execute_command ("SELECT username, email, state FROM pw_recovery WHERE hash=?", $sha_key); if ($sq->get_result_rows () == 1) { $res_row = $sq->read_results (); $username = $res_row ['username']; $email = $res_row ['email']; $state = $res_row ['state']; if ($state == "OPEN") { $sq->terminate_query (); $sq->execute_command ("UPDATE members SET password=? WHERE username=? AND email=?",$new_password, $username, $email); $sq->terminate_query (); $sq->execute_command ("UPDATE pw_recovery SET state='CLOSED' WHERE username=? AND email=?", $username, $email); $sq->terminate_query (); ?>

Password has been changed. Click here to log-in.

execute_command ("SELECT username, email,state FROM pw_recovery WHERE hash=?", $sha_key); $res_row = $sq->read_results (); $state = $res_row ['state']; if ($sq->get_result_rows () > 0 && $state == "OPEN") { // Input is validated ?>

Please enter a new password.

New Password:

Confirm Password:

get_result_rows () > 0) { // Todo: error handling echo "

Error: can't find your hash key. So something is messed up right now

"; } } else if (isset ($_POST['username'])) { $req = filter_input (INPUT_POST, 'username', FILTER_SANITIZE_STRING); $sq = new sql_query ($mysqli); $sq->execute_command ("SELECT username, email, last_award, last_hit FROM members WHERE username=? OR email=?", $req, $req); $req_row = $sq->read_results (); $select_username = $req_row ['username']; $select_email = $req_row ['email']; $select_last_award = $req_row ['last_award']; $select_last_hit = $req_row ['last_hit']; if ($sq->get_result_rows () == 1) { $sha_key = sha1 ( $req . microtime () . $select_last_award . $select_last_hit ); $sq->execute_command ("INSERT INTO pw_recovery (username, email, state, hash) VALUES (?, ?, 'OPEN', ?)", $select_username, $select_email, $sha_key); if (!send_frg_email ( TEMPLATE_PATH . "frg.template", "webmaster@frontrunnergaming.com", $select_email, "Front Runner Gaming Password Reset", "

A request to change your password has been made to your Front Runner Gaming account. To copmlete your request, click here or go copy the URL below.

https://www.frontrunnergaming.com/forgot.html?key=" . $sha_key . "

" )) { echo "Error sending email ... could not complete the process."; } } else // We either have too many rows (??) or no match { // TODO: Error handling here echo "

Could not locate username or e-mail address

"; die (); } ?>

Check your e-mail!

The e-mail will contain a link that will let you reset your password.

Use the form below to recover your password.

Username or E-mail:
close (); ?>