<?
// DIREKTE WEITERLEITUNG
header("Location: ".$serverURL."showuser.php?puser=".$puser."&pass=".$pass);
?>
<HTML><HEAD><TITLE>Joels Bulletin Board v 0.6</TITLE>
<link rel=stylesheet type="text/css" href="default.css">
</HEAD>
<body>
<?php
include("mysqlvar.php");
$db=mysql_connect($dbserver,$dbuser,$dbpass);
if (strlen($signatur)>60)
{
$signatur = substr($signatur,0,59);
}
if ($db)
{
mysql_select_db($dbname,$db);
$query = "SELECT passwort, email FROM user WHERE pseudonym=\"".$puser."\"";
$res = mysql_query($query,$db);
$row = mysql_fetch_array($res,MYSQL_ASSOC);
if ($row["passwort"]==$pass)
{
mysql_query("UPDATE user SET username ='$un' WHERE pseudonym=\"".$puser."\"");
mysql_query("UPDATE user SET homepage ='$uh' WHERE pseudonym=\"".$puser."\"");
mysql_query("UPDATE user SET passwort ='$up' WHERE pseudonym=\"".$puser."\"");
mysql_query("UPDATE user SET icq ='$ui' WHERE pseudonym=\"".$puser."\"");
mysql_query("UPDATE user SET aim ='$ua' WHERE pseudonym=\"".$puser."\"");
mysql_query("UPDATE user SET signatur ='$signatur' WHERE pseudonym=\"".$puser."\"");
if ($row["email"] == $um)
{
mysql_query("UPDATE user SET email ='$um' WHERE pseudonym=\"".$puser."\"");
mysql_query("UPDATE user SET passwort ='$up' WHERE pseudonym=\"".$puser."\"");
}
else
{
$abc = "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,0,1,2,3,4,5,6,7,8,9";
$abcarray = explode(",",$abc);
mt_srand((double)microtime()*1000000);
$pass1 = "";
for ($i=1;$i<=6;$i++)
{
$zufall = mt_rand(0,35);
$pass1 .= $abcarray[$zufall];
}
mysql_query("UPDATE user SET email ='$um' WHERE pseudonym=\"".$puser."\"");
mysql_query("UPDATE user SET passwort ='$pass1' WHERE pseudonym=\"".$puser."\"");
$betreff="[ JBB ] +++ Neues Passwort +++";
$message=
"Wegen der eMail Adressänderung hat sich\n\n".
"automatisch ihr Passwort geändert, das neue lautet :\n\n".
"\t\t pass \t=\t $pass1\n";
mail($um, $betreff, $message, "From: JBB-Board hide@address.com");
}
}
}
?>
</body></html>