alerts@dailyclassicalmusic.com ; updated wording require_once('../../lib/site.php'); // The file of sets of correct and incorrect statements $substatementsfile = '/home/mv/dailyclassicalmusic.com/data/substatements.txt'; # the error code from the form, if any $formerror = null; // Has anything been completed on the form? if (isset($_POST["statement"])) { // A statement has been chosen - was it the valid one? // First read in the file of sets of statements $numrecs = orgla_load_array($substatementsfile, "\n", "\t", $statements, 1, array(0,1)); // Now get the response, and also the timestamp and the number of the set of statements $resp = $_POST['statement']; list($timestamp, $setno) = explode('.', $_POST['set']); $statementset = $statements[$setno]; // Check if the response is valid if ('Y' == $statementset[$resp][2][0]) { // Check that the email address is valid $email = strtolower(trim($_POST['email'])); if (!$email) { $formerror = "You haven't provided your email address."; } else if (is_valid_email($email)) { // Make sure that there's already a subscription using this email address. // To do this, we need to load the subscription file indexed on email address. $numrecs = orgla_load_array('/home/mv/dailyclassicalmusic.com/data/subscription.txt', "\n", "\t", $subs, 0, array(0)); if (isset($subs[$email])) { // At this point, we should (later?) check that the user's subscription hasn't already expired. // Now send an email to the person asking them to click on a link to reset their password. // Create the file they'll click on first, and delete it after they've used it // or after a specific time. // Create a random string and then make an HTML filename from it. // The file contains a PHP script which changes the person's password to a generated random string // and then it deletes itself $filename = 'subscription/pppp' . or_identifier('') . time() . '.htm'; $file = HOMEPATH . $filename; $url = HOMEURL . $filename; $pass = orgla_random_string(6, 10, false, true, '01234567890'); // This is the code for the temporary PHP script which resets the user's password. // Various characters need to be escaped to pass them through to the generated script. $contents = <<< HEREDOC ' . "\\r\\n" . 'X-Mailer: Orion Web Edit/'; mail('$email', 'Your Daily Classical Music password has now been reset', \$message, \$headers); echo "
To login now, please use the following login details:
username: $email
password: $pass
to access the subscription site:
www.dailyclassicalmusic.com
Both your username and password are case sensitive.
Your username (or 'name') is your WHOLE email address.
Once logged in, please add the subscription site to your browser bookmarks or favourites.
Please note that the subscription service has a different URL - you'll need to log in at the different address shown above!
To receive email alerts or newsletters, or to change your password to something more memorable, please visit the preferences page
(We have also sent you a copy of this information by email.)
\n"; echo "\\n"; // Finally delete this file once it's been used, for security reasons // unlink(\$_SERVER['SCRIPT_FILENAME']); ?> HEREDOC; file_put_contents($file, $contents); // Now send the email containing the link to the file $message = "Thank you for requesting that your Daily Classical Music password be reset.\n\nPlease now click on this link (or copy the address into your web browser) to confirm that you would like your password to be reset:\n\n"; $message .= $url; $message .= "\n\nIf you didn't ask for your password to be reset, simply delete this email without clicking on the link and nothing will happen.\n\n"; $headers = 'From: Daily Classical Music
|