Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > Yuna Scatari Edition (YSE)
Reply
  #1  
Old 31st July 2008, 17:20
Nilsons's Avatar
Nilsons Nilsons is offline
Senior Member
 
Join Date: Dec 2007
Latvia
Posts: 40
Unhappy Recover....password...
When i want'ed to recover my password i get link to email , and i need to follow to the link but when i push on the link it shows me
"The page cannot be found "
Reply With Quote
  #2  
Old 31st July 2008, 21:46
kp380lv's Avatar
kp380lv kp380lv is offline
Senior Member
 
Join Date: May 2008
Latvia
Posts: 388
Default
you need e-mail sever
Reply With Quote
  #3  
Old 31st July 2008, 23:20
seb35's Avatar
seb35 seb35 is offline
Senior Member
 
Join Date: Dec 2007
France
Posts: 32
Default
post recover.php
just question you have added script class-input filter ?
Reply With Quote
  #4  
Old 1st August 2008, 09:06
Nilsons's Avatar
Nilsons Nilsons is offline
Senior Member
 
Join Date: Dec 2007
Latvia
Posts: 40
Default
kp380lv i have email server.....

Recover.php
Code:
<?

require "include/bittorrent.php";

dbconn();

if ($CURUSER)
newerr("Error", "You are logged in, you don't need this...");

if ($_SERVER["REQUEST_METHOD"] == "POST")
{
  $email = trim($_POST["email"]);
  if (!$email)
    newerr("Error", "You must enter an email address");
  $res = sql_query("SELECT * FROM users WHERE email=" . sqlesc($email) . " LIMIT 1") or sqlerr();
  $arr = mysql_fetch_assoc($res) or stderr("Error", "The email address was not found in the database.\n");

        $sec = mksecret();

  sql_query("UPDATE users SET editsecret=" . sqlesc($sec) . " WHERE id=" . $arr["id"]) or sqlerr();
  if (!mysql_affected_rows())
          stderr("Error", "Database error. Please contact an administrator about this.");

  $hash = md5($sec . $email . $arr["passhash"] . $sec);

  $body = <<<EOD
Someone, hopefully you, requested that the password for the account
associated with this email address ($email) be reset.

The request originated from {$_SERVER["REMOTE_ADDR"]}.

If you did not do this ignore this email. Please do not reply.


Should you wish to confirm this request, please follow this link:

$DEFAULTBASEURL/recover.php?id={$arr["id"]}&secret=$hash


After you do this, your password will be reset and emailed back
to you.

--
$SITENAME
EOD;

  @mail($arr["email"], "$SITENAME password reset confirmation", $body, "From: $SITEEMAIL", "-f$SITEEMAIL")
    or newerr("Error", "Unable to send mail. Please contact an administrator about this error.");
  newerr("Success", "A confirmation email has been mailed.\n" .
    " Please allow a few minutes for the mail to arrive.");
}
elseif($_GET)
{
//        if (!preg_match(':^/(\d{1,10})/([\w]{32})/(.+)$:', $_SERVER["PATH_INFO"], $matches))
//          httperr();

//        $id = 0 + $matches[1];
//        $md5 = $matches[2];

        $id = 0 + $_GET["id"];
  $md5 = $_GET["secret"];

        if (!$id)
          httperr();

        $res = sql_query("SELECT username, email, passhash, editsecret FROM users WHERE id = $id");
        $arr = mysql_fetch_array($res) or httperr();

  $email = $arr["email"];

        $sec = hash_pad($arr["editsecret"]);
        if (preg_match('/^ *$/s', $sec))
          httperr();
        if ($md5 != md5($sec . $email . $arr["passhash"] . $sec))
          httperr();

        // generate new password;
        $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

  $newpassword = "";
  for ($i = 0; $i < 10; $i++)
    $newpassword .= $chars[mt_rand(0, strlen($chars) - 1)];

         $sec = mksecret();

  $newpasshash = md5($sec . $newpassword . $sec);

        sql_query("UPDATE users SET secret=" . sqlesc($sec) . ", editsecret='', passhash=" . sqlesc($newpasshash) . " WHERE id=$id AND editsecret=" . sqlesc($arr["editsecret"]));

        if (!mysql_affected_rows())
                newerr("Error", "Unable to update user data. Please contact an administrator about this error.");

  newerr("Success", "Your new password is <b>$newpassword</b> and a remind if you don't remember your login name, its <b>{$arr["username"]}</b>.");
}
else
{
         stdhead();
        ?>
        <h1>Recover lost user name or password</h1>
        <p>Use the form below to have your password reset and your account details mailed back to you.<br>
  (You will have to reply to a confirmation email.)</p>
        <form method=post action=recover.php>
        <table border=1 cellspacing=0 cellpadding=10>
        <tr><td class=rowhead>Registered email</td>
        <td><input type=text size=40 name=email></td></tr>
        <tr><td colspan=2 align=center><input type=submit value='Do it!' class=btn></td></tr>
        </table>
        <?
        stdfoot();
}

?>
Reply With Quote
  #5  
Old 9th July 2009, 15:39
animezon's Avatar
animezon animezon is offline
Senior Member
 
Join Date: Jun 2009
P2P
Posts: 21
Default hello
i need these tooooo i got the same erro
Reply With Quote
  #6  
Old 9th July 2009, 21:35
kp380lv's Avatar
kp380lv kp380lv is offline
Senior Member
 
Join Date: May 2008
Latvia
Posts: 388
Default
Try my Nehalem code..should work for you.

