session_start();
//print_r($_SESSION);
//$user_id = $_SESSION['id'];
//$username = $_SESSION['usr'];
//echo "HELLO";
// take the email address.. and email them a new password (and change the password in the database)
// or do we give them a limited time link and that link lets them change the password to that account?
$email = $_POST["email"];
$submit = $_POST["submit"];
//print_r($_POST);
//echo $email;
$success = 0;
if($email) {
$key = uniqid(mt_rand(), true);
$token = md5($_POST['email'].$key);
// update database with this key and the timestamp
$db = mysqli_connect ("localhost", "pack", "watch3r");
mysqli_select_db ($db, "pack");
$query = "UPDATE pack_user set reset_token = '$token' WHERE email = '$email'";
mysqli_query($db, $query);
$query = "UPDATE pack_user _SET reset_date=now() WHERE email = '$email'";
mysqli_query($db, $query);
// send email
$to = $email;
$subject = "// MVGEN: Password Recovery";
$message = "To reset your password, please Click here
MVGEN SUPPORT TEAM";
$from = "MVGEN ";
$headers = 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\n";
$headers .= "From: $from";
if(mail($to, $subject, $message, $headers));{
$success = 1;
}
if ($success) {
$good[] = 'E-mail Sent! Check Your E-mail for a Password Recovery Link!';
} else { $err[] = 'E-mail Error in sending. Check Address'; }
} else {
if ($submit){
$err[] = 'Fill out the email address';
}
}
// probably need to let them know to check their email -- use javascript or something to change the div?
?>
MVGEN - Music Video Generator: Password Recovery
include "./sidenav.php"; ?>