"SfR Fresh" - the SfR Freeware/Shareware Archive 
Member "websitebaker-2.6.7/wb/admin/login/forgot/index.php" of archive websitebaker-2.6.7.tar.gz:
As a special service "SfR Fresh" has tried to format the requested source page into HTML format using (guessed) PHP source code syntax highlighting with prefixed line numbers.
Alternatively you can here view or download the uninterpreted source code file.
That can be also achieved for any archive member file by clicking within an archive contents listing on the first character of the file(path) respectively on the according byte size field.
1 <?php
2
3 // $Id: index.php 399 2006-12-24 07:50:44Z Ruebenwurzel $
4
5 /*
6
7 Website Baker Project <http://www.websitebaker.org/>
8 Copyright (C) 2004-2007, Ryan Djurovich
9
10 Website Baker is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
14
15 Website Baker is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with Website Baker; if not, write to the Free Software
22 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23
24 */
25
26 // Include the configuration file
27 require('../../../config.php');
28 // Include the language file
29 require(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
30 // Include the database class file and initiate an object
31 require(WB_PATH.'/framework/class.admin.php');
32 $admin = new admin('Start', 'start', false, false);
33 $database = new database();
34
35 // Get the website title
36 $results = $database->query("SELECT value FROM ".TABLE_PREFIX."settings WHERE name = 'title'");
37 $results = $results->fetchRow();
38 $website_title = $results['value'];
39
40 // Check if the user has already submitted the form, otherwise show it
41 if(isset($_POST['email']) AND $_POST['email'] != "") {
42
43 $email = $_POST['email'];
44
45 // Check if the email exists in the database
46 $query = "SELECT user_id,username,display_name,email,last_reset,password FROM ".TABLE_PREFIX."users WHERE email = '".$admin->add_slashes($_POST['email'])."'";
47 $results = $database->query($query);
48 if($results->numRows() > 0) {
49
50 // Get the id, username, email, and last_reset from the above db query
51 $results_array = $results->fetchRow();
52
53 // Check if the password has been reset in the last 2 hours
54 $last_reset = $results_array['last_reset'];
55 $time_diff = mktime()-$last_reset; // Time since last reset in seconds
56 $time_diff = $time_diff/60/60; // Time since last reset in hours
57 if($time_diff < 2) {
58
59 // Tell the user that their password cannot be reset more than once per hour
60 $message = $MESSAGE['FORGOT_PASS']['ALREADY_RESET'];
61
62 } else {
63
64 $old_pass = $results_array['password'];
65
66 // Generate a random password then update the database with it
67 $new_pass = '';
68 $salt = "abchefghjkmnpqrstuvwxyz0123456789";
69 srand((double)microtime()*1000000);
70 $i = 0;
71 while ($i <= 7) {
72 $num = rand() % 33;
73 $tmp = substr($salt, $num, 1);
74 $new_pass = $new_pass . $tmp;
75 $i++;
76 }
77
78 $database->query("UPDATE ".TABLE_PREFIX."users SET password = '".md5($new_pass)."', last_reset = '".mktime()."' WHERE user_id = '".$results_array['user_id']."'");
79
80 if($database->is_error()) {
81 // Error updating database
82 $message = $database->get_error();
83 } else {
84 // Setup email to send
85 $mail_subject = 'Your login details...';
86 $mail_to = $email;
87 $mail_message = ''.
88 'Hello '.$results_array["display_name"].',
89
90 Your '.$website_title.' administration login details are:
91 Username: '.$results_array["username"].'
92 Password: '.$new_pass.'
93
94 Your password has been reset to the one above.
95 This means that your old password will no longer work.
96
97 If you have received this message in error, please delete it immediately.';
98 // Try sending the email
99 if($admin->mail(SERVER_EMAIL,$mail_to,$mail_subject,$mail_message)) {
100 $message = $MESSAGE['FORGOT_PASS']['PASSWORD_RESET'];
101 $display_form = false;
102 } else {
103 $database->query("UPDATE ".TABLE_PREFIX."users SET password = '".$old_pass."' WHERE user_id = '".$results_array['user_id']."'");
104 $message = $MESSAGE['FORGOT_PASS']['CANNOT_EMAIL'];
105 }
106 }
107
108 }
109
110 } else {
111 // Email doesn't exist, so tell the user
112 $message = $MESSAGE['FORGOT_PASS']['EMAIL_NOT_FOUND'];
113 }
114
115 } else {
116 $email = '';
117 }
118
119 if(!isset($message)) {
120 $message = $MESSAGE['FORGOT_PASS']['NO_DATA'];
121 $message_color = '000000';
122 } else {
123 $message_color = 'FF0000';
124 }
125
126 // Setup the template
127 $template = new Template(ADMIN_PATH.'/login/forgot');
128 $template->set_file('page', 'template.html');
129 $template->set_block('page', 'main_block', 'main');
130 if(defined('FRONTEND')) {
131 $template->set_var('ACTION_URL', 'forgot.php');
132 } else {
133 $template->set_var('ACTION_URL', 'index.php');
134 }
135 $template->set_var('EMAIL', $email);
136
137 if(isset($display_form)) {
138 $template->set_var('DISPLAY_FORM', 'none');
139 }
140
141 $template->set_var(array(
142 'SECTION_FORGOT' => $MENU['FORGOT'],
143 'MESSAGE_COLOR' => $message_color,
144 'MESSAGE' => $message,
145 'WB_URL' => WB_URL,
146 'ADMIN_URL' => ADMIN_URL,
147 'TEXT_EMAIL' => $TEXT['EMAIL'],
148 'TEXT_SEND_DETAILS' => $TEXT['SEND_DETAILS'],
149 'TEXT_HOME' => $TEXT['HOME'],
150 'TEXT_NEED_TO_LOGIN' => $TEXT['NEED_TO_LOGIN']
151 )
152 );
153
154 if(defined('FRONTEND')) {
155 $template->set_var('LOGIN_URL', WB_URL.'/account/login.php');
156 } else {
157 $template->set_var('LOGIN_URL', ADMIN_URL);
158 }
159 $template->set_var('INTERFACE_URL', ADMIN_URL.'/interface');
160
161 if(defined('DEFAULT_CHARSET')) {
162 $charset=DEFAULT_CHARSET;
163 } else {
164 $charset='utf-8';
165 }
166
167 $template->set_var('CHARSET', $charset);
168
169 $template->parse('main', 'main_block', false);
170 $template->pparse('output', 'page');
171
172 ?>