<?
// Reset password for the forgotten ones
//
  define("CAPTCHA_INVERSE", 0);
  include "captcha.php";

if (isset($_POST[send])){
	// ------- Send new password ----------------
	$res = captcha::check();
	if ((isset($res)) &&($res)) {
		require_once "openDB.php";
		$sql = "SELECT e_mail FROM user WHERE `logname`='$_POST[login]'";
		$result = mysql_query($sql);
		if (!$result){
			die("** SQL Error **".mysql_error().'<BR>');
		}
		$row = mysql_fetch_array($result, MYSQL_ASSOC);
		$words = array('red', 'bull', 'blue','bird','crown','herd','happy','fund','green','eye','mink','frame','goal','mine','shell','bold','good','lie','quick','hen','ray','krok');
		$nWords = count($words);
		$z1 = rand(0,$nWords);
		$z2 = rand(0,$nWords);
		$zs = rand(99,10000);
		$pass = $words[$z1].$zs.$words[$z2];
		$zpass = md5($pass);
		$msg = "WikiMap Admin Notice\n\nYour password has been reset.\nYour new password is ";
		$msg .= $pass;
		$msg .="\n\nPlease change the password after logging in.";
		$email = $_POST[email];
		if ($email == $row[e_mail]){
			$sql = "UPDATE user SET `password`='$zpass' WHERE `logname`='$_POST[login]'";
			$result = mysql_query($sql);
			if (!$result){
				die("** SQL Error **".mysql_error().'<BR>');
			}
		mail($_POST[email],'[WikiMap] Password reset',$msg);
		}
	} // Captcha OK
	$host = $_SERVER['HTTP_HOST'];
	header("Location:http://$host");
}
echo <<<END1
<HTML>
<HEAD>
<title>WikiMap: User registration</title>
<style type="text/css">
     @import url(./wikimap.css);
</style>
</HEAD>
<BODY>
<div  id=docs>
<H2>WikiMap: Password recovery </H2><HR>
<FORM method=POST action=#>
	<P>Login: <INPUT type=text name=login></P>
	<P>E-Mail: <INPUT type=text name=email></P>
	Security check<BR>
END1;

 echo captcha::form();
 echo <<<END2
	<INPUT type=submit value=SUBMIT name=send>
	<INPUT type=reset value=reset>
	<P>If your input matches with our record, your password will be mailed to you </P>
</FORM>
</div>
END2;
include "wikifoot.php";
?>