-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathrecover.php
92 lines (73 loc) · 3.14 KB
/
recover.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?php
/*
Ceres Control Panel
This is a control pannel program for Athena and Freya
Copyright (C) 2005 by Beowulf and Nightroad
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
To contact any of the authors about special permissions send
an e-mail to [email protected]
*/
session_start();
include_once 'config.php'; // loads config variables
include_once 'query.php'; // imports queries
include_once 'functions.php';
include_once 'mail.php';
if (!$CONFIG_password_recover)
redir("motd.php", "main_div", "Disabled");
if (!empty($GET_opt)) {
if ($GET_opt == 1 && isset($GET_frm_name) && !strcmp($GET_frm_name, "recover")) {
$session = $_SESSION[$CONFIG_name.'sessioncode'];
if ($CONFIG_auth_image && function_exists("gd_info")
&& strtoupper($GET_code) != substr(strtoupper(md5("Mytext".$session['recover'])), 0,6))
alert($lang['INCORRECT_CODE']);
if (inject($GET_email))
alert($lang['INCORRECT_CHARACTER']);
$query = sprintf(RECOVER_PASSWORD, $GET_email);
$result = execute_query($query, 'recover.php');
if (!$result->count())
alert($lang['UNKNOWN_MAIL']);
for ($i = 0; $result->fetch_row(); $i++) {
$accounts[$i][0] = $result->row[0];
$accounts[$i][1] = $result->row[1];
$accounts[$i][2] = $result->row[2];
}
$answer=email($accounts);
erro_de_login(1);
redir("motd.php", "main_div", $answer);
}
}
if (isset($_SESSION[$CONFIG_name.'sessioncode']))
$session = $_SESSION[$CONFIG_name.'sessioncode'];
$session['recover'] = rand(12345, 99999);
$_SESSION[$CONFIG_name.'sessioncode'] = $session;
$var = rand(10, 9999999);
opentable($lang['RECOVER_RECOVER']);
echo "
<form id=\"recover\" onsubmit=\"return GET_ajax('recover.php','main_div','recover')\"><table>
<tr><td align=\"right\">".$lang['MAIL'].":</td><td align=\"left\">
<input type=\"text\" name=\"email\" maxlength=\"40\" size=\"40\" onKeyPress=\"return force(this.name,this.form.id,event);\">
<input type=\"hidden\" name=\"opt\" value=\"1\"></td></tr>";
if ($CONFIG_auth_image && function_exists("gd_info")) {
echo "<tr><td></td><td align=left><img src=\"img.php?img=recover&var=$var\" alt=\"".$lang['SECURITY_CODE']."\">
</td></tr><tr><td align=right>".$lang['CODE'].":</td>
<td align=\"left\">
<input type=\"text\" name=\"code\" maxlength=\"6\" size=\"6\" onKeyPress=\"return force(this.name,this.form.id,event);\">
</td></tr>";
}
echo "
<tr><td> </td><td><input type=\"submit\" value=\"".$lang['RECOVER']."\"></td></tr>
</table>
";
closetable();
fim();
?>