-
Notifications
You must be signed in to change notification settings - Fork 1
/
recover_facultypassword_action.php
53 lines (41 loc) · 2.27 KB
/
recover_facultypassword_action.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<!-- Developed By: Arslan Khalid -->
<?php
include_once("common/commonfunctions.php"); //including Common function library
include_once("common/config.php"); //including DB Connection File
include_once("common/sendfunctions.php"); //including the SMS API and Mail Code
//---------------------------------SERVER SIDE VALIDATION STARTS HERE --------------------------------------------------------------//
//checking if $post is not set or empty
$b=checkPost($_POST, array('facultyUsername','facultyType'));
if(!$b)
{
redirect_to("recoverfacultypassword.php?ErrorID=2");//retuning the error message back to the login page
exit();//then exit
}
$unsafe=$_POST['facultyUsername']; //posting id of the alloted room
$facultyUsername =clean($unsafe); //cleaning variable to prevent SQL injection
$unsafe=$_POST['facultyType']; //posting id of the alloted room
$facultyType =clean($unsafe); //cleaning variable to prevent SQL injection
$result8=mysql_query("SELECT Username FROM `$facultyType` WHERE `Username` = '$facultyUsername' LIMIT 1" ); //checking either record already exists or not
$exist1 = mysql_fetch_row($result8); //executing the query
if ($exist1 ==false ) {
redirect_to("recoverfacultypassword.php?ErrorID=1");//if already exists return with error code
}
$result9=mysql_query("SELECT *FROM `$facultyType` WHERE `Username` = '$facultyUsername'"); //checking either record already exists or not
$exist2 = mysql_fetch_array($result9); //executing the query
//------Getting SMS Attributes---------//
$name=$exist2['Name'];//inserting name
$email=$exist2['EmailAddress'];//inserting email
$number=$exist2['MobileNumber'];//inserting mobile number
$password=$exist2['Password'];
/*
$message ="Mr/Ms: ".$name." Your password has been emailed\n on your email.";
sendSMS($number,$message);
*/
//------------Getting Email Message Attributes------------//
$toEmail=$email;
$subjectText= "MSIS Account Password";
$fromEmail="[email protected]";
$msg="Mr/Ms: ".$name." Your passowrd of MSIS Accounts is ".$password."\n Login to system and stay connected to MSIS.";
sendEmail($toEmail,$subjectText,$msg,$fromEmail);
redirect_to("recoverfacultypassword.php?ErrorID=5");//redirectinf toward register page
?>