<?php
$template_vars['header'] = array(
'TITLE' => $lang['PASSWORD_RECOVERY'],
'CSS' => $css
);
$template->set_vars('header', $template_vars['header']);
$key_id = isset( $_GET['key_id'] ) ? (string) $_GET['key_id'] : '';
if( get_magic_quotes_gpc() )
{
$key_id = stripslashes($key_id);
}
if( !$sql->query("DELETE FROM `" . CATALOGUE_KEYS . "` WHERE `dt` < UNIX_TIMESTAMP() - 1800;") )
{
put_error(DBMS_ERROR, htmlspecialchars($sql->error['message']), __LINE__, __FILE__);
}
if( !$sql->query("SELECT * FROM `" . CATALOGUE_KEYS . "` WHERE `key` = '" . $sql->escape_string($key_id) . "';") )
{
put_error(DBMS_ERROR, htmlspecialchars($sql->error['message']), __LINE__, __FILE__);
}
if( $sql->num_rows() < 1 )
{
$template->set_vars('body', array(
'RESULT' => $lang['ERR_INVALID_RECOVERY_KEY']
));
}
else
{
$recovery_data = $sql->fetch_assoc();
$password = random_string( 8 );
$template->load_template('language/' . $_SESSION['language'] . '/mail/passwd_recovery_step2.tpl', 'letter');
$template->set_vars('letter', array(
'ID' => $recovery_data['site_id'],
'PASSWORD' => $password,
'CATALOGUE_NAME' => $config['catalogue_name']
));
$headers = array();
$headers[] = 'From: ' . $config['catalogue_email'];
$headers[] = 'Content-Type: text/plain; charset=utf-8';
$message = $template->evaluate_tpl('letter');
$template->cancel('letter');
if( mail($recovery_data['email'], 'New password', $message, implode("\r\n", $headers)) )
{
if( !$sql->query("UPDATE `" . CATALOGUE_SITES . "` SET `password` = '" . md5($password) . "' WHERE `id` = " . $recovery_data['site_id'] . ";") )
{
put_error(DBMS_ERROR, htmlspecialchars($sql->error['message']), __LINE__, __FILE__);
}
if( !$sql->query("DELETE FROM `" . CATALOGUE_KEYS . "` WHERE `key` = '" . $sql->escape_string($key_id) . "';") )
{
put_error(DBMS_ERROR, htmlspecialchars($sql->error['message']), __LINE__, __FILE__);
}
$template->set_vars('body', array(
'RESULT' => sprintf($lang['PASSWD_RECOVERY_SUCCESS_STEP2'], $recovery_data['email'])
));
}
else
{
$template->set_vars('body', array(
'RESULT' => $lang['ERR_MAIL_FAILURE']
));
}
}
$link = array(
array('HREF' => gen_uri('authentication'), 'NAME' => $lang['LOGIN']),
array('HREF' => gen_uri('index'), 'NAME' => $lang['BACK'])
);
for($i = 0; $i < count($link); $i++)
{
$template->set_block_vars('body', 'link', $link[$i]);
}
$template_vars['footer'] = array('SWITCH_VERSION' => switch_version($m, '', ''));
$template->set_vars('footer', $template_vars['footer']);
?>