Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > Yuna Scatari Edition (YSE)
Reply
  #1  
Old 14th August 2009, 01:37
animezon animezon is offline
Senior Member
 
Join Date: Jun 2009
P2P
Posts: 21
Default Recover
Hello guys i see anyone cant help me with my recover i do it myself and i like to share it here is totaly working

Edit your recover.php:

PHP Code:
<? ////fix by Nereu onlydvds2009

require_once("include/bittorrent.php");
dbconn();
// If user submitted info.
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
  
// trim for whitespace
  
$email trim($_POST["email"]);

  
// if email is not entered.
  
if (!$email)
      
newerr($tracker_lang['error'], "You must enter an email address!"); // show error

  // select user from table users, limit to 1 user.
  
$res sql_query("SELECT * FROM users WHERE email=" sqlesc($email) . " LIMIT 1") or sqlerr(__FILE____LINE__);

  
// assign data to arr
  
$arr mysql_fetch_assoc($res) or newerr($tracker_lang['error'], "The email address was not found in the database..\n");

  
// create random security code
  
$sec create_salt();

  
sql_query("UPDATE users SET editsecret=" sqlesc($sec) . " WHERE id=" $arr["id"]) or sqlerr(__FILE____LINE__);
  if (!
mysql_affected_rows())
     
newerr($tracker_lang['error'], "Database error. Please contact an administrator about this..");

  
$hash md5($sec $email $arr["passhash"] . $sec);

  
$body = <<<EOD
Hi,

Someone, hopefully you, requested that the password for the account
associated with this email address (
$email) be reset.

The request originated from 
$ip.

If you did not do this ignore this email. Please do not reply.

Should you wish to confirm this request, please follow this link:

$DEFAULTBASEURL/recover.php?confirm&id={$arr["id"]}&secret=$hash


After you do this, your password will be reset and emailed back
to you.

--
$SITENAME
EOD;
   @
sent_mail($arr["email"],$SITENAME,$SITEEMAIL,"password reset confirmation $SITENAME",$body)
      or 
newerr($tracker_lang['error'], "Unable to send E-mail. Please let the administration know.");
   
newerr($tracker_lang['success'], "Recovery E-mail was sent.\n" .
      
" After a few minutes (usually immediately) we will send you a E-mail with further instructions.");
}
elseif(isset(
$_GET['confirm']))
{
//    if (!preg_match(':^/(\d{1,10})/([\w]{32})/(.+)$:', $_SERVER["PATH_INFO"], $matches))
//      httperr();

//    $id = 0 + $matches[1];
//    $md5 = $matches[2];

          
if (!is_valid_id($_GET["id"]))
            
stderr($tracker_lang['error'], $tracker_lang['invalid_id']);


  
$id $_GET["id"];
  
$md5 $_GET["secret"];

    
$res sql_query("SELECT username, email, passhash, editsecret FROM users WHERE id = $id");
    
$arr mysql_fetch_array($res) or stderr($tracker_lang['error'],"??? ???????????? ? ????? ID");

  
$email $arr["email"];

    
$sec hash_pad($arr["editsecret"]);
    if (
preg_match('/^ *$/s'$sec))
   
stderr($tracker_lang['error'],"Error");
    if (
$md5 != md5($sec $email $arr["passhash"] . $sec))


   
// generate new password;
   
$chars "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

  
$newpassword "";
  for (
$i 0$i 10$i++)
    
$newpassword .= $chars[mt_rand(0strlen($chars) - 1)];

   
$sec create_salt();

   
$newpasshash create_password($newpassword$sec);

   
sql_query("UPDATE users SET secret=" sqlesc($sec) . ", editsecret='', passhash=" sqlesc($newpasshash) . " WHERE id=$id AND editsecret=" sqlesc($arr["editsecret"]));

   if (!
mysql_affected_rows())
      
newerr($tracker_lang['error'], "Unable to update user information. Please contact the administrator and tell them of this error.");

   
define('REGISTER'true);
   
$userid $id;

  
$body = <<<EOD
Your request for password recovery, generates you a new password. 

Here is your new data for this account: 

    Username: 
{$arr["username"]}
    Password: 
$newpassword

You can login here: 
$DEFAULTBASEURL/login.php

--
$SITENAME
EOD;

  @
sent_mail($email,$SITENAME,$SITEEMAIL,"password reset confirmation for $SITENAME",$body)
    or 
newerr($tracker_lang['error'], "Unable to send E-mail. Please let the administration know.");
  
newerr($tracker_lang['success'], "Recovery E-mail was sent to $email.\n" .
    
"After a few minutes (usually immediately), you will get your new data.");

}
else
{
   
stdhead("Recover lost user name or password");
   
?>
   <form method="post" action="recover.php">
   <table border="1" cellspacing="0" cellpadding="5">
   <tr><td class="colhead" colspan="2">Restoration user name or password </td></tr>
   <tr><td colspan="2">Use the form below to recover password <br /> and your data will be mailed to you..<br /><br />
   You e-mail will confirm the request</td></tr>
   <tr><td class="rowhead">Registered E-Mail</td>
   <td><input type="text" size="40" name="email"></td></tr>
   <tr><td colspan="2" align="center"><input type="submit" value="Recover"></td></tr>
   </table>
   <?
   stdfoot
();
}

////fix by Nereu onlydvds2009                                                    
 
?>

Enjoy:)
Reply With Quote
The Following User Says Thank You to animezon For This Useful Post:
Fynnon (14th August 2009)
  #2  
Old 14th August 2009, 16:16
kp380lv's Avatar
kp380lv kp380lv is offline
Senior Member
 
Join Date: May 2008
Latvia
Posts: 388
Default
Change this:

$id = 0 + $_GET["id"];

To this:

$id = (int) $_GET["id"];
Reply With Quote
  #3  
Old 14th August 2009, 22:07
pdq pdq is offline
TBDev BANNED Warrior
 
Join Date: Sep 2008
P2P
Posts: 46
Default
since you do this check:
PHP Code:
 if (!is_valid_id($_GET["id"]))
            
stderr($tracker_lang['error'], $tracker_lang['invalid_id']); 


this is all you need to do:
PHP Code:
  $id $_GET['id']; 
=]
Reply With Quote
Reply

Tags
recover

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
help recover animezon Yuna Scatari Edition (YSE) 1 20th March 2010 21:40
Recover Not working Phogo Free Torrent Source 3 16th January 2010 22:13
please help pleeease !! recover.php white screen poila Yuna Scatari Edition (YSE) 9 28th July 2009 18:37
Recover....password... Nilsons Yuna Scatari Edition (YSE) 6 9th July 2009 22:00



All times are GMT +2. The time now is 23:08. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.