| ';
}
elseif($_POST['semail'])
{
$email = clean($_POST['semail']);
$user = mysql_fetch_array(mysql_query("SELECT `id` FROM `accounts` WHERE `email` = '$email'"));
if($user)
{
$code = "abcdefghijklmnopqrstuvwxyz01234567890123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890123456789";
for ($i = 0; $i <= 50; $i++)
{
$num = mt_rand(1,95);
$tmp = substr($code, $num, 1);
$confirmcode = $confirmcode . $tmp;
}
mysql_query("UPDATE `accounts` SET `confirmcode` = '$confirmcode', `confirmed` = 'N' WHERE `id` = '{$user['id']}'");
email('RPG Top List ', $email, 'Password recovery', 'Go here to reset your password: http://www.rpgtoplist.com/lostpass.php?semail=' . $email . '&confirmcode=' . $confirmcode, 'Click here to reset your password.RPG Top List
Only the best online games');
$main = $main . '| An email containing further instructions has been sent. |
|
';
}
}
elseif($_GET['semail'] && $_GET['confirmcode'])
{
$email = clean($_GET['semail']);
$confirm = clean($_GET['confirmcode']);
$account = mysql_fetch_array(mysql_query("SELECT * FROM `accounts` WHERE `email` ='$email' AND `confirmcode` = '$confirm'"));
if($account)
{
if($_GET['step'] != 'change')
{
$main = $main . ' |
';
}
else
{
$email = clean($_GET['semail']);
$confirm = clean($_GET['confirmcode']);
$pass = sha1(strrev(clean(md5($_POST['password']))));
mysql_query("UPDATE `accounts` SET `password` = '$pass', `confirmed` = 'Y', `confirmcode` = '' WHERE `confirmcode` = '$confirm' AND `email` = '$email'");
email('RPG Top List ', $email, 'New password', 'Your new password is' . $_POST['password'] . '.', 'Your new password is ' . $_POST['password'] . '.');
$main = $main . '| Password changed and sent to your email. |
|
';
}
}
else
{
$main = $main . ' |
';
}
}
else
{
$main = $main . '
| Password recovery |
|---|
| Email could not be found. Click here to try again. |
|
';
}
include('footer.php');
?>