if (!defined('RECOVER')) die('Appel direct ne sont pas permis'); define('SIZE_REQUEST', 70); require_once NOALYSS_INCLUDE.'/class_html_input.php'; /** * @brief generate a random string of char * @param $car int length of the string */ function generate_random($car) { $string=""; $chaine="abcdefghijklmnpqrstuvwxyABCDEFGHIJKLMNPQRSTUVWXY0123456789"; srand((double) microtime()*1020030); for ($i=0; $i<$car; $i++) { $string .= $chaine[rand()%strlen($chaine)]; } return $string; } /** * @file * @brief * @param type $name Descriptionara */ $action=HtmlInput::default_value_request("id", ""); if ($action=="") : /* * Display dialog box */ ?> Donnez votre login ou votre email
login or email
get_array("select use_id,use_email,use_login from ac_users where lower(use_login)=lower($1) " , array($login_input)); elseif (trim($email_input)!=""): $array=$cn->get_array("select use_id,use_email,use_login from ac_users where " ." lower(use_email)=lower($1) ", array( $email_input)); else: return; endif; if ($cn->size()!=0): list($user_id, $user_email, $user_login)=array_values($array[0]); if (trim($user_email)!=" ") : $valid=true; endif; endif; if ($valid==true): $request_id=generate_random(SIZE_REQUEST); $user_password=generate_random(10); /* * save the request into */ $cn->exec_sql("insert into recover_pass(use_id,request,password,created_on,created_host) " ." values ($1,$2,$3,now(),$4)", array($user_id, $request_id, $user_password, $_SERVER['REMOTE_ADDR'])); /* * send an email */ $mail=new Sendmail(); $mail->set_from(ADMIN_WEB); $mail->mailto($user_email); $mail->set_subject("NOALYSS : Réinitialisation de mot de passe"); $message=<<set_message($message); $mail->compose(); $mail->send(); echo '

L\'email a été envoyé avec un lien et le nouveau mot de passe, vérifiez vos spams

'; endif; elseif ($action=="req") : $request_id=HtmlInput::default_value_request("req", ""); if (strlen(trim($request_id))==SIZE_REQUEST) : require_once NOALYSS_INCLUDE.'/class_database.php'; $cn=new Database(0); $value=$cn->get_value("select password from recover_pass where request=$1 and created_on > now() - interval '12 hours' and recover_on is null", array($request_id)); if ($cn->get_affected()>0) : $cn->exec_sql("update ac_users set use_pass=md5(rp.password) from recover_pass as rp where rp.use_id=ac_users.use_id and request=$1", array($request_id)); $cn->exec_sql("update recover_pass set recover_by=$1 , recover_on=now() where request=$2", array($_SERVER['REMOTE_ADDR'],$request_id)); ?>

Opération réussie , vous pouvez vous connecter avec votre nouveau mot de passe