Location: PHPKode > projects > NewsP > admin/pass_lost.php
<?
$ip = getenv ("REMOTE_ADDR");
$jetzt = time();
$vorher = $jetzt-3600;
$www= $_SERVER['HTTP_HOST'];
$platz= $_SERVER['PHP_SELF'];
$ar_platz = explode('/',$platz);
$ar_dc1=count($ar_platz)-1;
$ar_dc2 = $ar_dc1-1;
unset ($ar_platz[$ar_dc1],$ar_platz[$ar_dc2]);
$teil_link = implode('/',$ar_platz);
$speicher = "../settings/m_settings.txt";
$zaehlfile = fopen("$speicher","r"); 
$inhalt_zaehlfile = fgets($zaehlfile);  
fclose($zaehlfile); 
$domains = unserialize($inhalt_zaehlfile);
$sprache="$domains[language]";
$sprachfile = "../settings/$sprache.txt";
$zaehlfile = fopen("$sprachfile","r"); 
$inhalt_zaehlfile = fgets($zaehlfile);  
fclose($zaehlfile); 
$lg = unserialize($inhalt_zaehlfile);
$k =htmlentities($_GET["k"]);
$k = md5($k);

$file_ext = '.txt'; 
$folder = openDir(tonne); // Öffnet das Archiv
while ($file = readDir($folder)) { // Verzeichnis lesen
if ($file != "." && $file != "..") { // '.' und '..' ausschließen
if($file != substr_count($file, $file_ext)) {
// Dateityp filtern. Es werden nur .txt-Dateien angezeigt
$name = explode(".",$file); // Extension ausfiltern
$ck_files[] = $file; // Array aus Dateinamen erzeugen
}
}
}
closeDir($folder);
$count_ar = 0;
if(!empty($ck_files[0])){
foreach ($ck_files as $ck) {
$kaehlfile = fopen("tonne/$ck","r"); 
	$inhalt_kaehlfile = fgets($kaehlfile);  
	fclose($kaehlfile); 
	$inhalt_akt = explode('|',$inhalt_kaehlfile);
if($vorher > $inhalt_akt[2])
{
unlink("tonne/$ck");
unset($ck_files[$count_ar]);
}
if($k == $inhalt_akt[0])
{
$frei ='frei';
$username = $inhalt_akt[1]; 
$d_ck = $ck;
}
else
{
if($vorher < $inhalt_akt[2] && $inhalt_akt[3] == $ip)
{$stop = 'halt';}
$count_ar++;
}}}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de" lang="de">
 <head>
  <title><? echo "$lg[pw01]";?></title>
 </head>
 <body>
<?
if ($stop == 'halt' && $frei !='frei')

{echo "<TABLE width=\"100%\" bgcolor=\"#cc0000\"><TR><TD><CENTER><IMG SRC=\"../templates/php_newsgerd2.gif\" BORDER=0><BR><FONT COLOR=\"#FFFFFF\">$lg[pw03]</FONT></CENTER> </TD></TR></TABLE>";}
else
{
?>
<CENTER>
<? 
if ($frei == 'frei')
{
##öööö####################################################################
$edited = $HTTP_POST_VARS["edited"];
	if (isset($edited))
	{
	$password_e = $HTTP_POST_VARS["passwort_e"];
	$password2_e = $HTTP_POST_VARS["passwort2_e"];
	$email_e = $HTTP_POST_VARS["email_e"];
		if (!empty($password_e))
		{
			if ($password_e == $password2_e){
			$new_pass = md5($password_e);
			}else{
			echo"<p style=\"background-color:#FFFF00\"><B>$lg[us014]</B></p>";
			}
		}

	}

### E D I T #################################################
if ((!empty($edited))){
 $userdatei = fopen ("user.txt","r");
   while (!feof($userdatei))
      {	$zeile = fgets($userdatei,500);
	$userdata = explode("|", $zeile);
	$uu_user=$userdata[0];
			if ($uu_user !== "$edited")
			{
			$user_stay[$uu_user][USER] = "$uu_user";
			$user_stay[$uu_user][PW] = "$userdata[1]";
			$user_stay[$uu_user][R1] = "$userdata[2]";
			$user_stay[$uu_user][R2] = "$userdata[3]";
			$user_stay[$uu_user][R3] = "$userdata[4]";
			$user_stay[$uu_user][R4] = "$userdata[5]";
			$user_stay[$uu_user][MAIL] = "$userdata[6]";
			}else{
			$user_stay[$uu_user][USER] = "$uu_user";
				if (!empty($new_pass))
					{
					$user_stay[$uu_user][PW] = "$new_pass";
					}else{
					$user_stay[$uu_user][PW] = "$userdata[1]";
					}
			$user_stay[$uu_user][R1] = "$userdata[2]";
			$user_stay[$uu_user][R2] = "$userdata[3]";
			$user_stay[$uu_user][R3] = "$userdata[4]";
			$user_stay[$uu_user][R4] = "$userdata[5]";
			$user_stay[$uu_user][MAIL] = "$email_e";
}
      }   
fclose($userdatei);
$userdatei = fopen ("user.txt","w");
			foreach ($user_stay as $person)
			{
if($person[PW] !==""){
			fwrite($userdatei, $person[USER]);
			fwrite($userdatei, "|");
			fwrite($userdatei, $person[PW]);
			fwrite($userdatei, "|");
			fwrite($userdatei, $person[R1]);
			fwrite($userdatei, "|");
			fwrite($userdatei, $person[R2]);
			fwrite($userdatei, "|");
			fwrite($userdatei, $person[R3]);
			fwrite($userdatei, "|");
			fwrite($userdatei, $person[R4]);
			fwrite($userdatei, "|");
			fwrite($userdatei, $person[MAIL]);
if($edited == $person[USER])
{fwrite($userdatei, "\n");}
			}}
			fclose($userdatei);
if(!empty($new_pass)){
unlink("tonne/$d_ck");
$done = $d_ck;
}

