};
  		}

  		//speichert neues Passwort in die Datenbank
  		$sql="UPDATE
  		        ".PREFIX."spieler
  		      SET
  		        pass = '".md5($passwort)."'
  		      WHERE
  		        name = '".$_POST['lostpw_name']."'";
  		mysql_query($sql) OR die(mysql_error());

  		//versendet neues Passwort an den Spieler
  		$headers = "From:".$row['email']."\n";
	$headers .= 'X-Mailer: PHP/' . phpversion() . "\n";
	$headers .= 'X-Sender-IP: ' . $REMOTE_ADDR . "\n";
	$headers .= "Content-type: text\n";

	$subject="Truppentool: New Password";

	$message="Hello ".$_POST['lostpw_name']."\n
a new password has been generated for you:\n
".$passwort."\n
you can log in with this password.";

        mail($row['email'], $subject, $message, $headers);

        //erfolgreich
        $fehler = "The new pasword will be mailed to you in a short time.";
  	} else { //wenn emails nicht gleich, Fehlermeldung ausgeben
  		$fehler = "Your E-Mail did not match, please give the mail provided with the registration.";
  	}
  }

write_header(text('login_header'));
?>

<div class="oben"><?php include "oben.php"; ?></div>
<div class="menu"><?php include "menu2.php"; ?></div>
<div class="mitte2">

<?php
  if(isset($_GET['action']) AND $_GET['action']=="lostpw") {
?>
        <form action="index.php?action=lostpw" method="post" accept-charset="utf-8">
            <table class="itable" cellpadding="2" cellspacing="1" width="500">
                <tr>
                    <td colspan="4" class="header1"><?php echo text('pw_header')?></td>
                </tr>
                <tr>
                    <td colspan="4" class="header2"><?php echo text('pw_text')?></td>
                </tr>
                <tr>
                    <td class="zeile2"><nobr><label class="fieldLabel"><?php echo text('pw_name')?></label></nobr></td>
                    <td><input class="ibox f100" type="text" name="lostpw_name"></td>
                    <td class="zeile2"><nobr><label class="fieldLabel"><?php echo text('pw_email')?></label></nobr></td>
                    <td><input class="ibox f200" type="text" name="lostpw_email"></td>
                </tr>
                <tr>
                    <td colspan="4"><input class="submit" type="submit" name="action" value="<?php echo text('pw_submit')?>"></td>
                </tr>
            </table>
        </form>
<?php
  } else {
?>
        <form action="index.php" method="post" accept-charset="utf-8">
            <table class="itable" cellpadding="2" cellspacing="1">
                <tr>
                    <td colspan="2" class="header1"><?php echo text('login_header')?></td>
                </tr>
                <tr>
                    <td class="zeile2" width="100"><label class="fieldLabel"><?php echo text('login_name')?></label></td>
                    <td><input class="ibox f100" type="text" name="name"></td>
                </tr>
                <tr>
                    <td class="zeile2" width="100"><label class="fieldLabel"><?php echo text('login_pass')?></label></td>
                    <td><input class="ibox f100" type="password" name="pass"></td>
                </tr>
                <tr>
                    <td colspan="2"><input class="submit" type="submit" value="<?php echo text('login_submit')?>"></td>
                </tr>
            </table>
        </form>
<?php
  }
  if (isset($fehler)) {
?>
<div style="border:solid 1px #C0C0C0; width:400px; text-align:center;"><?php echo $fehler?></div>
<?php
  }
?>
</div>

</body>
</html>

The main problem is that it does not actualy mail a new password, an pre made example of the site I host my site to mail is:

<?
$from = “From: You <[email protected]>”;
$to = “[email protected]”;
$subject = “Hi! “;
$body = “TEST”;

if(mail($to,$subject,$body,$from))
echo “MAIL - OK”;
else
echo “MAIL FAILED”;
?>

 

However if the code for mailing a new password is so troublesome there would also be another possible sollution, and that is where the password is set to a non random one (but still one only I know and I can set it to whatever password i want it to be)

 

So to summorise my request:

either to help me find a code to get the automatic mailing system work with a mailaddress from the site or to give it the abilaty to set a standard password that only I know and I can change in the code if I feel like it.

 

I would be gratefull for any possible help.

 

Thanks in advance,

Krymly

Link to comment
https://forums.phpfreaks.com/topic/160060-setting-new-password/
Share on other sites
  • 2 weeks later...

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.