This blob has been accessed 307 times via Git panel.
- <?php
- session_start();
- header("Cache-control: private");
- if (file_exists("data/lite.txt")) {
- }
- if (!file_exists("data/reset.txt")) {
- }
- error_reporting(E_ERROR);
- require("core.php");
- if (file_exists("data/offset.txt")) {
- $offset = file_get_contents("data/offset.txt");
- }
- else {
- $offset = 0;
- }
- if (file_exists("data/bb-min-age.txt")) {
- $minage = file_get_contents("data/bb-min-age.txt");
- }
- else {
- $minage = 5;
- }
- if (file_exists("data/bb-max-age.txt")) {
- $maxage = file_get_contents("data/bb-max-age.txt");
- }
- else {
- $maxage = 125;
- }
- ?>
- <title>Reset</title>
- <style>
- body {
- color: #666666;
- margin: 10px;
- padding: 0px;
- text-align: left;
- font-family: <?php
- if (file_exists("data/fonts/body.txt")) {
- $font_body = file_get_contents("data/fonts/body.txt");
- echo "{$font_body},";
- }
- ?> arial, helvetica, sans-serif;
- background-color: #FFFFFF;
- }
- p {
- font-size: 11px;
- }
- a {
- font-weight: bold;
- text-decoration: none;
- }
- a:link, a:visited {
- color: #666666;
- }
- a:hover {
- color: #336699;
- }
- a:active {
- color: #336699;
- }
- .input {
- color: #666666;
- background: #ffffff;
- border: #999999 solid 1px;
- width: 125px;
- font-family: <?php
- if (file_exists("data/fonts/input.txt")) {
- $font_input = file_get_contents("data/fonts/input.txt");
- echo "{$font_input},";
- }
- ?> arial, helvetica, sans-serif;
- font-size: 11px;
- }
- </style>
- <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
- <input required autofocus autocomplete=off class=input type=text name=username>
- <input required autocomplete=off class=input type=email name=addr>
- <input required autocomplete=off class=input type=text name=bday>
- <input class=input type=submit value=reset>
- </form>
- <?php
- if (isset($_POST['username']) and !empty($_POST['username']) and isset($_POST['addr']) and !empty($_POST['addr']) and file_exists("data/members/active/{$_POST['username']}") and file_exists("data/bb.txt") and (trim(strtolower($_POST['addr'])) == file_get_contents("data/members/active/{$_POST['username']}/email.txt")) and isset($_POST['bday']) and !empty($_POST['bday']) and file_exists("data/members/active/{$_POST['username']}/bday.txt") and (strlen($_POST['bday']) == "8") and is_numeric($_POST['bday']) and ((round((date("Ymd", time() + $offset) - $_POST['bday']) * 0.0001)) >= $minage) and ((round((date("Ymd", time() + $offset) - $_POST['bday']) * 0.0001)) <= $maxage) and ($_POST['bday'] == file_get_contents("data/members/active/{$_POST['username']}/bday.txt"))) {
- $username = $_POST['username'];
- function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789') {
- $str = '';
- list($usec, $sec) = explode(' ', microtime());
- $seed = (float) $sec + ((float) $usec * 100000);
- mt_srand($seed);
- for ($i = 0; $length > $i; $i++) {
- $str .= $seeds{mt_rand(0, $seeds_count - 1)};
- }
- return $str;
- }
- $password = str_rand(16);
- /* Fun with crypt! */
- $passwd = sha1($password);
- $passwd = md5($passwd);
- $passwd = crypt($passwd, $passwd);
- if (file_exists("data/members/active/$username/resetx.txt")) {
- $resetx = file_get_contents("data/members/active/$username/resetx.txt");
- }
- else {
- $resetx = 0;
- }
- $resetx = $resetx + 1;
- $firstname = file_get_contents("data/members/active/$username/firstname.txt");
- $lastname = file_get_contents("data/members/active/$username/lastname.txt");
- $email = file_get_contents("data/members/active/$username/email.txt");
- $from_email = file_get_contents("data/email.txt");
- $mailer = 'MAJ/2.0 (PHP/' . phpversion() . ')';
- $sig_author = file_get_contents("data/author.txt");
- $from_email = '"' . $sig_author . '" <' . $from_email . '>';
- $email = '"' . "$firstname $lastname" . '" <' . $email . '>';
- $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
- $sig_url = str_replace('//', '/', $sig_url);
- $sig_url = "http://" . $sig_url;
- $reset_notice = "Password for $username at $sig_url reset by $firstname $lastname.";
- $reset_notice = wordwrap($reset_notice);
- $password_notice = "Hi $firstname,\n\nYour password for $sig_url has been reset as requested.\n\nThe new password for \"$username\" is \"$password\" (case-sensitive). Please change this as soon as possible. For security reasons, your password on record is encrypted - you're the only one who knows what it is.\n\nPlease feel free to e-mail me if you need further assistance.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
- $password_notice = wordwrap($password_notice);
- mail($from_email, "password reset notice ($username)", $reset_notice,
- "From: $from_email\r\n" .
- "Reply-To: $from_email\r\n" .
- "X-Mailer: $mailer");
- mail($email, "password reset notice ($username)", $password_notice,
- "From: $from_email\r\n" .
- "Reply-To: $from_email\r\n" .
- "X-Mailer: $mailer");
- echo "<p><font style=\"font-size: 12px;\"><b>Password Reset</b></font></p><p>Check your ";
- readfile("data/members/active/$username/email.txt");
- echo " account for your new password.";
- }
- else {
- echo "<p>Enter your username, e-mail address, and birthdate (YYYYMMDD) above to reset your password.";
- }
- ?>
- <br>Click <a href=login.php>here</a> to login. Click <a href=index.php>here</a> to go to the index page.</p>
