Code: Select all
<?
include 'db.php';
switch($_POSTї'recover']){
default:
include 'lost_pw.html';
break;
case "recover":
recover_pw($_POSTї'email_address']);
break;
}
function recover_pw($email_address){
if(!$email_address){
echo "You forgot to enter your Email address <strong>Knucklehead</strong><br />";
include 'lost_pw.php';
exit();
}
// quick check to see if record exists
$sql_check = mysql_query("SELECT * FROM $table_name WHERE email_address='$email_address'");
$sql_check_num = mysql_num_rows($sql_check);
if($sql_check_num = '0'){
echo "No records found matching your email address<br />";
include 'lost_pw.php';
exit();
}
// Everything looks ok, generate password, update it and send it!
function makeRandomPassword() {
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
$random_password = makeRandomPassword();
$db_password = md5($random_password);
$sql = mysql_query("UPDATE $table_name SET password='$db_password' WHERE email_address='$email_address'");
$subject = "Your Password at AlternativeContainer.com!";
$message = "Hi, we have reset your password.
New Password: $random_password
http://www.transienttomorrow.com/alt_cont/login_form.php
Thanks!
The Webmaster
This is an automated response, please do not reply!";
mail($email_address, $subject, $message, "From: The Webmaster<admin@transienttomorrow.com>\nX-Mailer: PHP/" . phpversion());
echo "Your password has been sent! Please check your email!<br />";
include 'login_form.html';
}
?>Code: Select all
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /usr/local/4admin/apache/vhosts/****.com/httpdocs/test1/ie_htm/lostpw.php on line 21Code: Select all
$sql_check = mysql_query("SELECT * FROM $table_name WHERE email_address='$email_address'");
$sql_check_num = mysql_num_rows($sql_check);
if($sql_check_num == 0){
echo "No records found matching your email address<br />";
include 'lost_pw.php';
exit();
}Code: Select all
$sql = mysql_query("UPDATE $table_name SET password='$db_password' WHERE email_address='$email_address'");