-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpasswordRecovery.php
More file actions
40 lines (32 loc) · 1.32 KB
/
passwordRecovery.php
File metadata and controls
40 lines (32 loc) · 1.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<?php
require('php/database.php');
require('php/email/email.php');
$username = filter_input(INPUT_POST, 'username');
$userEnteredEmail = filter_input(INPUT_POST, 'email');
function generateRandomPassword() {
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890";
$pass = "";
for($i = 0; $i < 8; $i++) {
$pass = $pass . $chars[rand(0, strlen($chars)-1)];
}
return $pass;
}
function resetPassword($pass) {
global $username;
$encryptedPass = md5($pass);
$updatePass = sendQuery("UPDATE customer SET password='$encryptedPass' WHERE username='$username'");
}
$emailQuery = sendQuery("SELECT email FROM customer WHERE username='$username'"); // database.php
if ($emailQuery) {
$emailAddr = $emailQuery->fetch_assoc()['email'];
if($emailAddr==$userEnteredEmail) {
$pass = generateRandomPassword();
sendPasswordRecoveryEmail($emailAddr, $pass); // email.php
resetPassword($pass);
echo '<script type="text/javascript">alert("Password Recovery Email Sent"); location="login.php";</script>';
} else {
echo '<script type="text/javascript">alert("Invalid email address"); location="login.php";</script>';
}
} else {
echo '<script type="text/javascript">alert("Unknown username"); location="login.php";</script>';
}