", print_r($_POST, true), ""; // Include external style sheet print "
"; print "";
if($first_time_here == 1){
print " "; } #------------------------ # Log existing user into system #------------------------ if($first_time_here != 1){ /* Open data base Look to see if submitted email is in dataset. If so, check stored password against submitted password. If match, create a session and flag okay. If not a match, create an error. */ // Set the database access information as constants: DEFINE ('DB_USER', 'rcfraley'); DEFINE ('DB_PASSWORD', '*password*'); DEFINE ('DB_HOST', 'yourpersonality.netfirmsmysql.com'); DEFINE ('DB_NAME', 'ullman'); // Make the connection: $dbc = @mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) OR die ('Could not connect to MySQL: ' . mysqli_connect_error() ); // Create a new password function randString($length, $charset='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789') { $str = ''; $count = strlen($charset); while ($length--) { $str .= $charset[mt_rand(0, $count-1)]; } return $str; } // Construct a query to see if account exists $q = "SELECT pass, user_id FROM users WHERE email='$e'"; $r = @mysqli_query ($dbc, $q); // Run the query. if ($r) { // If it ran OK. }else{ print "That account does not exist. "; } $num = mysqli_num_rows($r); $row = mysqli_fetch_array($r, MYSQLI_NUM); if($num > 0){ $match = 1; $id = $row[1]; }else{ print "Error in querry results. That account does not exist."; } // If account exists, change password and flag if($match == 1){ // Create a new password. Then hash it. $p = randString(8); $pp = SHA1($p); // Update the stored password in the file system $q= "UPDATE users SET pass='$pp' WHERE user_id=$id LIMIT 1"; $r = @mysqli_query ($dbc, $q); // Run the query. if ($r) { // If it ran OK. }else{ print "Error querring database. Please contact the site administrator. "; } } // send email to user if update worked (i.e., match is flagged as 1) if($match == 1){ $to = $e; $subject = "Password change at yourPersonality.net"; $body = "Your password has been changed at yourPersonality.net.\n\nPlease visit the site to login with the new password below. We strongly encourage you to change your password to one of your chosing after loging in.\n\nLogin: http://yourpersonality.net/test1/ \nTemporary Password = $p \n\n"; mail($to,$subject,$body,'From:yourPersonality@yourpersonality.net'); print "An email has been sent to $e. Please follow the instructions in that e-mail for logging in and changing your account password. Please note that if you do not receive the e-mail within a few minutes, you should check your spam folder. Sign in"; } # end if match == 1 mysqli_close($dbc); // Close the database connection. } # end create_account == 0 print " |