Location: PHPKode > projects > VSecure > copy/sendpasswd.php
<?php

/*******************************************************************/
/*                        Vsecurity                                */
/*        Copyrights(C)2001 Jan Vilimek(hide@address.com)         */
/*               See GPL license in file license.txt               */
/*           and http://www.guanoweb.cz for more details           */    
/*                                                                 */
/* Function: Secure your pages  (sendpaswd)                        */
/* for instalation see readme.txt                                  */
/*******************************************************************/

define("LOADED_PROPERLY", true);

die ("PATH NOT CHANGED IN ".__FILE__." on line " . __LINE__ .". please specify path to common.php");

include dirname(__FILE__)."/common.php"; /* change this please*/

xhtml_header($title_sendlogin,true,false);

if (($send_passwd_login!="")&&($secret_code!=""))
{

if ($secret_code!=$send_passwd_secret_number)
 {
 $send_passwd_login="";
 echo "<div style=\"text-align:center\"><h3>BAD SECRET CODE!! <br> Špatné heslo!</h3>";
 echo "<a href=\"".$VSecure_conf['sendpasswd_path']."\">back</a></div>";
 xhtml_footer();
 }

$new_password=random_passwd(16);

$qw="UPDATE `$VSecure_tbl_usr` SET `password` = MD5( '".$new_password."' ) ".
"WHERE login='".md5($send_passwd_login)."' " ;
$result= mysql_query ($qw , $MySQL_link)
 or echo_error (__FILE__,__LINE__,ERR_MYSQL,"Could not change your password...");

$qw="SELECT name,nick,email FROM $VSecure_tbl_usr ".
"WHERE login='".md5($send_passwd_login)."' " ;
$result= mysql_query ($qw , $MySQL_link)
 or echo_error (__FILE__,__LINE__,ERR_MYSQL,"Could not send you mail (lost information from table)...");

$row= mysql_fetch_array($result);

$subject=$message_sendpaswd_subj . $send_passwd_login;
$message=$message_sendpaswd_mess1 . $row['name'].
         $message_sendpaswd_mess2 . $send_passwd_login .
 		 $message_sendpaswd_mess6 . $row['nick'].
		 $message_sendpaswd_mess4 . $row['email'].
		 $message_sendpaswd_mess3 . $new_password;
$message.=$message_sendpaswd_mess5;

 $multipleextras="From: ".$VSecure_conf['admin_email']."\nReply-To: ".$VSecure_conf['admin_email']."\nX-Mailer: autobot PHP/" . phpversion();

if (!mail($row['email'], $subject, $message,$multipleextras))
 {
 alert($message_sendpaswd_failed);
 xhtml_footer();
 }
?>

<div style="text-align:center; border:0px; margin: 15px; padding: 3px; background-color: White;" width="500" height="100" cellspacing="0" cellpadding="0">
Nové heslo bylo posláno na Vᚠemail!
</div>
<script type="text/javascript">
<!--
window.focus();
//-->
</script>
<?
xhtml_footer();

}
elseif ($login!="")
{


$qw="SELECT name,nick,email FROM $VSecure_tbl_usr ".
"WHERE login='".md5($login)."' " ;
$result= mysql_query ($qw , $MySQL_link)
 or die ("Error while reading data from the table... (sendpaswd,".__LINE__.")");
if (!($count= mysql_num_rows($result))||($count==0)){ alert($alert_nouser); $login=""; } else
 {
 # set sessions #
 $_SESSION["send_passwd_login"]=$login;
 $send_passwd_secret_number=random_passwd(6);
 $row=mysql_fetch_array($result);

 $subject="secret code";
 $message="Hi ".$row['name']."\nYour secret code: ".$send_passwd_secret_number;
 $message.="\nTaké mùžete kliknout na odkaz dole...\nYou can also click on the link below...\n";
 $message.=$VSecure_conf['sendpasswd_path']."?login=$login&secret_code=".$send_passwd_secret_number. "\n\n";

 $multipleextras="From: ".$VSecure_conf['admin_email']."\nReply-To: ".$VSecure_conf['admin_email']."\nX-Mailer: autobot PHP/" . phpversion();

 if (!@mail($row['email'], $subject, $message,$multipleextras))alert($message_sendpaswd_failed);else
 alert("Message sent correctly...");

?>

<div style="text-align:center; border:0px; margin: 15px; padding: 3px; background-color: White;" width="500" height="100" cellspacing="0" cellpadding="0">
  <form action='sendpasswd.php' method='post' name='posliheslo' id='posliheslo'>
  Secret code:
  <input type='text' name='secret_code' value='' size='10' maxlength='255'>
  <input type='submit' value='<?php echo $message_sendpaswd_send;?>'>
  </form>
</div>
<div style="text-align:center">
Nyní zadejte heslo pøesnì ve tvaru, v jakém Vám došlo na email. Po kliknutí na 'pošli' Vám dojde novì vygenerované heslo. Zmìòte jej pak v sekci <b>USER</b>. Prosím, neodcházejte z této stránky dokud Vám email nedojde, vymazalo by se Vám poslané heslo.
</div>
<script type="text/javascript">
<!--
window.focus();
//-->
</script>
<?
xhtml_footer();
 }
}
else $login=$message_sendpaswd_write;

?>
<div style="text-align:center; border:0px; margin: 15px; padding: 3px; background-color: White;" width="500" height="100" cellspacing="0" cellpadding="0">
<form action="sendpasswd.php" method="post" name="posliheslo" id="posliheslo" style="margin:0px;">
  <?php echo $message_sendpaswd_mess2;?>
  <input type="text" name="login" value="<?php echo $login;?>" style="border : 1px solid Black;color : #000000;font-weight:bold;margin:0px;background-color : #ffffff;vertical-align:center;" size="10" maxlength="255" />
  <input type="hidden" name="languague" value="<?php echo $languague;?>" />
  <input type="submit" value="<?php echo $message_sendpaswd_send;?>" style="border : 1px solid Black;color : #000000;font-weight:bold;width:60px;height:20px;margin:0px;background-color : #aaaaaa;vertical-align:center;" />
  </form>
</div>
<br />
<div style="text-align:center">Zadejte prosím svùj login. Na email zadaný pøi registraci Vám pak dojde heslo, pomocí nìhož bude v  následujícím kroku na Vᚠemail zasláno novì vygenerované heslo. (ochrana pøed zneužití tøetí osobou)
</div>
<script type="text/javascript">
<!--
window.focus();
//-->
</script>
<?php
xhtml_footer();
?>
Return current item: VSecure