Location: PHPKode > projects > NetLink > netlink_os/PassRec/step2.php
<?php
extract($_POST);
//$_POST=strtolower($_POST);
  $host='216.10.20.4';
	$account='kaiba_webmaster';
	$acc_pw='staples1279294';
	$table="kaiba_netlink";
	$dbh=mysql_connect ($host,$account,$acc_pw) or die (mysql_error());
	mysql_select_db ($table); 
	$sql="SELECT * FROM Accounts WHERE Username='$pass_user'";
	$rs=mysql_query($sql, $dbh);
	$row=mysql_fetch_array($rs);

  $user=strtolower($row['Username']);
  $f_name=strtolower($row['FirstName']);
  $l_name=strtolower($row['LastName']);
  $BDay=strtolower($row['BDay']);
  $password=strtolower($row['Password']);
  $email=$row['email'];
  
  $pass_user=strtolower($pass_user);
  $pass_f_name=strtolower($pass_f_name);
  $pass_l_name=strtolower($pass_l_name);
  $pass_bday=strtolower($pass_bday);
  
  
  ###################
/*  DEBUG INFORMATION
  echo "<table summary='login' border='1'>";
  echo "<tr><th>Post</th><th>Data</th></tr>";
  echo "<tr><td>$pass_user</td><td>$user</td></tr>";
  echo "<tr><td>$pass_f_name</td><td>$f_name</td></tr>";
  echo "<tr><td>$pass_l_name</td><td>$l_name</td></tr>";
  echo "<tr><td>$pass_bday</td><td>$BDay</td></tr></table>";
*/
  #################
  if (($pass_user=="")||($pass_f_name=="")||($pass_l_name=="")||($pass_bday==""))
  {
    echo "<span id='error'>";
    echo "Error!";
    echo "</span>";
    echo "<br/><br/>";
    echo "An error occured. One or more of the following fields was not completed.";
    echo "<br/><ul>";
    
    if ($pass_user=="")
      echo "<li>Username</li>";
    if ($pass_f_name=="")
      echo "<li>First Name</li>";
    if ($pass_l_name=="")
      echo "<li>Last Name</li>";
    if ($pass_bday=="")
      echo "<li>Birthdate</li>";
      
    echo "</ul><br/>Please go <a href='passrec.php'>Back</a> and fill in the approprate information.";
  }
  elseif (($pass_user==$user)&&($pass_f_name==$f_name)&&($pass_l_name==$l_name)&&($pass_bday==$BDay))
  {
    #Randomize Password
    $pw_sql="UPDATE `Accounts` SET `Password` = PASSWORD( '$password' ) WHERE `Username`='$pass_user'";
    $pw_rs=mysql_query($pw_sql, $dbh);
    #Get "current" information
    $sql="SELECT * FROM Accounts WHERE Username='$pass_user'";
    $rs=mysql_query($sql, $dbh);
    $row=mysql_fetch_array($rs);
    $new_pass=strtolower($row['Password']);   
    #Get New Password
    
    #Trim "New" Password down to 7 characters
    $new_pass=substr($new_pass, 0, 7);
    $trim_sql="UPDATE `Accounts` SET `Password`='".md5($new_pass)."' WHERE `Username`='$pass_user'";
    $trim_rs=mysql_query($trim_sql, $dbh);  
       
    //Send E-mail
	$to = "$email";
	$subj = "NetLink - New Password for $user's account";
	$mess = "THIS IS MESSAGE IS AUTOMATICALLY GENERATED - DO NOT REPLY\n\n===========================================\n\nYour password has been reset for account $user.\n\nYour new password is: $new_pass.\n\nYou can use this information to login to NetLink at http://netlink.kaibasoftware.com and login with your username and new password.\n\nKyle Perkins\nWebmaster of NetLink";
	$headers = "cc:hide@address.com\r\nbcc:hide@address.com";
	$mailsend = mail($to, $subj, $mess, $headers);
	
    echo "Your information is in our records. Your <b>new</b> password has been e-mailed to <b>$email</b>.";
    echo "<br/><br/>";
    echo "<a href='index.php' class='under'>Login to N<small>ET</small>L<small>INK</small></a>";
    
    echo "<meta http-equiv='refresh' content='3;URL=index.php'>";
  }
  else
  {
    echo "<span id='error'>";
    echo "Error!";
    echo "</span>";
    echo "<br/><br/>Your information is not in our records. Please go <a href='passrec.php'>Back</a> and verify your information.<br/><br/>";
    echo "If you think you have recieved this error by mistake, please e-mail ";
    echo "the <a href='mailto:hide@address.com&subject=\"Password Recovery Error\"'>WebMaster</a> of N<small>ET</small>L<small>INK</small>";
	}
	mysql_close($dbh);
?>
Return current item: NetLink