$v) unset($_SESSION[$k]); header('Location: /'); exit; } ob_start(); require_once($_SERVER['DOCUMENT_ROOT'].'/functions/auth.php'); if (@$_POST['action']=='forgot_pass'){ require_once($_SERVER['DOCUMENT_ROOT'].'/classes/class.dbm.php'); require_once($_SERVER['DOCUMENT_ROOT'].'/functions/common.php'); $result=$dbm->q('SELECT id, email, firstname,lastname FROM cms_users WHERE email="'.htmlentities(@$_POST['email'],ENT_QUOTES).'"'); if ($row=$dbm->fa($result)){ $code=md5(rand(0,999999999)).md5(rand(0,999999999)); if ($dbm->q('INSERT INTO cms_forgotpass (user_id,code) VALUES('.$row['id'].',"'.$code.'")')){ require_once($_SERVER['DOCUMENT_ROOT'].'/classes/activeMailLib.php'); $body=msg(2); $body=str_replace('%LINK%','http://'.$_SERVER['HTTP_HOST'].'/?code='.$code,$body); $email = new activeMailLib('html'); $email->From('info@gapuma', 'GAPUMA'); $email->To($row['email'],$row['firstname'].' '.$row['lastname']); $email->Subject('Gapuma. Password recovery'); $email->Message($body); $email->priority(3); $email->Send(); print ' '; } } else print ' '; } if (@$_POST['action']=='auth') do_login(); if (@$_POST['action']=='auth_recov'){ require_once($_SERVER['DOCUMENT_ROOT'].'/classes/class.dbm.php'); $result=$dbm->q('SELECT user_id FROM cms_forgotpass WHERE code="'.htmlentities(@$_POST['code']).'"'); if ($row=$dbm->fa($result)){ do_login_recov($row['user_id']); $dbm->q('DELETE FROM cms_forgotpass WHERE user_id='.$row['user_id']); } } $logged=check_login(); require_once($_SERVER['DOCUMENT_ROOT'].'/header.php'); if ($logged===false) print_auth_form(); else{ switch($logged){ case 'user': header('Location: /customers/'); break; case 'manager': header('Location: /departments/'); break; case 'admin': header('Location: /admin2/'); break; } exit; } require_once($_SERVER['DOCUMENT_ROOT'].'/footer.php'); $content=ob_get_contents(); ob_end_clean(); print $content; ?>