Code:<?
/********************************************************************/
/* Script Name : passmaker.php */
/* Author : Gaylen Fraley (aka Raven) */
/* License : Private. For personal use only. Use at your own */
/* risk. I am not responsible for any damage caused */
/* by the use or misuse of this script. You may use */
/* it but may not distribute it. */
/* Purpose : To reset all passwords in the nuke users database */
/* and to send an email to the user advising of the */
/* new password. */
/* Date Released: 8/10/2004 */
/* Version : 1.0.0 */
/********************************************************************/
/* USAGE NOTES : Pretty self-explanatory. To test the script set */
/* $test = TRUE and $testUser = "A REAL USER NAME". The script will */
/* only use that record to act upon. The rest of the settings should*/
/* be self explanatory. {USERNAME} and {NEWPASSWORD} are NOT to be */
/* changed. The script will auto fill those settings. */
/* */
/* PLEASE BE SURE TO BACKUP YOUR USERS TABLE BEFORE RUNNING THIS! */
/********************************************************************/
/////////////////////////
// Configurable Settings
/////////////////////////
$test = FALSE;
$testUser = 'USER';
$subject = "You Have a New Password!";
$fromAddress = 'YOU@YOURDOMAIN.COM';
$siteURL = "YOURDOMAIN.COM";
$message = "{USERNAME},\n\n"
."Your old password at http://$siteURL has been purposely expired for security reasons.\n"
."Your new password is ==> {NEWPASSWORD} <==. Please login to this site as soon as possible and verify your new password.\n\n"
."Sincerely,\n\n"
."The Management at $siteURL"
;
/////////////////////////
/////////////////////////
////////////////////////////////////////////////////////
// DO NOT MODIFY ANYTHING BELOW THIS LINE!!!!
////////////////////////////////////////////////////////
function makePass() {
$cons = "bcdfghjklmnpqrstvwxyz";
$vocs = "aeiou";
for ($x=0; $x < 6; $x++) {
mt_srand ((double) microtime() * 1000000);
$con[$x] = substr($cons, mt_rand(0, strlen($cons)-1), 1);
$voc[$x] = substr($vocs, mt_rand(0, strlen($vocs)-1), 1);
}
$makepass = $con[0] . $voc[0] .$con[2] . $con[1] . $voc[1] . $con[3] . $voc[3] . $con[4];
return($makepass);
}
include('config.php');
$db = @mysql_connect('localhost',$dbuname,$dbpass) or die('Unable to connect to MySQL server. MySQL said: '.mysql_error());
@mysql_selectdb($dbname) or die('Unable to connect to database. MySQL said: '.mysql_error());
$sql = "SELECT user_id, username, user_email FROM ".$prefix."_users WHERE user_id >1 AND user_active='1'";
if ($test) $sql .= " and username='".$testUser."';";
else $sql .= ';';
$result = @mysql_query($sql) or die('Unable to execute query. MySQL said: '.mysql_error());
$mailLog = '';
$errorLog = '';
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
extract($row);
$newPass = makePass();
$msg = str_replace("{USERNAME}",$username,$message);
$msg = str_replace("{NEWPASSWORD}",$newPass,$msg);
$attemptMail = @mail($user_email, $subject, $msg, "From: ".$fromAddress."\n");
if ($attemptMail) {
$sql = "UPDATE ".$prefix."_users SET user_password='".md5($newPass)."' WHERE user_id = $user_id;";
$result = @mysql_query($sql) or die('Unable to update record for '.$username.'. MySQL said: '.mysql_error()."<br />Script aborted<br /><br />The following users were sent email and their passwords have been reset:<br />".$mailLog);
$mailLog .= $username." - ".$user_email."<br />";
}
else $errorLog .= $username." - ".$user_email."<br />";
}
if (!empty($mailLog)) echo "The following users were sent email and their passwords have been reset:<br />".$mailLog;
if (!empty($errorLog)) echo "The script was unable to send emails to the following users:<br />".$errorLog;
mysql_free_result($result);
mysql_close();
?>
|