Pls help with the code-recover password

shubho · 05-11-2009, 08:48 AM

I have a password recover codes.When i execute it gives me following errors

undefined index 'h' and
undefined index 'email'

Please help me with this coding

the code is as follow

<?php
session_start(); if(isset($_COOKIE["usNick"]) && isset($_COOKIE["usPass"])){ ?>
<META HTTP-EQUIV="REFRESH" CONTENT="0;URL=myaccount.php">
<?php exit();
}
$geth = $_GET['h']; if($geth){ include('includes/config.inc.php');
require('includes/passgenerator.inc.php');
$string = rand_string();
$mystring = sha1($string);
$myDb->connect();
$checkhash = mysql_query("SELECT hash FROM yob_recoverpass WHERE hash='$geth'");
$hash_exist = mysql_num_rows($checkhash);
$myDb->close();
if ($hash_exist>0) {
$myDb->connect();
$query = mysql_query("SELECT email FROM yob_recoverpass WHERE hash = '$geth'") or die(mysql_error());
$row = mysql_fetch_array($query); $myDb->close();
$email=$row['email'];
$myDb->connect();
$querybt = "UPDATE yob_users SET password='$mystring' WHERE email='$email'";
mysql_query($querybt) or die(mysql_error());
$queryz = "DELETE FROM yob_recoverpass WHERE hash='$geth'";
mysql_query($queryz) or die(mysql_error());
$myDb->close();
$to = $email;
$subject = SITENAME." Password Recovery";
$message = "Your New Password is: ".$string."";
$from = SITENAME."@no-reply.com";
$headers = "From: $from"; mail($to,$subject,$message,$headers);
$display_error = "* Email Sent to ".$email."";
include ('error.php'); exit();
}
}
$display_error = ""; $username = "";
if ($_POST['email']) { $email = $_POST['email'];
if( strtolower($_POST['code'])!= strtolower($_SESSION['texto'])){ $display_error = "* Security Code Error";
include ('error.php'); exit();
}
else{ include('includes/config.inc.php');
$myDb->connect();
$checkemail = mysql_query("SELECT email FROM yob_users WHERE email='$email'");
$email_exist = mysql_num_rows($checkemail);
$myDb->close();
if ($email_exist>0) { require('includes/passgenerator.inc.php');
$string = rand_string();
$mystring = sha1($string);
$myDb->connect();
$query = "INSERT INTO yob_recoverpass (hash, email) VALUES('$mystring','$email')";
mysql_query($query) or die(mysql_error());
$myDb->close();
$to = $email;
$subject = SITENAME." Password Recovery";
$message = "Please copy and paste the next URL: ".SITE_URL."recoverpass.php?h=".$mystring."";
$from = SITENAME."@no-reply.com";
$headers = "From: $from"; mail($to,$subject,$message,$headers);
$display_error = "* Email Sent to ".$email."";
include ('error.php'); exit();
}
else{ $display_error = "* The Email doesn't exist";
include ('error.php'); exit();
}
}
}
else{ include ('header.php');
?>

abduraooft · 05-11-2009, 08:52 AM

Change

PHP Code:


			
$geth = $_GET['h']; if($geth){ include('includes/config.inc.php');
require('includes/passgenerator.inc.php');

to

PHP Code:


			
if(isset($_GET['h'])){
$geth = $_GET['h'];
 include('includes/config.inc.php');
require('includes/passgenerator.inc.php');

and

PHP Code:


			
if ($_POST['email']) { $email = $_POST['email'];

to

PHP Code:


			
if (isset($_POST['email'])) { $email = $_POST['email'];

