Hi.
Made this script to help admins with forgetful players who at odd times forgets account password. mostly it happens if one player have more than one account.
Basically it asks player for account and e-mail address, then checks accounts table. If found match, generates a random password, changes password in accounts table and sends it to the e-mail.
Important!
This script works only for server who uses encrypted passwords, because new password is encrypted and then saved in accounts table.
Code:
<?php
echo "<link href='style.css' type='text/css' rel='stylesheet'>";
echo "<html><body>";
echo "<center><table>";
echo "<tr><td colspan=2 align=center><IMG SRC=img/email_icon.gif WIDTH=299 HEIGHT=299></td></tr>";
$ip=$_SERVER['REMOTE_ADDR']; //gets ip address
$datums = DATE("Y, j. F, G:i"); //gets date
$r = rand(1,9); //gen number 1
$r2 = rand(1,9); //gen number 2
$sum = $r+$r2; //sum
$account = $_POST['account'];
$recipient = $_POST['email'];
$verif = $_POST['verif'];
$overif = $_POST['overif'];
$aHost = "localhost"; // host name
$aDatabase = "logon"; // Accounts/logon DB name
$aPort = "3306"; //Default 3306
$aUsername = "root"; //mysql server user
$aPass = "pass"; //mysql server password
$smtp = 'mail.example.com'; // Your ISP SMTP mail server address or your SMTP server address, if You have.
$subject = "New password"; // email subject
$Name = "X server"; //senders name
$email = "[email protected]"; //senders e-mail adress
$randpass = rand(1134167, 9999999); //random number for new password.
$mail_body = "Dear ".$account.",\n This email sent about forgotten password.\n\n Request date: '".$datums."' from ip address '".$ip."'\n Your new password for account '".$account."' is '".$randpass."'.\n If You did not request for new password, conntact with server administration.\n\n Please do not replay this message, it is automaticly sent."; //mail body
//no need to edit below this line
function shitChecker($str)
{
$var = preg_match('/[^a-zA-Z]/', $str);
return $var;
}
function shitCheckerNum($str)
{
$var = preg_match('/[^a-zA-Z0-9]/', $str);
return $var;
}
if(isset($_POST['submit']))
{
//Connect to accounts database
$con = mysql_connect($aHost.":".$aPort, $aUsername, $aPass) or die(mysql_error());
mysql_select_db($aDatabase) or die(mysql_error());
//Remove bullshit from the user inputs(Sorta pointless as i use regex in a second...
$account = mysql_real_escape_string(html_entity_decode(htmlentities($account)));
echo "<tr><td align=center>";
if(shitCheckerNum($account) == 1)
{
die("Error: Account contains invalid characters!");
}
if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $recipient))
{
die("Wrong e-mail!");
}
$query = "SELECT acct FROM accounts WHERE login = '".$account."' AND email = '".$recipient."'";
$result = mysql_query($query) or die(mysql_error());
$numrows = mysql_num_rows($result);
//If no rows, means invalid user/pass, die.
if($numrows == 0)
{
die("No such account with that e-mail!");
}
if($verif != $overif)
{
die("Sum does not match!");
}
//Change pass to new password
$criptedNew = SHA1(strtoupper($account).':'.strtoupper($randpass)); //sha($passwordOld);
$query = "UPDATE accounts SET encrypted_password = '".$criptedNew."' WHERE login = '".$account."'";
$result = mysql_query($query) or die(mysql_error());
$header = "From: ". $Name . " <" . $email . ">\r\n";
ini_set('SMTP', $smtp); //sets SMTP server. - no need to change php.ini file
mail($recipient, $subject, $mail_body, $header); //sends the email
echo "Password for account '".$account."' changed and sent to<BR> e-mail address '".$recipient."'. Please check your inbox.";
echo "<BR>";
echo "</td></tr>";
//close mysql connection
mysql_close();
}
else
{
echo "<form name=myform method=post action=".$PHP_SELF.">";
echo "<tr><td colspan=2 align=center><font size=4>Forgotten password</td></tr>";
echo "<tr><td width=125>Account Name: </td><td><input type=text name=account value=''></td></tr>";
echo "<tr><td width=125>E-mail: </td><td><input type=text name=email value=''></td></tr>";
echo "<tr><td width=125>Sum of: (".$r."+".$r2.")=</td><td><input type=text name=verif value=''></td></tr>";
echo "<tr><td colspan=2 align=center><br><input type=submit name=submit value=Aiziet></td></tr>";
echo "<tr><td colspan=2 align=center>(Press once)</td></tr>";
echo "<INPUT TYPE=hidden name=overif value='".$sum."'>";
echo "</form>";
}
echo "</table></center>";
echo "<br>by jang";
?>
Installation.
- Just place this code as php file in root directory or root/components directory, if using Ascent CMS. (for example: emailer.php or something)
Setup.
- $aHost = "localhost"; // host name
- $aDatabase = "logon"; // Accounts/logon DB name
- $aPort = "3306"; //Default 3306
- $aUsername = "root"; //mysql server user
- $aPass = "pass"; //mysql server password
- $smtp = 'mail.example.com'; // Your ISP SMTP mail server address or your SMTP server address, if You have.
- $subject = "New password"; // email subject
- $Name = "X server"; //senders name
- $email = "[email protected]"; //senders e-mail adress
- $mail_body = ''; //mail boody - the text
Credits
- Some pieces of code from Bellatrix components scripts
Later more codes from me.. :wave:
p.s. sorry for mistake in thread caption