added password recovery
authorAlexander Schmidt <alex@treefish.org>
Wed, 8 May 2013 12:23:37 +0000 (14:23 +0200)
committerAlexander Schmidt <alex@treefish.org>
Wed, 8 May 2013 12:23:37 +0000 (14:23 +0200)
include/nav.inc
passrecover.php [new file with mode: 0644]

index 59f1950..9b37f9c 100644 (file)
@@ -12,7 +12,9 @@
 <a href="summary.php">summary</a>
  | 
 <a href="register.php">register</a>
- | 
+ |
+<a href="passrecover.php">recover password</a>
+ |
 <a href="admin">ADMIN</a>
 
 <br><br>
diff --git a/passrecover.php b/passrecover.php
new file mode 100644 (file)
index 0000000..a041ccc
--- /dev/null
@@ -0,0 +1,51 @@
+<?php
+  require 'include/head.inc';
+  require 'include/db.inc';
+  require 'include/common.inc';
+
+  if(isset($_POST['submit']) && $_POST['mnumber']!="") {
+    $mnumber = trim($_POST['mnumber']);
+
+    if( ! is_numeric($mnumber) ) {
+      block("red", "Mat.nummer has to be numeric!");
+    }
+    else {
+      if($db->query("SELECT COUNT(*) FROM students WHERE mnumber = $mnumber")->fetch(PDO::FETCH_NUM)[0] == 0) {
+        print '<table bgcolor="red">';
+        print '<tr><th><b><font color="white">Mat.nummer not found</font></b></th><tr>';
+        print '</table>';
+      }
+      else {
+        $userinfo = $db->query("SELECT firstname,lastname,email,password FROM students WHERE mnumber=$mnumber")->fetch(PDO::FETCH_NUM);
+
+        // send password-email //
+        $nachricht = "Hello $userinfo[0]($mnumber)!\nThis is a password-recovery mail for the exercise " . $PREFS['exname'] . " (" . $PREFS['groupname'] . ").\nYour forgotten password is: $userinfo[3]\n\nYours,\nBanana.";
+        $header = 'From: banana@treefish.org' . "\r\n" .
+        'Reply-To: noreply@treefish.org' . "\r\n" .
+        'X-Mailer: PHP/' . phpversion();
+        mail($userinfo[2], "Banana password-recovery: " . $PREFS['exname'] . " (" . $PREFS['groupname'] . ")", $nachricht, $header);
+
+        print "<table bgcolor=\"lightgreen\">";
+          print "<tr><th><b><font color=\"white\">sent password to your email-address</font></b></th><tr>";
+        print "</table>";
+      }
+    }
+  }
+?>
+
+<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
+  <table bgcolor="black">
+    <tr><th><b><font color="white">Password recovery</font></b></th><tr>
+  </table>
+
+  <table>
+    <tr>  
+      <th align="left">Mat.nummer:</th> <th align="left"><input type="text" name="mnumber"></th>
+    </tr>
+    <tr><th colspan=2></th></tr>
+
+    <tr>
+      <th align="left"><input type="submit" name="submit" value="Recover password"></th> <th></th>
+    </tr>
+  </table>
+</form>