Click here to login.";
$ok_to_change = true;
}
} else {
if ($email != "") {
$user_sql = "select firstname, access, user_id from users where email = '" . $email . "'";
$user_result = mysql_query($user_sql);
if (list($firstname, $access, $user_id) = mysql_fetch_row($user_result)) {
srand(time());
$passcode = (rand()%9999999999);
// snippet from http://us2.php.net/function.gethostbyaddr
if ($HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"] != ""){
$hostname = @gethostbyaddr($HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"]);
}else{
$hostname = @gethostbyaddr($HTTP_SERVER_VARS["REMOTE_ADDR"]);
}
$msg = "Dear " . $firstname . ",\n\nYou are being sent this email to change your password at " . $_SERVER['SERVER_NAME'] . ". To change your password, please click on the following link or paste it into your web browser.\n\nhttp://" . $_SERVER['SERVER_NAME'] . "/changepw.php?user=" . $user_id . "&passcode=" . $passcode . "\n\n";
$update_sql = "UPDATE users SET access = 1, passcode = " . $passcode . ", hostname = '" . $hostname . "' WHERE user_id = " . $user_id;
$update_result = mysql_query($update_sql) or die("Error logging in: " . mysql_error());
$success = imap_mail($email, $_SERVER['SERVER_NAME'] + " registration password change", $msg, "From: webserver@" + $_SERVER['SERVER_NAME']);
$error = true;
$error_msg = "An email has been sent to the email address you used to register. Click on the link in that email to change your password.";
} else {
$error = true;
$error_msg = "You have entered an invalid email address. Please try again.";
}
}
}
?>
voodoochild.org