GetRS($sql); if(mysql_num_rows($rs)==0) { SecurityLog($db,'invalid user',0,$REMOTE_ADDR,gethostbyaddr($REMOTE_ADDR),'Password Request','Failure','',$username); $FormErrorReport = "Sorry; there is no record matching the email address you entered.
Please try again with a different Username and/or Email."; } else { $diff_login = mysql_result($rs,0,"diff_login"); $password = mysql_result($rs,0,"login_key"); $diff_login = ($diff_login == '') ? 16 : $diff_login; if((int)$diff_login <= 15 && empty($password)) { $password=substr(md5(time()),0,32); $sqlUpdate = "UPDATE users SET login_key='$password' WHERE id=".mysql_result($rs,0,"id"); $db->execute($sqlUpdate,0); } if((int)$diff_login > 15) { $password=substr(md5(time()),0,32); $sqlUpdate = "UPDATE users SET login_key='$password',login_key_date_created=NOW() WHERE id=".mysql_result($rs,0,"id"); $db->execute($sqlUpdate,0); } $user = mysql_result($rs,0,"name"); $admin_email = mysql_result($rs,0,"email"); $user_id = mysql_result($rs,0,"id"); //CHECK HOURS/MINUTES FORMAT if($exparation_password_time<60) $exparation_password_time.=" Minutes"; else $exparation_password_time=floor($exparation_password_time/60)." hours"; SecurityLog($db,'user',mysql_result($rs,0,"id"),$REMOTE_ADDR,gethostbyaddr($REMOTE_ADDR),'Password Request','Success'); /********************* SEND E-MAIL TO CUSTOMER **********************/ $subject = "Information that you requested"; $msgTXT = $user.",\t\n\t\n"; $msgTXT.= "We have received a request to send your login information to your email address. "; $msgTXT.= "Although we do not send personal information across email, you may use the temporary link below to log into your account:\t\n"; $msgTXT.= "https://$site_secure_URL/user/main/login/index.php?login_key=$password\t\n\t\n"; $msgTXT.= "IMPORTANT: Your current account information will NOT be changed until you click on the above URL to confirm your request (you will be prompted to update your password). "; $msgTXT.= "If you do not click on this URL within the next $exparation_password_time, your request will be ignored.\t\n\t\n"; $msgTXT.= "IF YOU DID NOT INITIATE THIS REQUEST: No action is required on your behalf and you may simply ignore this message. "; $msgTXT.= "Most likely, someone has input your email address in the \"Forgot Password\" feature on our website. "; $msgTXT.= "Please rest assured that this information was only delivered to your email account.\t\n\t\n"; $msgTXT.= "Etrafficers Support \t\n"; $msgTXT.= "support@etrafficers.com \t\n"; $msgTXT.= "Phone - 801.221.9400 \t\n"; $msgTXT.= "Fax - 801.221.9401 \r\n"; $msgHTM = $user.",

"; $msgHTM.= "We have received a request to send your login information to your email address. Although we do not send personal information across email, you may use the temporary link below to log into your account:
"; $msgHTM.= "https://$site_secure_URL/user/main/login/index.php?login_key=$password

"; $msgHTM.= "IMPORTANT: Your current account information will NOT be changed until you click on the above URL to confirm your request (you will be prompted to update your password). If you do not click on this URL within the next $exparation_password_time, your request will be ignored.

IF YOU DID NOT INITIATE THIS REQUEST: No action is required on your behalf and you may simply ignore this message. Most likely, someone has input your email address in the \"Forgot Password\" feature on our website. Please rest assured that this information was only delivered to your email account.

Etrafficers Support
support@etrafficers.com
Phone - 801.221.9400
Fax - 801.221.9401
"; $mgClient = new mailgun_api($mailgun_api_key, $mailgun_etrafficers_domain); $result = $mgClient->sendMessage($forgot_email, $email, $subject, $msgTXT, $msgHTM); if($result <> null) $msg = 'A temporary login has been sent to the email address you have provided.'; } } } /**** COMMON PAGE PARAMETERS ****/ $pageTitle = 'Forgot Password?'; header('X-Frame-Options: SAMEORIGIN'); header('X-Xss-Protection: 1; mode=block'); /****** OUTPUT *******/ include('out_forgot.php'); ?>