-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrecoverpassword.php
88 lines (40 loc) · 1.89 KB
/
recoverpassword.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
include 'credentials.php';
$email="";
if($_POST['emailrecover'])
{
$email=($_POST['emailrecover']);
}
//echo $email;
$con = mysql_connect($server, $username, $password) or die ("Could not connect: " . mysql_error());
mysql_select_db($database, $con);
$con = mysql_connect($server, $username, $password) or die ("Could not connect: " . mysql_error());
mysql_select_db($database, $con);
$found =0;
$sql = "SELECT password FROM users where email LIKE '" . $email . "'";
$result = mysql_query($sql) or die ("Query error: " . mysql_error());
while($row = mysql_fetch_array($result)) {
$found = $row[0];
}
if ($found === 0){
echo '{"response":"0", "msg": "' . "email not found" . '"}';
}
else{
//echo "sending email";
$custo = '08';
$salt = 'Cf1213eParGlBJoOM0F6aJ';
// Gera um hash baseado em bcrypt
$hash = crypt($email . 'ybus', '$2a$' . $custo . '$' . $salt . '$');
//echo "<br>";
//echo $hash;
//echo $hash;
$sql = "UPDATE users SET retrievepassword= '" . $hash ."' WHERE email LIKE '" . $email . "'";
//echo $sql;
$result = mysql_query($sql) or die ("Query error: " . mysql_error());
$email = str_replace("%40","@",$email);
//echo $email;
mail($email,"Password Recovery from Javascript/Ajax System by Y-bus","Click on link to create new password: http://deeplook.com.br/js_ajax_crud/resetpassword.php?token=" . $hash . "&email=" . $email);
echo '{"response":"1", "msg": "' . "email sent" . '"}';
}
mysql_close($con);
?>