}
#########################################
if(empty($done)){
echo"<H2>$lg[nav11] $username</H2>"; 


   $userdatei = fopen ("user.txt","r");
#########################
   while (!feof($userdatei))
      {	$zeile = fgets($userdatei,500);
	$userdada = explode("|", $zeile);
	$uda_user=$userdada[0];
if ($uda_user == $username){
$mail = $userdada[6];
      }}   
fclose($userdatei);

############################
$fb=1;
echo"<TABLE cellspacing=\"0\" cellpadding=\"5\"><TR>";
echo"<TD class=td_lk$fb><B>$lg[us003]</B></TD>";
echo"<TD class=td_lk$fb><B>$lg[us011]</B></TD>";
echo"<TD class=td_lk$fb><B>$lg[us008]</B></TD>";
echo"<TD class=td_lk$fb><B>$lg[us005]</B></TD>";
echo"<TD class=td_lk$fb>$lg[us009]</TD></TR>";

$fb=2;

if($user_da[PW] !==""){
if ($fb > 2){$fb = 1;}
echo"<TR><TD class=td_lk$fb><B>$username</B>"; 
echo"</TD><TD class=td_lk$fb>";
?>
<form action="" method="post" name="form1">


<input type="text" size="20" maxlength="50" name="email_e" value="<? echo "$mail";?>">
</TD>
<? echo "<TD class=td_lk$fb>";?>
<input type="password" size="20" maxlength="50" name="passwort_e" value="">
</TD>
<? echo "<TD class=td_lk$fb>";?>
<input type="password" size="20" maxlength="50" name="passwort2_e" value="">
</TD>
<?
echo"<TD class=td_lk$fb><input type=\"hidden\" name=\"edited\" value=\"$username\"><input type=\"submit\" value=\"$lg[us010]\"></form></TD>";
echo"</TR>";
$fb++;
}
echo "</TABLE>";}else{echo'<meta http-equiv="refresh" content="1; url=index.php"> ';}
##öööö####################################################################
}else{
echo "<H2>$lg[pw01]</H2>";
?>
<TABLE width="300">
<TR><TD colspan="2"><? echo "$lg[pw02]<P>";?></TD><TR>
<TR>
	<TD> 
  <form action="" method="post">
<? echo "$lg[us003]";?></TD><TD><input type="text" name="username" /><br /></TD></TR>
<TR><TD colspan="2"><P> <CENTER><input type="submit" /><P><? echo"<FONT SIZE=-1>IP: $ip</FONT>";?></CENTER></TD><TR>
  </form>
</TD>
</TR>
</TABLE>
</CENTER>
<?
$vergesser = $HTTP_POST_VARS["username"];
if (!empty($vergesser)){
 $userdatei = fopen ("user.txt","r");
   while (!feof($userdatei))
      {	$zeile = fgets($userdatei,500);
	$userdata = explode("|", $zeile);
	$uu_user=$userdata[0];
			if ($uu_user == "$vergesser")
			{
			$email = "$userdata[6]";
				function getpass() {
				    $newpass = "";
				    $laenge=36;
				    $string="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890";
				    mt_srand((double)microtime()*1000000);
				    for ($i=1; $i <= $laenge; $i++) {
				        $newpass .= substr($string, mt_rand(0,strlen($string)-1), 1);
				    }
				    return $newpass;
				}
				$k_passwort = getpass();
$passport = md5($k_passwort);
$zu_speichernd = array("$passport","$vergesser","$jetzt","$ip");
$schreibe = implode('|',$zu_speichernd);
$fp = fopen("tonne/$jetzt.txt","w+"); 
fputs($fp,$schreibe);
fclose($fp);
##############
$empfaenger = "$email";
$pwm1 = html_entity_decode($lg[pwm1]);
$pwm2 = html_entity_decode($lg[pwm2]);
$us020 = html_entity_decode($lg[us020]);

$betreff = "$lg[pw01] - $www";
$from = "From: $www <$domains[mail]>";
$text = "$lg[hello] $vergesser, \n\n$pwm1 \nIP: $ip \n\n$pwm2 \nhttp://$www$teil_link/admin/pass_lost.php?k=$k_passwort \n\n\nRegards PHP-NewsGerd";
mail($empfaenger, $betreff, $text, $from);
###############





			}
      }
fclose($userdatei);
}   
}}



?>





 </body>
</html>
Return current item: NewsP