Enter your email address";
} else {
$statement = $pdo->prepare("SELECT * FROM users WHERE email = :email");
$result = $statement->execute(array('email' => $_POST['email']));
$user = $statement->fetch();
if($user === false) {
$error = "no user found";
} else {
//check if theres a code already
$passwordcode = random_string();
$statement = $pdo->prepare("UPDATE users SET passwordcode = :passwordcode, passwordcode_time = NOW() WHERE id = :userid");
$result = $statement->execute(array('passwordcode' => sha1($passwordcode), 'userid' => $user['id']));
$mailrcpt = $user['email'];
$mailsubject = "New password for your User";
$from = "From: Password Reset Service ";
$url_passwordcode = 'https://'.$_SERVER['HTTP_HOST'].'/resetpass.php?userid='.$user['id'].'&code='.$passwordcode;
$text = 'Hallo '.$user['username'].',
please use the following URL to change your password in the next 24h:
'.$url_passwordcode.'
If this mail comes unsolicited, please just ignore the mail.
cheers
loginpagefoo script';
mail($mailrcpt, $mailsubject, $text, $from);
echo 'Link send. Going back to login page. ';
$showForm = false;
}
}
}
if($showForm):
?>
Forgot Password
Please enter your email so we can send you a link to reset your password.