shubho · 05-11-2009, 09:26 AM

thanks,

but when I excute the code with html.it gives me error like

Parse error: syntax error, unexpected $end on line 84

the whole code is given below

please help

<?php
session_start(); if(isset($_COOKIE["usNick"]) && isset($_COOKIE["usPass"])){ ?>
<META HTTP-EQUIV="REFRESH" CONTENT="0;URL=myaccount.php">
<?php exit(); }
if(isset($_GET['h'])){
$geth = $_GET['h'];
if($geth){ include('includes/config.inc.php');
require('includes/passgenerator.inc.php');
$string = rand_string();
$mystring = sha1($string);
$myDb->connect();
$checkhash = mysql_query("SELECT hash FROM yob_recoverpass WHERE hash='$geth'"); $hash_exist = mysql_num_rows($checkhash);
$myDb->close();
if ($hash_exist>0) {
$myDb->connect();
$query = mysql_query("SELECT email FROM yob_recoverpass WHERE hash = '$geth'") or die(mysql_error());
$row = mysql_fetch_array($query);
$myDb->close();
$email=$row['email'];
$myDb->connect();
$querybt = "UPDATE yob_users SET password='$mystring' WHERE email='$email'"; mysql_query($querybt) or die(mysql_error());
$queryz = "DELETE FROM yob_recoverpass WHERE hash='$geth'";
mysql_query($queryz) or die(mysql_error()); $myDb->close();
$to = $email;
$subject = SITENAME." Password Recovery"; $message = "Your New Password is: ".$string."";
$from = SITENAME."@no-reply.com";
$headers = "From: $from";
mail($to,$subject,$message,$headers);
$display_error = "* Email Sent to ".$email."";
include ('error.php'); exit();
}
}
$display_error = ""; $username = "";
if (isset($_POST['email'])) {
$email = $_POST['email'];
if( strtolower($_POST['code'])!= strtolower($_SESSION['texto'])){ $display_error = "* Security Code Error";
include ('error.php');
exit();
}
else{ include('includes/config.inc.php');
$myDb->connect();
$checkemail = mysql_query("SELECT email FROM yob_users WHERE email='$email'"); $email_exist = mysql_num_rows($checkemail);
$myDb->close();
if ($email_exist>0) { require('includes/passgenerator.inc.php');
$string = rand_string();
$mystring = sha1($string);
$myDb->connect();
$query = "INSERT INTO yob_recoverpass (hash, email) VALUES('$mystring','$email')"; mysql_query($query) or die(mysql_error());
$myDb->close();
$to = $email;
$subject = SITENAME." Password Recovery";
$message = "Please copy and paste the next URL: ".SITE_URL."recoverpass.php?h=".$mystring."";
$from = SITENAME."@no-reply.com";
$headers = "From: $from";
mail($to,$subject,$message,$headers);
$display_error = "* Email Sent to ".$email."";
include ('error.php');
exit(); }else{ $display_error = "* The Email doesn't exist"; include ('error.php'); exit(); }
}
}
else{ include ('header.php'); ?>
<div id="content">
<p class="error"><?php echo $display_error;?></p>
<form action="recoverpass.php" method="post" class="f-wrap-1">
<div class="req"><a href="signup.php">Not Registered?</a><br /><a href="recoverpass.php">Forgot your Password?</a></div>
<fieldset>
<h3>Recover your Password</h3>
<label for="email"><b>Email:</b>
<input id="email" name="email" type="text" class="f-name" autocomplete="off" tabindex="1" /><br />
</label>
<label for="code"><b>Security Code:</b>
<input id="code" name="code" type="text" class="f-name" autocomplete="off" tabindex="3" /><br/>
</label>
<label for="code2"><b> </b>
<img src="image.php?<?php echo $res; ?>"/><br />
</label>
<div class="f-submit-wrap">
<input type="submit" value="Submit" class="f-submit" tabindex="4" /><br />
</div>
</fieldset>
</form>

<?php
include ('footer.php'); } ?>

djm0219 · 05-11-2009, 09:42 AM

You didn't close the last else. Change

PHP Code:


			
<?php

include ('footer.php'); } ?>

to

PHP Code:


			
<?php

}

include ('footer.php'); } ?>

And please use [ php ] tags around your code when posting. See this sticky for more information.

shubho · 05-11-2009, 10:41 AM

something went wrong
your suggestion did not work

abduraooft · 05-11-2009, 10:51 AM

Format your code with proper indents for your if-else blocks, there must be a missing } somewhere. Also please use [PHP][/PHP] tags to wrap your code while posting here.