New account passwod emailer

[jang]

Hi.
Made this script to help admins with forgetful players who at odd times forgets account password. mostly it happens if one player have more than one account.
Basically it asks player for account and e-mail address, then checks accounts table. If found match, generates a random password, changes password in accounts table and sends it to the e-mail.

Important!
This script works only for server who uses encrypted passwords, because new password is encrypted and then saved in accounts table.

Code:

<?php

echo "<link href='style.css' type='text/css' rel='stylesheet'>"; 
echo "<html><body>";
echo "<center><table>";
echo "<tr><td colspan=2 align=center><IMG SRC=img/email_icon.gif WIDTH=299 HEIGHT=299></td></tr>";

$ip=$_SERVER['REMOTE_ADDR']; //gets ip address
$datums = DATE("Y, j. F, G:i"); //gets date
$r = rand(1,9); //gen number 1
$r2 = rand(1,9); //gen number 2
$sum = $r+$r2; //sum
	$account = $_POST['account'];
	$recipient = $_POST['email'];
	$verif = $_POST['verif'];
	$overif = $_POST['overif'];


 $aHost = "localhost"; // host name
 $aDatabase = "logon"; // Accounts/logon DB name
 $aPort = "3306"; //Default 3306
 $aUsername = "root"; //mysql server user
 $aPass = "pass"; //mysql server password
 
 $smtp = 'mail.example.com'; // Your ISP SMTP mail server address or your SMTP server address, if You have.
 $subject = "New password"; // email subject
 $Name = "X server"; //senders name
 $email = "[email protected]"; //senders e-mail adress

 $randpass = rand(1134167, 9999999); //random number for new password.
	
 $mail_body = "Dear ".$account.",\n This email sent about forgotten password.\n\n Request date: '".$datums."' from ip address '".$ip."'\n Your new password for account '".$account."' is '".$randpass."'.\n If You did not request for new password, conntact with server administration.\n\n Please do not replay this message, it is automaticly sent."; //mail body

//no need to edit below this line
function shitChecker($str)
{
    $var = preg_match('/[^a-zA-Z]/', $str);
	return $var;
}
function shitCheckerNum($str)
{
  $var = preg_match('/[^a-zA-Z0-9]/', $str);
  return $var;
}

if(isset($_POST['submit']))
{    

    //Connect to accounts database
	$con = mysql_connect($aHost.":".$aPort, $aUsername, $aPass) or die(mysql_error());
	mysql_select_db($aDatabase) or die(mysql_error());

    //Remove bullshit from the user inputs(Sorta pointless as i use regex in a second...
	$account = mysql_real_escape_string(html_entity_decode(htmlentities($account)));
	
	echo "<tr><td align=center>";

    if(shitCheckerNum($account) == 1)
    {
      die("Error: Account contains invalid characters!");
    }
   
	if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $recipient)) 
	{
		 die("Wrong e-mail!");
	}
	$query = "SELECT acct FROM accounts WHERE login = '".$account."' AND email = '".$recipient."'";

	$result = mysql_query($query) or die(mysql_error());
	$numrows = mysql_num_rows($result);
	

    //If no rows, means invalid user/pass, die.
	if($numrows == 0)
	{
		die("No such account with that e-mail!");
	}
	
	if($verif != $overif)
	{
		die("Sum does not match!");
	}


    //Change pass to new password
	$criptedNew = SHA1(strtoupper($account).':'.strtoupper($randpass)); //sha($passwordOld);

		$query = "UPDATE accounts SET encrypted_password = '".$criptedNew."' WHERE login = '".$account."'";
		$result = mysql_query($query) or die(mysql_error());				
		$header = "From: ". $Name . " <" . $email . ">\r\n";
		ini_set('SMTP', $smtp); //sets SMTP server. - no need to change php.ini file
		mail($recipient, $subject, $mail_body, $header); //sends the email


	echo "Password for account '".$account."' changed and sent to<BR> e-mail address '".$recipient."'. Please check your inbox.";
	echo "<BR>";

	echo "</td></tr>";

	//close mysql connection
	mysql_close();
}
else
{
	echo "<form name=myform method=post action=".$PHP_SELF.">";
	echo "<tr><td colspan=2 align=center><font size=4>Forgotten password</td></tr>";
	echo "<tr><td width=125>Account Name: </td><td><input type=text name=account value=''></td></tr>";
	echo "<tr><td width=125>E-mail: </td><td><input type=text name=email value=''></td></tr>";
	echo "<tr><td width=125>Sum of: (".$r."+".$r2.")=</td><td><input type=text name=verif value=''></td></tr>";
	echo "<tr><td colspan=2 align=center><br><input type=submit name=submit value=Aiziet></td></tr>";
	echo "<tr><td colspan=2 align=center>(Press once)</td></tr>";	
	echo "<INPUT TYPE=hidden name=overif value='".$sum."'>";
	echo "</form>";
	
}

echo "</table></center>";
echo "<br>by jang";

?>

Installation.

• Just place this code as php file in root directory or root/components directory, if using Ascent CMS. (for example: emailer.php or something)

Setup.

• $aHost = "localhost"; // host name
• $aDatabase = "logon"; // Accounts/logon DB name
• $aPort = "3306"; //Default 3306
• $aUsername = "root"; //mysql server user
• $aPass = "pass"; //mysql server password
  
• $smtp = 'mail.example.com'; // Your ISP SMTP mail server address or your SMTP server address, if You have.
• $subject = "New password"; // email subject
• $Name = "X server"; //senders name
• $email = "[email protected]"; //senders e-mail adress
  
• $mail_body = ''; //mail boody - the text

Credits

• Some pieces of code from Bellatrix components scripts

Later more codes from me.. :wave:
p.s. sorry for mistake in thread caption

[stoneharry]

36 views 0 comments; I felt I needed to comment.
Looks good but in the script that dark blue is a nightmare to read.
+Rep x2

[Hyldran0]

hehe I agree whit Stoneharry xD it's a bit harde to read xD but anyways +rep from me and a really nice work i will use this on my server

[Trollin]

Very interesting, +REP.

[undeadspwan]

i think the same thing as well you need to just clean it up a bit other than that it works great just need to fix the background

[senkin]

+Rep

Thank you, this helps me make the other pages I will need.

[undeadspwan]

I'm trying to change the background from black cause the text isn't showing up.

[karal007]

mangos version ??

[jang]

I'm trying to change the background from black cause the text isn't showing up.

Try change this line

Code:

echo "<html><body>";

to

Code:

echo "<html><body bgcolor='white'>";

mangos version ??

Arcemu. Not sure that mangos uses same encryption method and algorithm.