Forgot Password mod

[melduk]

Hi,

I am looking for someone to build/sell a mod to let users request a new password if they have forgot their pass.

Let me know if you can do it and how much.

Cheers

[SRB]

I read this and was bored, so I just wrote this.

Should be enough here to get you started (All code should be in place and correct - I've not tested it)

You **should** only need to add your own html layout.

 

<?php
include_once('globals_nonauth.php');


echo '<h3>Password Reset</h3>';


// Check if the form has been posted.
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
   // Check email existence and format
   $email = (array_key_exists('email', $_POST) && is_string($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) ? mysql_real_escape_string(substr($_POST['email'], 0, 255)) : FALSE ;
   if ($email)
   {
       // Check the email is linked to an account
       $sql = "SELECT `userid`, `username`, `email` FROM `users` WHERE `email` = '{$email}';";
       $run = mysql_query($sql);
       if (mysql_num_rows($run) == 1)
       {
           // Give the data a variable to use
           $result  = mysql_fetch_assoc($run);


           // Set a new password, of random length, using variable length and size, as a salt (of sorts)
           $newpass = substr(MD5($result['userid'] . $result['username'] . $result['email'] . time()), 0, mt_rand(10,30));


           // Update password to temp password (above)
           $sql     = "UPDATE `users` SET `userpass` = '{$newpass}' WHERE `userid` = '{$result['userid']}';";
           $db->query($sql);


           // Set email information;
           $from_name = "GameName";
           $from_mail = "[email protected]";
           $send_mail = $result['email'];
           $subject   = "GameName - Password reset";
           $message   = "We recently had a request from our website, GameName.com, to provide you with a new password.\n\r" .
                        "As per the request, our system has generated a new password for you, which we advise you to change once you log in.\n\r" .
                        "Your password is: " . $newpass . "\n\r" .
                        "~" . $from_name;



           // Create the email;
           $headers   = array();
           $headers[] = "MIME-Version: 1.0";
           $headers[] = "Content-type: text/plain; charset=iso-8859-1";
           $headers[] = "From: " . $from_name . " <" . $from_mail . ">";
           $headers[] = "Reply-To: NoReply <[email protected]>";
           $headers[] = "Subject: {$subject}";
           $headers[] = "X-Mailer: PHP/".phpversion();


           mail($send_mail, $subject, $message, implode("\r\n", $headers));


           // Give information
           echo '<p>A new password has been generated and emailed to you. Please check your email and remember to change your password once you have logged in.</p>';
       }
       else
       {
           echo '<p>No account with that email exists.</p>';
       }
   }
   else 
   {
       echo '<p>You did not supply a valid email address.</p>';
   }
   echo '<hr />';
}
echo '<p>Enter your email to resend a password.</p>
<form action="" method="post">
   <input type="text" name="email" value="" placeholder="Email here">
   <p>
       <button>Send</button>
   </p>
</form>';


$h->endpage();

Edited April 6, 2014 by Guest

[melduk]

Hey

Well firstly thanks a lot!

Unfortunately though it doesn't seem to work.. page loads blank. Tried changing the include as the file is in a sub directory 'Global' but that didn't help. :-/

[Alan]

@melduk

it doesn't seem to work

One can only presume that the art of debugging has long since escaped anybody these days

Step 1 - Copy the pasted code and save as a file - say reset-password.php

Step 2 - Run php -l reset-password.php

PHP Parse error:  syntax error, unexpected ')' in reset-password.php on line 12

Step 3 - Mark 1 eyeball shows that the filter_function has too many closing brackets, remove one and check the syntax again.

[SRB]

@meldukOne can only presume that the art of debugging has long since escaped anybody these days

Step 1 - Copy the pasted code and save as a file - say reset-password.php

Step 2 - Run php -l reset-password.php

PHP Parse error:  syntax error, unexpected ')' in reset-password.php on line 12

Step 3 - Mark 1 eyeball shows that the filter_function has too many closing brackets, remove one and check the syntax again.

 

Slightly my fault - I omitted the first bracket before array_key_exists

The joys of untested code :D

 

Step 2 - Run php -l reset-password.php

Can't debug the code, but you expect shell commands to be inside the knowledge base? Wishful thinking :P

[KyleMassacre]

I don't want to undermine you Guest but your code is a tad. It dated :p j/k

But melduk you may want to convert you queries over the the $db class that has been provided for you by the engine and the reason being that if/when your host now or future host decides they wish to update your PHP version to a version that doesn't support the mysql extension you can avoid downtime just by switching your class files in your config.php to use the mysqli extension.

As as for the actual code I haven't tested it myself but Guest does have a pretty decent track record with providing untested code with close to 0 errors. And thanks for the share Guest!

[SRB]

a tad. It dated :p j/k

You been drinking, bro? :P

[KyleMassacre]

Ugh damn you autocorrect it always does that

[melduk]

Sorry about the delay in replying. Still trying to get this to work.

Keeps saying 'You did not supply a valid email address.' Even though I did supply a valid email. :-/