PHP Code:
function getAuthtoken($email) {
$code = md5(889966);
$authtoken = $code."".md5($email);
return $authtoken;
}
public function resetPassword(){
$message = '';
if($_POST['email'] == '') {
$message = "Please enter username or email to proceed with password reset";
} else {
$sqlQuery = "
SELECT email
FROM ".$this->userTable."
WHERE email='".$_POST['email']."'";
$result = mysqli_query($this->dbConnect, $sqlQuery);
$numRows = mysqli_num_rows($result);
if($numRows) {
$user = mysqli_fetch_assoc($result);
$authtoken = $this->getAuthtoken($user['email']);
$link="<a href='https://www.webdamn.com/demo/user-management-system/reset_password.php?authtoken=".$authtoken."'>Reset Password</a>";
$toEmail = $user['email'];
$subject = "Reset your password on examplesite.com";
$msg = "Hi there, click on this ".$link." to reset your password.";
$msg = wordwrap($msg,70);
$headers = "From:
info@webdamn.com";
if(mail($toEmail, $subject, $msg, $headers)) {
$message = "Password reset link send. Please check your mailbox to reset password.";
}
} else {
$message = "No account exist with entered email address.";
}
}
return $message;
}
Bump:
PHP Code:
if($CURUSER) {
$getAuthotoken = getAuthtoken(md5('#&61+)(/.&()/+2*-4862_@'));
INSERT INTO MYSQL QUERY TO OBTAIN AUTHTOKEN HASH SO EXAMPLE:
$sqldump = sql_query("INSERT INTO userspage ADD authtoken='$getAuthoken' LIMIT 8");
$runrunrun = true;
return $sqldump && true;
}
Edit each FrontPage to drop a getAuthotoken() before ?>
Bump:
PHP Code:
getAuthtoken(md5('#&61+)(/.&()/+2*-4862_@'));
Edit each FrontPage to drop a getAuthotoken() before ?>