test

[banana.git] / passrecover.php

<?php
  require 'include/head.inc';
  require 'include/db.inc';
  require 'include/common.inc';

  if(isset($_POST['submit']) && $_POST['mnumber']!="") {
    $mnumber = trim($_POST['mnumber']);

    if( ! is_numeric($mnumber) ) {
      block("red", "Mat.nummer has to be numeric!");
    }
    else {
      if($db->query("SELECT COUNT(*) FROM students WHERE mnumber = $mnumber")->fetch(PDO::FETCH_NUM)[0] == 0) {
        print '<table bgcolor="red">';
        print '<tr><th><b><font color="white">Mat.nummer not found</font></b></th><tr>';
        print '</table>';
      }
      else {
        $userinfo = $db->query("SELECT firstname,lastname,email,password FROM students WHERE mnumber=$mnumber")->fetch(PDO::FETCH_NUM);

        // send password-email //
        $nachricht = "Hello $userinfo[0]($mnumber)!\nThis is a password-recovery mail for the exercise " . $PREFS['exname'] . " (" . $PREFS['groupname'] . ").\nYour forgotten password is: $userinfo[3]\n\nYours,\nBanana.";
        $header = 'From: banana@treefish.org' . "\r\n" .
        'Reply-To: noreply@treefish.org' . "\r\n" .
        'X-Mailer: PHP/' . phpversion();
        mail($userinfo[2], "Banana password-recovery: " . $PREFS['exname'] . " (" . $PREFS['groupname'] . ")", $nachricht, $header);

        print "<table bgcolor=\"lightgreen\">";
          print "<tr><th><b><font color=\"white\">sent password to your email-address</font></b></th><tr>";
        print "</table>";
      }
    }
  }
?>

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
  <table bgcolor="black">
    <tr><th><b><font color="white">Password recovery</font></b></th><tr>
  </table>

  <table>
    <tr>  
      <th align="left">Mat.nummer:</th> <th align="left"><input type="text" name="mnumber"></th>
    </tr>
    <tr><th colspan=2></th></tr>

    <tr>
      <th align="left"><input type="submit" name="submit" value="Recover password"></th> <th></th>
    </tr>
  </table>
</form>