setColumns(array(50,50));
$page->addModule(forgotMod(), 0);
$page->addModule(new AdModule(), 1);
$page->display();
////
// Displays the form for getting your password reset, then any followup messages.
////
function forgotMod(){
ob_start();
if(getPost('formName') == "forgotPass"){
$emailAddr = getPost('emailAddr');
$db = dil_connect();
$queryString = "SELECT id, username FROM users WHERE emailAddr='$emailAddr'";
if($result = mysql_query($queryString,$db)){
if(mysql_num_rows($result)==0){
$tempStr = "'$emailAddr' was not found. Please remember that this must ";
$tempStr.= "be the same email address you used when you signed up.";
dispError($tempStr);
promptEmail();
} else {
$cnt = 0;
$id = mysql_result($result,$cnt,"id");
$username = mysql_result($result, $cnt, "username");
$visibleName = "";
if($visibleName == ""){
$visibleName = substr($emailAddr, 0, strpos($emailAddr, "@"));
}
// Create new random-temp password
//srand((double)microtime()*1000000); // actually decreases entropy when using mt_rand because it seeds itself automatically
$tempStr = md5(mt_rand(0,9999));
$newPass = substr($tempStr, 17, 8); //get 8 of the 32 hex chars from near the middle
$newPassHash = md5($newPass);
$queryString = "UPDATE users SET password='$newPassHash' WHERE id='$id'";
mysql_query($queryString, $db);
$link = $_SERVER['PHP_SELF'];
if(strrpos($link, "/")!=-1){
$link= substr($link, 0, (strrpos($link,"/")+1));
}
$link = "http://" . $_SERVER['SERVER_NAME'] . $link . "account.php?subPage=changePass";
$subject = "Password Reset";
$addr = "webmaster"; // from address
// Email new random temp-password - // STRINGTABLES
$message = "Dear $visibleName, \nYour password has been reset. Please use the username & password ";
$message.= "below to log in, then set a new password of your choice at the ";
$message.= "change password page.
\n";
$message.= "Username: $username \n";
$message.= "Password: $newPass \n";
$message.= " \n";
$message.= "Your Friends, \n";
$message.= " - the ".STR_PEDLR." team";
if(sendMail($message, $addr, $emailAddr, $subject)){
// STRINGTABLES
$tempStr = "An email has been sent to '$emailAddr'";
$tempStr.= " containing your username and \n";
$tempStr.= "new temporary password. When you recieve that email, you should \n";
$tempStr.= "change this temporary password \n";
$tempStr.= "to one of your choice.\n";
dispSuccess($tempStr);
} else {
// STRINGTABLES
$tempStr = "There was a problem sending the email with your temporary password. \n";
$tempStr.= "Please contact us at your earliest convenience and describe your problem.\n";
$tempStr.= "We appologize for any inconvenience. \n";
dispError($tempStr);
logEvent("Problem sending email from forgotPass.php. \nEMAIL ADDR: $emailAddr", 3);
promptEmail();
// DEBUG ONLY
/*print " \n";
print "From: $addr@pedlr.com \n";
print "Subj: $subject \n";
print "To: $emailAddr \n";
print "Message: \n";
print "$message \n";*/
}
}
} else {
logQueryError("Error looking up email in ".__FILE__, $queryString);
dispError("Unable to locate email record.");
}
} else {
// Might want to put this back up if the provided instructions in the form are found to be insufficient by users
/*print "This page will reset your password and send out an email with your \n";
print "username and a temporary password to the email address you used when \n";
print "you registered with this site. Once you recieve the email, just visit the \n";
print "change password page.
\n";*/
promptEmail();
}
$content = ob_get_clean();
$retVal = new TextModule($content, 'text', "Reset your password");
$retVal->setImage("reset_22.png");
return $retVal;
} // end forgotMod()
////
// Displays a form to prompt the user for the email address they signed up with.
////
function promptEmail(){
// STRINGTABLES
?>