/reset.php

<?PHP

//================================================================================

// PLEASE DO NOT REMOVE THIS HEADER!!!

//

// COPYRIGHT NOTICE

// This script is licensed under the GPL

// 

// Copyright 2007-2008 Alias 454 Studios and Brandon Keep (c) All rights reserved.

// Created 11/18/2007   

// Brandon Keep,    http://www.openautoclassifieds.com

//                  http://www.alias454studios.com/scripts/

//

// Last Modified 04-12-2008 by

// Brandon Keep,    http://alias454studios.com

//================================================================================

// This software IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL

// THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR

// OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,

// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR

// OTHER DEALINGS IN THE SOFTWARE.

//================================================================================



require_once './Includes/configs/functions.php';

require_once './Includes/libs/Smarty.class.php';

include_once "./Includes/language/$site_lang.php";



$smarty = new Smarty;

$smarty->template_dir="templates/$template";



$smarty->assign("manufacturerslist",getSearchList("make"));

$smarty->assign("modelslist",getSearchList("model"));

$smarty->assign("typeslist",getSearchList("vehicle_type"));



//Check if single user mode 1 or multi-user mode 0

if ($site_mode == 0) {

	$smarty->assign("site_mode",1);

}

if (isset($_SESSION["logged_in"])) {

	$smarty->assign("logged_in",1);

	//check privs to find out if user 

	//is a seller, admin or user

	$status = checkPrivs();

	$smarty->assign("$status",1);

}



//User is logged in and wants to change password

if (isset($_POST["change"]) && $_POST["change"] == SUBMIT) {

	$_POST = codeClean($_POST);

	if (validateEmail($_POST["email"])) {

		if (checkIfEmail($_POST["email"])) {

		  //verify old password so we know it can be changed by valid user

			if (verifyLogin($_SESSION["user"],$_POST["old_pass"])) {

				updatePass($_SESSION["user"],$_POST["new_pass"]);

				$smarty->assign("success",PASSWORD_UPDATED);

			} else { 

				$smarty->assign("error_message",BAD_PASSWORD); 

				$smarty->assign("pass_error",1); 

				$smarty->assign("formemail",(htmlentities($_POST["email"])));

			}

		} else { 

			$smarty->assign("error_message",EMAIL_NOT_EXISTS); 

			$smarty->assign("mail_error",1); 

		}

	} else { 

		$smarty->assign("error_message",NOT_VALID_EMAIL); 

		$smarty->assign("mail_error",1); 

	}

 } elseif (isset($_POST["submit"]) && $_POST["submit"] == RESET) {

 	$_POST = codeClean($_POST);

 	//if user not logged in show forgot password form

	if (validateEmail($_POST["email"])) {

		$email = codeClean($_POST["email"]); 

	  	  

		$sql = "SELECT user FROM users WHERE email = '" . $email . "'";

		$res = mysql_query($sql);

		$a_row = mysql_fetch_array($res);

		$user = $a_row["user"];



		if (!empty($user)) {

			$pass = generatePassword(6);

			updatePass($user,$pass);

			$smarty->assign("success",PASSWORD_RESET);

			

		//build email to be sent from lang file

			$body = preg_replace("!%USERNAME%!","$user",RESET_PASSWORD_BODY);

			$body = preg_replace("!%PASSWORD%!","$pass", $body);

			$body = preg_replace("!%URL%!","$site_url/login.php", $body);

			$subject = preg_replace("!%URL%!","$site_url/login.php",RESET_PASSWORD_SUBJECT);



		sendEmail($email,$subject,$body,$admin_name,$admin_email);



		} else {	

			$smarty->assign("error_message",NOT_VALID_EMAIL); 

			$smarty->assign("mail_error",1); 

		}

	} else {	

		$smarty->assign("error_message",NOT_VALID_EMAIL); 

		$smarty->assign("mail_error",1); 

	}

}



$smarty->assign("reset",1);

$smarty->display('reset.tpl');

?>