real_escape_string($_POST['crkey']); $rnpass = $mysqli->real_escape_string($_POST['rnpass']); $cuser = $mysqli->real_escape_string($_POST['cuser']); $npass = $mysqli->real_escape_string($_POST['npass']); $userinfoc = $polrauth->getinfomu($cuser); // fetch info if ($userinfoc == false) { echo "

That username is not associated with any account. Please try again.

" . "
" . "Back"; require_once 'footer.php'; die(); } if ($userinfoc == false) { // if user does not exist require_once 'header.php'; echo "

User or key invalid or already used.

"; require_once 'footer.php'; die(); } if ($userinfoc['rkey'] == $_POST['crkey']) { // if rkey & user check out if ($npass != $rnpass) { // if new pass & repeat don't match require_once 'header.php'; echo "

Passwords don't match. Try again. (click the link in the email again)

"; require_once 'footer.php'; die(); } else { // all checks out $fpass->changepass($npass, $cuser); // change pass $polrauth->crkey($cuser); //change rkey require_once 'header.php'; echo "

Password changed.

"; require_once 'footer.php'; die(); } } } $fpass = new fpass(); if (isset($_GET['key']) && isset($_GET['username'])) { $username = $mysqli->real_escape_string($_GET['username']); $userinfoc = $polrauth->getinfomu($username); // fetch info if ($userinfoc == false) { echo "

That username is not associated with any account. Please try again.

" . "
" . "Back"; require_once 'footer.php'; die(); } if ($userinfoc == false) { // if user does not exist require_once 'header.php'; echo "

User or key invalid or already used.

"; require_once 'footer.php'; die(); } //var_dump($userinfoc); if ($userinfoc['rkey'] == $_GET['key']) { require_once 'header.php'; echo "

Change Password for {$_GET['username']}

"; echo "
" . "" . "" . "" . "" . "

" . "" . "
"; echo ""; require_once 'footer.php'; die(); } } /* if (isset($_POST['username']) == true && isset($_POST['key']) == true) { } */ @$email = $_POST['email']; if (!$email) { // if requesting form echo "

Forgot your password?

" . "
" . "
" . "
" . "" . "
"; require_once 'footer.php'; die(); } if (strlen($email) < 5) { echo "

Forgot your password?

" . "
" . "
" . "" . "" . "
"; require_once 'footer.php'; die(); } $email = $mysqli->real_escape_string($_POST['email']); $userinfo = $polrauth->getinfome($email); if ($userinfo == false) { echo "

That email is not associated with any account. Please try again.

" . "
" . "Back"; require_once 'footer.php'; die(); } $rkey = $userinfo['rkey']; $username = $userinfo['username']; $fpass->sendfmail($email, $username, $rkey); // send the email echo "Email successfully sent. Check your inbox for more info."; require_once 'footer.php';