<?php
/*
Very important! You need to run SQL update!
ALTER TABLE `account` ADD `reset_password` VARCHAR( 50 ) NOT NULL;
*/
/*Config*/
$realmd = array(
'db_host'=> '...', //ip of db realm
'db_username' => '...',//realm user
'db_password' => '...',//realm password
'db_name'=> '...',//realm db name
);
$config = array(
'path_to_thisfile' => 'http://mysite.com/lol/ownage/wow/pass_recovery.php', // Example: http://mysite.com/lol/ownage/wow/
'email_from' => 'mysite@wow.com', // Who should the email be sent from ?
'email_subject' => 'Password recovery for our site!', // Subject of the mail ??
);

function sha_password($user,$pass){
$user = strtoupper($user);
$pass = strtoupper($pass);

return SHA1($user.':'.$pass);
}
function random_string($counts){
$str = "abcdefghijklmnopqrstuvwxyz";//Count 0-25
for($i=0;$i<$counts;$i++){
if ($o == 1){
$output .= rand(0,9);
$o = 0;
}else{
$o++;
$output .= $str[rand(0,25)];
}

}
return $output;
}

$realmd_bc_new_connect = mysql_connect($realmd[db_host],$realmd[db_username],$realmd[db_password]);
$selectdb = mysql_select_db($realmd[db_name],$realmd_bc_new_connect);

if ($_GET[h] && $_GET[h] != '' && $_GET[h] != '0'){
$output_random_pass = random_string(10);
$query = mysql_query("SELECT username FROM `account` WHERE reset_password='$_GET[h]'");
$res = mysql_fetch_array($query);
if (mysql_num_rows($query) == 1){
echo "Hi $res[username], Your password is: $output_random_pass. Please change your password fast as possible.";
$pass_hash = sha_password($res[username],$output_random_pass);
mysql_query("UPDATE `account` SET sha_pass_hash='$pass_hash' WHERE reset_password='$_GET[h]'");
mysql_query("UPDATE `account` SET reset_password='' WHERE username='$res[username]'");
}else{
echo "Error.";
}

}else{
?>

<?php
//this is where user fill in and send by email
if ($_POST[password_takeback]){
$check_security = mysql_query("SELECT id FROM `account` WHERE username='$_POST[username]' AND email='$_POST[email]'");
if (isset($_POST['username']) && isset($_POST['email']) && mysql_num_rows($check_security) == 1){
$rand = random_string(40);
mysql_query("UPDATE `account` SET reset_password='$rand' WHERE username='$_POST[username]'");
$to = $_POST["email"];
$from = "From: $config[email_from]";
$subject = $config[email_subject];
$message= "Hi $_POST[username], you have submitted a password recovery on our site. IF YOU DIDNT SUBMIT A PASSWORD REQUEST JUST DELETE THIS MAIL!. Please follow this link to complete the operation: $config[path_to_thisfile]?h=$rand";
mail($to, $subject, $message, $from); // This work if you have configured your php.ini file to send email, !on linux its default.
echo "An Email has been sent to you, please follow the email to complete the process.";
}else{
echo "Incorrect details, Please be sure that you submitted right Email and Username to your account";
}
}else{
?>
<form action="<?php echo $_SERVER[PHP_SELF]; ?>" method="POST">
Your Email: <input type="text" name="email">

Your Username: <input type="text" name="username">

<input type="submit" name="password_takeback">
</form>
<?php
}
}// End GET
?>