53 lines
2.2 KiB
PHP
53 lines
2.2 KiB
PHP
<?php
|
|
function Set_Password_Reset($email) {
|
|
$date = date("Y-m-d H:i:s");
|
|
$reset_code = random_string(20);
|
|
$query = "UPDATE `users` SET `password_reset_code`='" . $reset_code . "', `password_reset_date`='" . $date . "' WHERE `email`='" . $email . "';";
|
|
$reset = query($query);
|
|
|
|
if ($reset) {
|
|
$to = $email;
|
|
$subject = "Here's your Lexiconga password reset link";
|
|
$message = "Hello " . Get_Public_Name_By_Email($email) . "\r\n\r\nSomeone has requested a password reset link for your Lexiconga account. If it was you, you can reset your password by going to the link below and entering a new password for yourself:\r\n";
|
|
$message .= "http://lexicon.ga/?passwordreset&account=" . Get_User_Id($email) . "&code=" . $reset_code . "\r\n\r\n";
|
|
$message .= "If it wasn't you who requested the link, you can ignore this email since it was only sent to you, but you might want to consider changing your password when you have a chance.\r\n\r\n";
|
|
$message .= "The password link will only be valid for today until you use it.\r\n\r\n";
|
|
$message .= "Thanks!\r\nThe Lexiconga Admins";
|
|
$header = "From: Lexiconga Password Reset <donotreply@lexicon.ga>\r\n" .
|
|
"Reply-To: help@lexicon.ga\r\n" .
|
|
"X-Mailer: PHP/" . phpversion();
|
|
|
|
if (mail($to, $subject, $message, $header)) {
|
|
return true;
|
|
} else {
|
|
return "could not send";
|
|
}
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
function Check_Password_Reset($id, $code) {
|
|
$date = date("Y-m-d");
|
|
$daterange = "'" . $date . " 00:00:00' AND '" . $date . " 23:59:59'";
|
|
$query = "SELECT * FROM `users` WHERE `id`='" . $id . "' AND `password_reset_code`='" . $code . "' AND `password_reset_date` BETWEEN " . $daterange . ";";
|
|
$users = query($query);
|
|
|
|
if ($users && num_rows($users) === 1) {
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
function Reset_Password($password, $email) {
|
|
$query = "UPDATE `users` SET `password`='" . crypt($password, $email) . "', `password_reset_date`='0000-00-00 00:00:00' WHERE `email`='" . $email . "';";
|
|
$reset = query($query);
|
|
|
|
if ($reset) {
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
?>
|