0) loggedin();
if (!empty($_POST['email'])) {
$db = new bdb() or fatal('No database connection!');
$token = uniqid('fp', true);
$result = $db->query('SELECT id FROM users WHERE email = \''.$db->escape_string($_POST['email']).'\'') or fatal($db->error);
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
$newpass = pwgen(10);
$db->query('UPDATE users SET password = \''.bulletin_hash($newpass).'\' WHERE id = '.$row['id']) or fatal($db->error);
if ($db->affected_rows < 1) fatal('Could not affect the database');
$result->free();
$db->close();
bulletin_mail($_POST['email'], 'Recover Your Bulletin Account', tpl(array(
'newpass' => htmlentities($newpass),
), 'forgot.tpl')) or fatal('Could not send out the recovery email, we apologize for the inconvenience.');
fatal('A recovery email has been sent to the address you supplied. You can use this email to access your account, and from there change your password.', $b_config['base_url'].'login.php');
} else {
$result->free();
$db->close();
$e = 1;
$e_msg = 'That email address is not listed in our database.';
}
}
?>
Forgot Password / Bulletin