Jump to content

HELP! the php code for "lost password?" is not ok

MASTER^

By MASTER^
in Third Party Scripts

 Share

Recommended Posts

MASTER^ Newbie

MASTER^

Posted
Posted

when users register at our web they arrive mail.. but when they are trying to recover their password with the "lost password?" procedure, they are not arriving mail.. here is the code from "lostpassword.php"

 

<?php
/*
########################################################################
#                                                                        #
#           Version 4       /                        /   /               #
#          -----------__---/__---__------__----__---/---/-               #
#           | /| /  /___) /   ) (_ `   /   ) /___) /   /                 #
#          _|/_|/__(___ _(___/_(__)___/___/_(___ _/___/___               #
#                       Free Content / Management System                 #
#                                   /                                    #
#                                                                        #
#                                                                        #
#   Copyright 2005-2006 by webspell.org                                  #
#                                                                        #
#   visit webSPELL.org, webspell.info to get webSPELL for free           #
#   - Script runs under the GNU GENERAL PUBLIC LICENSE                   #
#   - It's NOT allowed to remove this copyright-tag                      #
#   -- http://www.fsf.org/licensing/licenses/gpl.html                    #
#                                                                        #
#   Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at),   #
#   Far Development by Development Team - webspell.org                   #
#                                                                        #
#   visit webspell.org                                                   #
#                                                                        #
########################################################################
*/

eval ("\$title_lostpassword = \"".gettemplate("title_lostpassword")."\";");
echo $title_lostpassword;

if($_POST['submit']) {
  $email = $_POST['email'];
  $ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE email = '$email' ");
$anz = mysql_num_rows($ergebnis);

if($anz) { 
    $chars=array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','1','2','3','4','5','6','7','8','9','0');
    $max=count($chars);
    $max--;
    for($n=1; $n<7; $n++) {
        $i = rand(0,$max);
	    $newpwd.=$chars[$i];
    }
    $newmd5pwd=md5($newpwd);

	$ds = mysql_fetch_array($ergebnis);
	safe_query("UPDATE ".PREFIX."user SET password='$newmd5pwd' WHERE userID='$ds[userID]' ");

    
      $ToEmail = $ds[email];
	$ToName = $ds[username];
	$header = "Your Account for ".PAGETITLE;
	$Message = 'Your Account for '.PAGETITLE.'

!! Attention !! your password has been changed

your username: '.$ds[username].'
your new password: '.$newpwd.'

have fun on our page
'.$hp_url;

	if(mail($ToEmail,$header, $Message, "From:".$admin_email."\r\nX-Mailer: PHP/" . phpversion()))	echo'Your account has been found<br><br>
	     You will get an e-mail to <b>'.$ds[email].'</b> with your account in seconds.<br><br>
		 &#8226; <a href="index.php?site=login">login</a>';

		else echo 'There was a problem while sending mail. Please contact the webmaster.';


}
else {
    echo'no user found!';
}

}
else {
    echo'<form method="post" action="index.php?site=lostpassword">
	 Your E-Mail: <input type="text" name="email" size="25" class="form_off" onFocus="this.className=\'form_on\'" onBlur="this.className=\'form_off\'"> <input type="submit" name="submit" value="get password">
	 </form>';
}


?>

 

 

here is also the code from the "register.php" which is working just fine:

<?php
/*
########################################################################
#                                                                        #
#           Version 4       /                        /   /               #
#          -----------__---/__---__------__----__---/---/-               #
#           | /| /  /___) /   ) (_ `   /   ) /___) /   /                 #
#          _|/_|/__(___ _(___/_(__)___/___/_(___ _/___/___               #
#                       Free Content / Management System                 #
#                                   /                                    #
#                                                                        #
#                                                                        #
#   Copyright 2005-2006 by webspell.org                                  #
#                                                                        #
#   visit webSPELL.org, webspell.info to get webSPELL for free           #
#   - Script runs under the GNU GENERAL PUBLIC LICENSE                   #
#   - It's NOT allowed to remove this copyright-tag                      #
#   -- http://www.fsf.org/licensing/licenses/gpl.html                    #
#                                                                        #
#   Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at),   #
#   Far Development by Development Team - webspell.org                   #
#                                                                        #
#   visit webspell.org                                                   #
#                                                                        #
########################################################################
*/

eval ("\$title_register = \"".gettemplate("title_register")."\";");
echo $title_register;

if($_POST['save']) {

  //register_globals = off

  $username = substr(trim(htmlspecialchars($_POST['username'])), 0, 30);
  $nickname = substr(trim(htmlspecialchars($_POST['nickname'])), 0, 30);
  $pwd1 = $_POST['pwd1'];
  $pwd2 = $_POST['pwd2'];
  $mail = $_POST['mail'];
$CAPCLASS = new Captcha;
if(!$CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) $error[]="The security code was wrong!";

