maj.world

<?php

 

require("core.php");

 

if (file_exists("$maj_data_directory/lite.txt")) {

        exit();

 

if (!file_exists("$maj_data_directory/reset.txt")) {

        exit();

 

if (file_exists("$maj_data_directory/bb-min-age.txt")) {

        $minage = file_get_contents("$maj_data_directory/bb-min-age.txt");

else {

        $minage = 5;

 

if (file_exists("$maj_data_directory/bb-max-age.txt")) {

        $maxage = file_get_contents("$maj_data_directory/bb-max-age.txt");

else {

        $maxage = 125;

 

include("css.php");

 

echo "\n<style> body { margin: {$maj_wspace}px; } .input, .click { width: 200px; } </style>\n";

 

 

<title>Reset</title>

 

<form enctype="multipart/form-data" method="post">

<input required autofocus autocomplete="off" class="input" type="text" name="username">

<input required autocomplete="off" class="input" type="email" name="addr">

<input required autocomplete="off" class="input" type="text" name="bday">

<input class="click" type="submit" value="reset">

</form>

 

<?php

 

if (isset($_POST['username']) and !empty($_POST['username']) and isset($_POST['addr']) and !empty($_POST['addr']) and file_exists("$maj_data_directory/members/active/{$_POST['username']}") and file_exists("$maj_data_directory/bb.txt") and (trim(mb_strtolower($_POST['addr'])) == file_get_contents("$maj_data_directory/members/active/{$_POST['username']}/email.txt")) and isset($_POST['bday']) and !empty($_POST['bday']) and file_exists("$maj_data_directory/members/active/{$_POST['username']}/bday.txt") and (mb_strlen($_POST['bday']) == "8") and is_numeric($_POST['bday']) and ((round((date("Ymd", time() + $maj_offset) - $_POST['bday']) * 0.0001)) >= $minage) and ((round((date("Ymd", time() + $maj_offset) - $_POST['bday']) * 0.0001)) <= $maxage) and ($_POST['bday'] == file_get_contents("$maj_data_directory/members/active/{$_POST['username']}/bday.txt"))) {

 

        $username = trim(strip_tags($_POST['username']));

        $password = str_rand(16);

       

        /* Fun with crypt! */

        $passwd = sha1($password);

        $passwd = md5($passwd);

        $passwd = crypt($passwd, $passwd);

 

        $fp_passwd_txt = fopen("$maj_data_directory/members/active/$username/password.txt","w");

        fwrite($fp_passwd_txt,$passwd);

        fclose($fp_passwd_txt);

       

        if (file_exists("$maj_data_directory/members/active/$username/bb-resetx.txt")) {

                $resetx = file_get_contents("$maj_data_directory/members/active/$username/bb-resetx.txt");

        }

        else {

                $resetx = 0;

        }

 

        $resetx = $resetx + 1;

 

        $fp_resetx_txt = fopen("$maj_data_directory/members/active/$username/bb-resetx.txt","w");

        fwrite($fp_resetx_txt,$resetx);

        fclose($fp_resetx_txt);

 

        $resetl = date("Ymd", time() + $maj_offset);

        $fp_resetl_txt = fopen("$maj_data_directory/members/active/$username/bb-resetl.txt","w");

        fwrite($fp_resetl_txt,$resetl);

        fclose($fp_resetl_txt);

 

        $firstname = file_get_contents("$maj_data_directory/members/active/$username/firstname.txt");

        $lastname = file_get_contents("$maj_data_directory/members/active/$username/lastname.txt");

        $email = file_get_contents("$maj_data_directory/members/active/$username/email.txt");

        $from_email = file_get_contents("$maj_data_directory/email.txt");

 

        $mailer = 'MAJ/2.0 (PHP/' . phpversion() . ')';

 

        $sig_author = file_get_contents("$maj_data_directory/author.txt");

 

        $from_email = '"' . $sig_author . '" <' . $from_email . '>';

        $email = '"' . "$firstname $lastname" . '" <' . $email . '>';

 

        $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";

        $sig_url = str_replace('//', '/', $sig_url);

        $sig_url = "http://" . $sig_url;

 

        $reset_notice = "Password for $username at $sig_url reset by $firstname $lastname.";

        //$reset_notice = wordwrap($reset_notice);

 

        $password_notice = "Hi $firstname,\n\nYour password for $sig_url has been reset as requested.\n\nThe new password for \"$username\" is \"$password\" (case-sensitive). Please change this as soon as possible. For security reasons, your password on record is encrypted - you're the only one who knows what it is.\n\nPlease feel free to e-mail me if you need further assistance.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";

        //$password_notice = wordwrap($password_notice);

 

        mb_send_mail($from_email, "password reset notice ($username)", $reset_notice,

                "From: $from_email\r\n" .

                "Reply-To: $from_email\r\n" .

                "X-Mailer: $mailer");

 

        mb_send_mail($email, "password reset notice ($username)", $password_notice,

                "From: $from_email\r\n" .

                "Reply-To: $from_email\r\n" .

                "X-Mailer: $mailer");

 

        if (file_exists("$maj_data_directory/members/active/$username/bb-lockout.txt")) {

                unlink("$maj_data_directory/members/active/$username/bb-lockout.txt");

        }

 

        echo "<p><font style=\"font-size: 12px;\"><b>Password Reset</b></font></p><p>Check your ";

        readfile("$maj_data_directory/members/active/$username/email.txt");

        echo " account for your new password.";

else {

        echo "<p>Enter your username, e-mail address, and birthdate (YYYYMMDD) above to reset your password.";

 

 

<br>Click <a href="login.php">here</a> to login. Click <a href=".">here</a> to go to the index page.</p>