Please enter your username below. An email with instructions on how to reset your password will be sent to the email address we have on file.
'; if ($_SERVER['REQUEST_METHOD'] == 'POST') // Handle the form submission. { // Validate and secure the form data: $problem = FALSE; if (!empty($_POST['username']) ) { $username = trim(strip_tags($_POST['username'])); // Strip HTML and potentially dangerous scripts } else { $problem = TRUE; print $form; print 'Please enter your username
'; } // Execute if there are no problems with the form if (!$problem) { // Generate random URL string $reset_code = generateRandomString(40); // Update table with random URL parameter string - also insert an expiry date of 4 hours from now $query = "SELECT client_update_reset_code ('".$reset_code."','".$username."')"; if ($r = pg_query($dbc,$query)) { // Run the query. while ($row = pg_fetch_row($r)) { // Retrieve email address and companyid - create variables for use in sending email $client_query = "SELECT companyid, email FROM Client WHERE username = '".$username."'"; $client_row = pg_query($dbc,$client_query); $row = pg_fetch_array($client_row); $company_id = $row[0]; $dest_address = $row[1]; // Stop process if username not on file if ($row[0] == '') { print $form; print 'Please ensure you have entered a valid username.
'; break; } // Stop process if no recovery email address on file if ($row[1] == '') { print $form; print 'Unfortunately we don't have your email address. Please contact us by phone on 0800 GPS 001 or via email at admin@precisiontracking.co.nz.
'; break; } // Construct HTML email message $html_message = 'Precision Tracking received a request to reset the password for your account. To reset your password, click on the button below:
Or copy and paste the following URL into your browser:
http://www.precisiontracking.co.nz/reset_password.php?id='.$reset_code.'
If you experience any difficulties, or you did not request your password to be reset, please do not hesitate to contact us by phone on 0800 GPS 001 or via email at admin@precisiontracking.co.nz. '; // Insert email send details into email_outbox table where it will automatically be sent $email_query = "INSERT INTO email_outbox ( src_address, dest_address, company_id, subject, text_message, html_message ) VALUES ( 'info@precisiontracking.co.nz','$dest_address','$company_id','Reset password','','$html_message')"; $email_insert = pg_query($dbc, $email_query); if (pg_affected_rows($email_insert) == 1) { // Success message for screen print '
An email with instructions on how to reset your password has been sent to the email address we have on file for '; print $username; print '.
You will need to reset your password within 4 hours.
If you experience any difficulties, please do not hesitate to contact us.
'; } else { print 'We are unable to reset your password at the moment. Please contact us by phone on 0800 GPS 001 or via email at admin@precisiontracking.co.nz.
'; } } // End while } // End of query IF. } // No problem! } // End of form submission IF. else // Print form as user has loaded page for first time { print $form; } ?>