Helo All,
I have a vsro server and the file "lostpassword.php" does not work properly.
the lostpassword working with pin code.
here is the code :
PHP Code:
<?php
if (isset($_SESSION['username'])) {
$sql->redirect("?page=index");
}
if (isset($_POST['submit'])) {
$id = $_POST['ID'];
$Email = $_POST['email'];
$pin = $_POST['pin'];
$pw = md5($_POST['pw']);
if (strlen($id) < 5)
$msg[] = 'ID is shorter than 5 letters !';
if (strlen($pin) < 0)
$msg[] = 'New password is shorter than 0 letters !';
if (strlen($id) > 20)
$msg[] = 'ID is longer than 20 letters !';
if (strlen($pin) > 20)
$msg[] = 'PIN is longer than 20 letters !';
if (!$sql->isValidEmail($Email))
$msg[] = "Email is not valid";
if(!$sql->is_secure($id)) die;
if(!$sql->is_secure($Email)) die;
if(!$sql->is_secure($pin)) die;
if(!$sql->is_secure($pw)) die;
if (count($msg) > 0) {
$error = "";
for ($i = 0; $i < count($msg); $i++) {
$error .= "-$msg[$i]</br>";
}
echo "<dl id='system-message'>
<dt class='error'>Error</dt>
<dd class='error message fade'>
<ul>
$error
</ul>
</dd>
</dl>";
} else {
$query = $sql->Query("SELECT * FROM TB_User WHERE StrUserID='$id'");
$row = $sql->fetcharray($query);
if ($Email != $row['Email'])
$msg1[] = 'Incorrect email';
if ($pin != $row['certificate_num'])
$msg1[] = 'Pin is incorrect !';
if (count($msg1) > 0) {
$error1 = "";
for ($i = 0; $i < count($msg1); $i++) {
$error1 .= "-$msg1[$i]</br>";
}
echo "<dl id='system-message'>
<dt class='error'>Error</dt>
<dd class='error message fade'>
<ul>
$error1
</ul>
</dd>
</dl>";
} else {
$query = $sql->Query("UPDATE TB_User SET password='$pw' WHERE StrUserID='$id'");
if ($query) {
echo "<dl id='system-message'>
<dt class='message'>Message</dt>
<dd class='message message fade'>
<ul>
<li>Your password is sucessfully reset.</li>
</ul>
</dd>
</dl>";
} else {
echo "<dl id='system-message'>
<dt class='error'>Error</dt>
<dd class='error message fade'>
<ul>
<li>An error happened while reseting password,please contant the admin.</li>
</ul>
</dd>
</dl>";
}
}
}
}
?>
<?php
echo '<h2 class="title">Reset Password</h2>';
echo '<div class="content-bg">';
echo '<div class="content-bgtop">';
echo '<div class="content-bgbtm content">';
?>
<center>
<div id="login">
<form action="" method="post" name="login">
<input type="text" name="id" size="50" class="email" placeholder="UserName" />
<br>
<input type="text" name="pin" size="50" class="email" placeholder="PIN" />
<br>
<input type="text" name="email" size="50" class="email" placeholder="Email" />
<br>
<input type="password" name="pw" size="50" class="email" placeholder="New Password" />
<br>
<input type='submit' name='submit' value='Change class='submit'>
</form>
</div>
</center>
<?php
echo '</div>';
echo '</div>';
echo '</div>';
?>
A huge thank you to assistants
