session_start();
ob_start("ob_gzhandler");
include("./includes/config.php");
include("./lang/arabic.php");
include("./includes/function.php");
include("./includes/online.php");
include("./includes/easytemplate.php");
include("./includes/inquiry.php");
$PhpGroup_style['def_style'] = "designs/$style";
$stylepath= $PhpGroup_style['def_style'];
$tpl = new EasyTemplate;
$tpl->Temp = $PhpGroup_style['def_style'];
$tpl->Cache = "easycache";
//get the can name in the right page
$selectc = @mysql_db_query("$dbName", "SELECT * FROM `cat` WHERE `cat_group` = '1' ORDER BY `cat`.`cat_display` ASC ") ;
while ($s = @mysql_fetch_assoc($selectc)){
$cat[] = $s ;
}
@mysql_free_result($selectc);
//loginbox
loginbox( $login );
//get the last new poem
$selectnewdivan = mysql_db_query("$dbName", "SELECT * FROM `divan` WHERE `divan_group` = '1' ORDER BY `divan_id` DESC LIMIT 10 ") ;
while ($ndivan = @mysql_fetch_assoc($selectnewdivan)){
$nd[] = $ndivan ;
}
@mysql_free_result($selectnewdivan);
//statistics
$selectcount= mysql_db_query("$dbName", "SELECT * FROM cat;") ;
$totalcat = mysql_affected_rows();
@mysql_free_result($selectcount);
$selectcount= mysql_db_query("$dbName", "SELECT * FROM divan;") ;
$totaldivan = mysql_affected_rows();
@mysql_free_result($selectcount);
$selectcount= mysql_db_query("$dbName", "SELECT * FROM users;") ;
$totalusers = mysql_affected_rows();
@mysql_free_result($selectcount);
//getcat info
$username = $_COOKIE[traidusername];
$password = $_COOKIE[traiduserpassword];
$userid = $_COOKIE[traiduserid];
$subtitle = " - استرجاع كلمة المرور ";
echo $tpl->display("headerinclude.html");
//header
echo $tpl->display("header.html");
//endheader
echo $tpl->display("bodyinclude.html");
if (($close) == ('yes')){
echo $tpl->display("message.html");
traidntright();
echo $tpl->display("footer.html");
exit();
}
//
if(($_GET['go'])==('')){
echo "
".$tpl->display("lostpassform.html");
}elseif(($_GET['go'])==('search')){
$mail = $_POST[usermail];
$uniq = substr( md5(uniqid (rand())), 0, 10 );
$code = trim($_POST[codes]);
$code = md5($code);
$cp = $_SESSION['key'];
$selectuser= mysql_db_query("$dbName", "SELECT * FROM `users` WHERE `user_mail` = '$mail' ;") ;
$issetuser = mysql_affected_rows();
if(($code)!=($cp)){
$message = "عفوا كود التحقق خاطئ ";
echo $tpl->display("message.html");
}elseif(($issetuser)==('0')){
$message = $lang[mailnotfound];
echo $tpl->display("message.html");
}else{
$selectfromforget = mysql_db_query("$dbName", "SELECT * FROM `forgetpassword` WHERE `forget_mail` ='$mail' ") ;
$iseetinforget = mysql_affected_rows();
if(($iseetinforget)!=('0')){
$selectfromforget = mysql_db_query("$dbName", "DELETE FROM `forgetpassword` WHERE `forget_mail` = '$mail' ") ;
}
$insertnew = mysql_db_query("$dbName", "INSERT INTO `forgetpassword` ( `forget_id` , `forget_key` , `forget_mail` )
VALUES (
NULL , '$uniq', '$mail'
);") ;
$to = $mail;
//عنوان الرسالة
// هيدر الرسالة
$headers = "From: $sitemail <$to>\r\nReply-To: $mail\r\n";
$headers .= "X-Sender: <$sitemail>\n";
$headers .= "X-Mailer: PHP\n";
$headers .= "Return-Path: <$mail>\n";
$headers .= "Content-Type: text/html; charset=UTF-8\n";
$subject = "فقدان كلمة المرور";
//محتوي الرسالة
$body = "
تم استلام طلب لاسترجاع كلمة المرور اذا لم تكن انت من قام بالطلب يمكنك تجاهل الرسالة
اذا اردت استرجاع كلمة المرور اضغط علي الرابط التالي
$sitelink/lostpassword.php?go=valid&key=$uniq&mail=$mail
";
$send = @mail($to, $subject, $body, $headers);
if($send){
$message = "تم ارسال رسالة الي بريدكم ";
echo $tpl->display("message.html");
}else{
$message = "عفوا هناك مشكلة بارسال الرسالة ";
echo $tpl->display("message.html");
}
//end of work space
}
}elseif(($_GET['go'])==('valid')){
$key = strip_tags($_GET['key']);
$mailf = strip_tags($_GET['mail']);
$selectfromforget = mysql_db_query("$dbName", "SELECT * FROM `forgetpassword` WHERE `forget_mail` ='$mailf' and `forget_key` = '$key' ") ;
$issetin = mysql_affected_rows();
if(($issetin)==('0')){
$message = "عفوا هناك خطأ :
البريد الالكتروني او مفتاح التاكد غير متوفر";
echo $tpl->display("message.html");
}else{
$selectfromforget = mysql_db_query("$dbName", "DELETE FROM `forgetpassword` WHERE `forget_key` = '$key' ") ;
$randpassword = rand(90,200000);
$md5rand = md5($randpassword);
$updateuserpassword = mysql_db_query("$dbName", "UPDATE `users` SET `user_password` = '$md5rand' WHERE `users`.`user_mail` = '$mailf' LIMIT 1 ;") ;
$to = $mailf;
//عنوان الرسالة
$subject = " كلمة المرور";
// هيدر الرسالة
$headers = "From: $sitemail <$to>\r\nReply-To: $mailf\r\n";
$headers .= "X-Sender: <$sitemail>\n";
$headers .= "X-Mailer: PHP\n";
$headers .= "Return-Path: <$mailf>\n";
$headers .= "Content-type: text/html\n\n";
//محتوي الرسالة
$body = "
مرحبا بك
تم تغيير كلمة المرور كلمة المرور الجديدة هي
$randpassword
";
$send = @mail($to, $subject, $body, $headers);
if($send){
$message = "تم ارسال كلمة المرور الي بريدكم";
echo $tpl->display("message.html");
}else{
$message = "عفوا هناك مشكلة بارسال الرسالة ";
echo $tpl->display("message.html");
}
}
}
traidntright();
echo $tpl->display("footer.html");
//page footer
ob_end_flush();
?>