<?php /* * * @copyright (c) 2010 animegame.eu * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence * */ include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php'); // GET-Section // Kritisch (SQL-Injections) $send = validateUnsignedInteger($_GET['send'], null); $mail = validateString($_GET['email']); function changePassword($email){ $emails = mysql_fetch_assoc(mysql_query("SELECT nickname, passwort, id FROM user WHERE mail='$email'")); if(!$emails['nickname']) { return 'E-Mailadresse gibt es nicht'; } $test = 'a'.mt_rand(1,1000000); @mail($email,'Zugangsdaten von animegame.de','Ihre Zugangsdaten,'."\n\n".'Sie lauten:'."\n\n".'Username: '.$emails['nickname']."\n\n".'Passwort: '.$test.' '."\n\n", 'From: Hecht'."\n".'Reply-To: hecht@animegame.eu'."\n".'X-Mailer: PHP/'.phpversion()); $test2 = md5($test); mysql_query('UPDATE user SET passwort=\''.$test2.'\' WHERE id='.$emails['id']); return 'Ihre Daten wurden an '.$email.' geschickt'; } if($send == 1) { echo changePassword($mail); } else{ $tmp = ''; } ?> <div align="center"> <form action="index.php" method="get"> <input type="hidden" name="as" value="pw" /> <input type="hidden" name="send" value="1" /> <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="454" height="160"> <tr> <th width="454" height="35" align="center">Passwort vergessen?</th> </tr> <tr> <td width="454" height="63" align="center"> <input id="input" name="email" size="30" value="E-Mail Addresse Eingeben"> </td> </tr> <tr> <td width="454" height="57" align="center"> <input id="input" type="submit" value="Passwort zuschicken lassen" size="20"> </td> </tr> </table> </div>