diff --git a/Account_Manager/includes/config.php b/Account_Manager/includes/config.php index 99cbe7d800..2d77787cb0 100644 --- a/Account_Manager/includes/config.php +++ b/Account_Manager/includes/config.php @@ -17,5 +17,7 @@ session_start(); //Link for Patch Download $dlPatch = 'https://www.google.com'; - + + //Server Reply Email Address + $CONFIG['emailaddress'] = "yourmail@yourdomain.com"; ?> diff --git a/Account_Manager/index.php b/Account_Manager/index.php index b481aaa3cf..681e414d67 100644 --- a/Account_Manager/index.php +++ b/Account_Manager/index.php @@ -99,6 +99,80 @@ $error = ""; $conn->close(); } + if(isset($_POST['forgot'])) + { + $conn = new mysqli($server_host, $db_user_name, $db_user_password, $db_database); + // Check connection + if (mysqli_connect_errno()) + { + $error = "Can't Connect to MySQL
". mysqli_connect_error()."
"; + echo "Failed to connect to MySQL: " . mysqli_connect_error(); + exit(); + } + + $account = mysqli_real_escape_string($conn, $_POST['username']); + $email = $_POST['email']; + $admin = $CONFIG['emailaddress']; + //get a random password + $password_rnd = rand(9999, 999999); + //encode password + $password = base64_encode(sha1($password_rnd, true)); + + if($account == '') + $error = 'Enter account'; + if($email == '') + $error = 'Enter email'; + + $sql = "SELECT * FROM `accounts` WHERE `login`='".$account."' AND `email`='".$email."'"; + $result = $conn->query($sql); + + if ($result->num_rows > 0) { + while($row = $result->fetch_assoc()) + { + + if ($email == $row['email']) + { + if ($account == $row['login']) + { + $to = $email; + $subject = 'Your recovered Password'; + $message = 'Use this password to login '. $password_rnd; + $headers = 'From :'. $admin; + if (mail($to, $subject, $message, $headers)){ + $update = "UPDATE `accounts` SET `password`='".$password."' WHERE `login`='".$account."'"; + $resultupdate = $conn->query($update); + if ($resultupdate) + { + $error = 'Your password has been sent to your email'; + } + else + { + $error = 'Fail to recover your password'; + } + } + else + { + $error = 'Failed - Contact Administrator '.$admin; + } + } + else { + $error = 'Account does not match.'; + } + + } + else + { + $error = 'Email does not match.'; + } + } + } + else + { + $error = 'Email or Account does not match.'; + } + + $conn->close(); + } ?> @@ -176,7 +250,8 @@ $error = "";
- Login to your Account or + Login to your Account or + RESTORE PASSWORD

@@ -293,7 +368,52 @@ $error = ""; - +
+ + +
+
+
+
+ + + + + +