12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- <?php
-
- session_start();
- require_once('config.php');
- $page_name='Password forgotten';
- include_once('top.php');
-
- //récupération du formulaire
- $email=formulaires($_POST['email']);
- $username=formulaires($_POST['username']);
- if(!$email)
- {
- echo"Empty E-mail.<br /><a href='#' onClick='history.back()'>Back</a></center>";
- include_once('bottom.php');
- return FALSE;
- }
- if(!$username)
- {
- echo"Empty username.<br /><a href='#' onClick='history.back()'>Back</a></center>";
- include_once('bottom.php');
- return FALSE;
- }
-
- $reponse_username=$dbh->query("SELECT username FROM user WHERE username='$username'") or die ('error : '.mysql_error());
- $count_username=$reponse_username->rowCount();
- if($count_username == 0)
- {
- echo"Invalid username.<br /><a href='#' onClick='history.back()'>Back</a>";
- include_once('bottom.php');
- return FALSE;
- }
-
- $reponse_email=$dbh->query("SELECT email FROM user WHERE email='$email'") or die ('error : '.mysql_error());
- $count_email=$reponse_email->rowCount();
- if($count_email == 0)
- {
- echo" Invalid E-mail.<br /><a href='#' onClick='history.back()'>Back</a>";
- include_once('bottom.php');
- return FALSE;
- }
-
- $existe=$dbh->query("SELECT email FROM user WHERE email='$email' AND username='$username'") or die ('error : '.mysql_error());
- $test=$existe->rowCount();
- if($test == 0)
- {
- echo"E-mail and Username don't match.<br /><a href='#' onClick='history.back()'>Back</a>";
- include_once('bottom.php');
- return FALSE;
- }
-
- for ($ligne=0;$ligne<10;$ligne++) //Création d'un mot de passe aléatoire
- {
- @$passwd.=substr('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN',(rand()%(strlen('0123456789AZERTYUIOPMLKJHGFDSQWXCVBN'))),1);
- }
-
- mail("$email", "".$website_name." - Forgotten password" , "Hello, this is your new password : ".$passwd."", "From: ".$blog_email."");
- $passwd=md5($passwd);
- $dbh->query("UPDATE user SET pass='$passwd' WHERE email='$email'") or die ('error : '.mysql_error());
- echo 'An E-mail has been sent to your mailbox with your new password';
- ?>
|