Pleas help, can't find bug.
Posted: Mon Jan 02, 2006 8:47 pm
Where is bug ?!?!?
Code: Select all
<?
include 'db.php';
switch($_POST['recover']){
default:
break;
case "recover":
recover_pw($_POST['email_address']);
break;
}
function recover_pw($email_address){
if(!$email_address){
echo "You forgot to enter your Email address
<strong>Knucklehead</strong><br />";
exit();
}
// quick check to see if record exists
$sql_check = mysql_query("SELECT * FROM users WHERE email_address='$email_address'");
$sql_check_num = mysql_num_rows($sql_check);
if($sql_check_num == 0){
echo "No records found matching your email address<br />";
exit();
}
// Everything looks ok, generate password, update it and send it!
function makeRandomPassword() {
$salt = "abchefghjkmnpqrstuvwxyz";
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
$random_password = makeRandomPassword();
$db_password = md5($random_password);
$sql = mysql_query("UPDATE users SET password='$db_password'
WHERE email_address='$email_address'");
$subject = "Atkurtas jusu slaptazodis.";
$message = "Prasome uzsirasyti sita koda.
Taigpogi jus galite pasikeisti ji, i jums labiau patinkanti (puslapyje).
Naujas kodas: $random_password
Aciu!
Administracija
";
mail($email_address, $subject, $message, "From: spamyboy Webmaster<spamyboy@gmail.com>\n
X-Mailer: PHP/" . phpversion());
echo "Patikrinkite savo e-pasto dezute.<br />";
include 'login_form.html';
}
?>