Code:
<?
/*recover.php modified by kp380lv*/

require "include/bittorrent.php";
dbconn();

if ($_SERVER["REQUEST_METHOD"] == "POST")
{
  $email = trim($_POST["email"]);
  if (!$email)
    stderr($tracker_lang['error'], "You must enter an email address");
  $res = sql_query("SELECT * FROM users WHERE email=" . sqlesc($email) . " LIMIT 1") or sqlerr(__FILE__, __LINE__);
  $arr = mysql_fetch_assoc($res) or stderr($tracker_lang['error'], "The email address was not found in the database.\n");

    $sec = mksecret();

  sql_query("UPDATE users SET editsecret=" . sqlesc($sec) . " WHERE id=" . $arr["id"]) or sqlerr(__FILE__, __LINE__);
  if (!mysql_affected_rows())
      stderr($tracker_lang['error'], "Database error. Please contact an administrator about this.");

  $hash = md5($sec . $email . $arr["passhash"] . $sec);

  $body = <<<EOD
Someone, hopefully you, requested that the password for the account
associated with this email address ($email) be reset.

If you did not do this ignore this email. Please do not reply.

Should you wish to confirm this request, please follow this link:

$DEFAULTBASEURL/recover.php?confirm&id={$arr["id"]}&secret=$hash


After you do this, your password will be reset and emailed back to you.

-- 
$SITENAME
EOD;

    mail($arr["email"], "$DEFAULTBASEURL password reset confirmation from", $body, "From: $SITEEMAIL");
    
    stderr($tracker_lang['success'], "A confirmation email has been mailed.\n" .
        " Please allow a few minutes for the mail to arrive.");
}
elseif(isset($_GET['confirm']))
{
//    if (!preg_match(':^/(\d{1,10})/([\w]{32})/(.+)$:', $_SERVER["PATH_INFO"], $matches))
//      httperr();

//    $id = 0 + $matches[1];
//    $md5 = $matches[2];

          if (!is_valid_id($_GET["id"]))
            stderr($tracker_lang['error'], $tracker_lang['invalid_id']);
      
      
  $id = 0 + $_GET["id"];
  $md5 = $_GET["secret"];

    $res = sql_query("SELECT username, email, passhash, editsecret FROM users WHERE id = $id");
    $arr = mysql_fetch_array($res) or stderr($tracker_lang['error'],"??? ???????????? ? ????? ID");

  $email = $arr["email"];

    $sec = hash_pad($arr["editsecret"]);
    if (preg_match('/^ *$/s', $sec))
   stderr($tracker_lang['error'],"Error");
    if ($md5 != md5($sec . $email . $arr["passhash"] . $sec))
   stderr($tracker_lang['error'],"Error");

    // generate new password;
    $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

  $newpassword = "";
  for ($i = 0; $i < 10; $i++)
    $newpassword .= $chars[mt_rand(0, strlen($chars) - 1)];

     $sec = mksecret();

  $newpasshash = md5($sec . $newpassword . $sec);

    sql_query("UPDATE users SET secret=" . sqlesc($sec) . ", editsecret='', passhash=" . sqlesc($newpasshash) . " WHERE id=$id AND editsecret=" . sqlesc($arr["editsecret"]));

    if (!mysql_affected_rows())
        stderr($tracker_lang['error'], "Unable to update user data. Please contact an administrator about this error.");

  $body = <<<EOD
As per your request we have generated a new password for your account.

Here is the information we now have on file for this account:

    User name: {$arr["username"]}
    Password:       $newpassword

You may login at: $DEFAULTBASEURL/login.php

-- 
$SITENAME
EOD;

      mail($email, "$DEFAULTBASEURL account details", $body, "From: $SITEEMAIL");
  stderr($tracker_lang['success'], "The new account details have been mailed to <b>$email</b>.\n" .
    "Please allow a few minutes for the mail to arrive.");
}
else
{
     stdhead("Recover lost user name or password");
    ?>
    <form method="post" action="recover.php">
    <table border="1" cellspacing="0" cellpadding="5">
    <tr><td class="colhead" colspan="2">Recover user name or password</td></tr>
    <tr><td colspan="2">Use the form below to have your password reset and<br /> your account details mailed back to you.<br /><br />
    You will have to reply to a confirmation email.</td></tr>
    <tr><td class="rowhead">Registered email</td>
    <td><input type="text" size="40" name="email"></td></tr>
    <tr><td colspan="2" align="center"><input type="submit" value="Recover!"></td></tr>
    </table>
    <?
    stdfoot();
}
/*recover.php modified by kp380lv*/
?>
Reply With Quote
The Following User Says Thank You to kp380lv For This Useful Post:
Masterdan (9th July 2009)
  #7  
Old 9th July 2009, 22:00
animezon's Avatar
animezon animezon is offline
Senior Member
 
Join Date: Jun 2009
P2P
Posts: 21
Default error
Code:
Fatal error: Call to undefined function stderr() in /hsphere/local/home/myurl/recover.php on line 42
when i clink recover

/recover.php on line 102 when open the link on mail but ist does all the process and the pass the mail gives me dont work to login on the site, how fix these
Reply With Quote
Reply

Tags
recoverpassword

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
help recover animezon Yuna Scatari Edition (YSE) 1 20th March 2010 21:40
smtp user name and password sri Torrent Strike 1 12th March 2010 21:42
Password Prob. MsTx Community Cafe 1 6th March 2010 15:14
Password ceausescu Community Cafe 2 12th October 2009 09:31
Recover animezon Yuna Scatari Edition (YSE) 2 14th August 2009 22:07



All times are GMT +2. The time now is 00:07. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2021, vBulletin Solutions Inc.