  // prьfung username
$ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE username = '$username' ");
$num = mysql_num_rows($ergebnis);
if($num) $error[]="username already in use!";
  //prьfung nickname1
         $ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE nickname = '$nickname' ");
$num = mysql_num_rows($ergebnis);
if($num) $error[]="nickname already in use!";

  // prьfung mail
$ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE email = '$mail' ");
$num = mysql_num_rows($ergebnis);
if($num) $error[]="mailadress already in use!";

if(!(strlen(trim($username)))) $error[]="you have to enter a username!";
elseif( strlen(trim($username)) > 30 ) $error[]="your username is too long! (max 30 chars)";

// prьfung passwort
if($pwd1 == $pwd2) {
    if(!(strlen(trim($pwd1)))) $error[]="you have to enter a password!";
}
else $error[]="your repeated password is not valid!";

// prьfung e-mail
$sem = '^[a-z0-9_\.-]+@[a-z0-9_-]+\.[a-z0-9_\.-]+$';
if(!(eregi($sem, $mail))) $error[]="your e-mail is not valid!";

// prьfung nickname2
if(!(strlen(trim($nickname)))) $error[]="you have to enter your nickname!";

if(is_array($error)) {
	echo'<b>There has been errors!</b><br><br>';
	foreach($error as $err) {
		echo'<li>'.$err.'</li>';
	}
	echo'<br><br><input type="button" class="button" onClick="javascript:history.back()" value="Back">';
}
else {
	// insert in db
	$md5pwd = md5($pwd1);
	$registerdate=time();

  $activationkey = createkey(20);

	safe_query("INSERT INTO `".PREFIX."user` (`registerdate`, `lastlogin`, `username`, `password`, `nickname`, `email`, `newsletter`, `activated`) VALUES ('$registerdate', '$registerdate', '$username', '$md5pwd', '$nickname', '$mail', '1', '".$activationkey."')");

	$insertid = mysql_insert_id();

	// insert in user_groups
	safe_query("INSERT INTO ".PREFIX."user_groups ( userID ) values('$insertid' )");

	// mail an user
	$ToEmail = $mail;
	$ToName = $username;
	$header = "Account Information: ".PAGETITLE;
	$Message = 'Hello '.$username.'!

Your registration was successful.

Your Username: '.$username.'
Your Passwort: '.$pwd1.'

To complete your registration please click on the following link:
http://'.$hp_url.'/index.php?site=register&key='.$activationkey.'

Thank you for registration
'.PAGETITLE.' - '.$hp_url;

	if(mail($ToEmail,$header, $Message, "From:".$admin_email."\r\nX-Mailer: PHP/" . phpversion())) echo'Your registration has been successful, you will get an information-mail in seconds.<br>You have to activate your account still by activation link from E-Mail. After that you can log in.';
	else 'There was a problem while sending mail. Please contact the webmaster.';
}
}
elseif($_GET['key']) {

safe_query("UPDATE `".PREFIX."user` SET activated='1' WHERE activated='".$_GET['key']."'");
if(mysql_affected_rows()) redirect('index.php?site=login','Your account has been activated successfully.<br>You are now able to login.');
else redirect('index.php?site=login','Your activation key ist wrong!');

}
else {
$bg1=BG_1;
$bg2=BG_2;
$bg3=BG_3;
$bg4=BG_4;

$CAPCLASS = new Captcha;
$captcha = $CAPCLASS->create_captcha();
$hash = $CAPCLASS->get_hash();
$CAPCLASS->clear_oldcaptcha();

eval ("\$register = \"".gettemplate("register")."\";");
    echo $register;
}

?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.