include "connect.php";
include"layout.php";
echo"".$part1b;
?>
if(isset($_GET['ok'])){
$uname = $_POST['username'];
$result1 = mysql_query("SELECT * FROM tbuser WHERE username = '$uname'");
if(mysql_num_rows($result1) == 1){
$chars = "abcdefghijkmnopqrstuvwxyz023456789";
srand((double)microtime()*1000000);
$pass = "";
for($i=1; $i<=7; $i++){
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$pass = $pass.$tmp;
}
$dbpass = md5($pass);
mysql_query("UPDATE tbuser SET password = '$dbpass' WHERE username = '$uname'");
$requri = $_SERVER['REQUEST_URI'];
$nrequri = substr_count($requri,"/");
$arruri = explode("/",$requri);
$arequri = "";
for($j = 0; $j<$nrequri; $j++){
$arequri .= $arruri[$j]."/";
}
$loc = 'http://';
$loc .= $_SERVER["SERVER_NAME"].$arequri;
$result2 = mysql_query("SELECT mail FROM tbuser WHERE username = '$uname'");
list($to) = mysql_fetch_row($result2);
$subject = "Your new password for Jimbow's Forum";
$message = "Dear ".$uname.",
By filling in a lost password form, you asked for a new password.
We changed your password in the following code:
Password: ".$pass."
You can log in using your new user details at: ".$loc."
We hope to see you soon on the forum!
With kind regards,
Jimi (your forum admin)";
mail($to,$subject,$message);
echo"We’ve sent you an email with your new password.";
}
else{
echo"The entered username doesn't exist!";
}
}
else{
?>
Please enter your username. |
|
}
echo"".$part2;
?>