Here is a password reset tool I whipped up today for use with the SVN Login Server.
Same deal as the account creation tool, I stripped it down so it could be customized easily. Make sure to change the mysql info as well as the
admin@somewhere.com to your email address. **Note: admin email is lower in the code.**
This script will email a confirmation to the user as well as Bcc the server admin once you change the Bcc: address. Once you verify it is working you may want to remove the $header from the mail line if you don't want users passwords mailed to you when they change them.
pwreset.php
Code:
<!-- EQEmulator SVN Login Server Account Password Reset Utility - By: Cubber -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict/EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>EQEmulator SVN Login Server Account Password Reset Utility</title>
<meta name="description" content="EQEmulator SVN Login Server Account Password Reset Utility.">
</head>
<body>
<h1>Password Reset Utility</h1>
<p>Please fill out the form below to change your login server password.</p>
<br />
<form method="post" action="insert.php">
Username: <i>(Max 16 chars)</i><br />
<input name="username" type="text" id="username" maxlength="16" />
<br /><br />
Current Password: <i>(Max 16 chars)</i><br />
<input name="pw" type="password" id="pw" maxlength="16" />
<br /><br />
New Password: <i>(Max 16 chars)</i><br />
<input name="npw" type="password" id="npw" maxlength="16" />
<br /><br />
Confirm New Password: <i>(Max 16 chars)</i><br />
<input name="cnpw" type="password" id="cnpw" maxlength="16" />
<br /><br />
<input name="Submit" type="submit" value="Change Password" />
</form>
<br />
</body>
</html>
insert.php
Code:
<!-- EQEmulator SVN Login Server Account Password Reset Utility - By: Cubber -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict/EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>EQEmulator SVN Login Server Account Password Reset Utility</title>
<meta name="description" content="EQEmulator SVN Login Server Account Password Reset Utility.">
<head>
<body>
<p>
<?php
$DB_ADDY = "localhost"; //address:port for the MySQL server
$DB_USER = "eqemu"; //username to login to MySQL with
$DB_PASS = "eqemu"; //password to login to MySQL with
$DB_DB = "peq"; //database name to use "peq" for default installation
$user = $_POST['username'];
$pass = $_POST['pw'];
$npass = $_POST['npw'];
$cnpass = $_POST['cnpw'];
function error_s($text)
{
echo("<p>" . $text);
};
$user_chars = "#[^a-zA-Z0-9_\-]#";
if ( !isset($_POST['username']) || !isset($_POST['pw']) || !isset($_POST['npw']) || !isset($_POST['cnpw']) )
{
echo "User/Pass/Email not passed. Click <a href=pwreset.php>here</a> and try again.";
return;
}
$con = @mysql_connect($DB_ADDY, $DB_USER, $DB_PASS);
if (!$con)
{
error_s("Unable to connect to database: " . mysql_error());
};
if (!empty($_POST))
{
if ((empty($_POST["username"]))||(empty($_POST["pw"]))||(empty($_POST["npw"]))||(empty($_POST["cnpw"])) )
{
error_s("You did not enter all the required information. Click <a href=pwreset.php>here</a> and try again.");
exit();
}
else
{
$username = ($_POST["username"]);
$pw = ($_POST["pw"]);
$npw = ($_POST["npw"]);
$cnpw = ($_POST["cnpw"]);
if (strlen($username) < 5)
{
error_s("Username too short. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (strlen($username) > 16)
{
error_s("Username too long. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (strlen($pw) < 6)
{
error_s("Password too short. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (strlen($pw) > 16)
{
error_s("Password too long. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (strlen($npw) < 6)
{
error_s("New password too short. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (strlen($npw) > 16)
{
error_s("New password too long. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (strlen($cnpw) < 6)
{
error_s("New password too short. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (strlen($cnpw) > 16)
{
error_s("New password too long. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (preg_match($user_chars,$username))
{
error_s("Username contained illegal characters. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (preg_match($user_chars,$pw))
{
error_s("Password contained illegal characters. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (preg_match($user_chars,$npw))
{
error_s("New password contained illegal characters. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if (preg_match($user_chars,$cnpw))
{
error_s("New password contained illegal characters. Click <a href=pwreset.php>here</a> and try again.");
exit();
};
if ($npw != $cnpw)
{
error_s("Passwords do not match! Click <a href=pwreset.php>here</a> and try again.");
exit();
}
$username = mysql_real_escape_string($username);
$pw = mysql_real_escape_string($pw);
$npw = mysql_real_escape_string($npw);
$cnpw = mysql_real_escape_string($cnpw);
$qry = @mysql_query("select AccountName from " . mysql_real_escape_string($DB_DB) . ".tblLoginServerAccounts where AccountName = '" . $username . "'", $con);
if (!$qry)
{
error_s("Error querying database: " . mysql_error());
};
if ($existing_username = mysql_fetch_assoc($qry))
{
foreach ($existing_username as $key => $value)
{
$existing_username = $value;
};
};
$pwqry = @mysql_query("select AccountPassword from " . mysql_real_escape_string($DB_DB) . ".tblLoginServerAccounts where AccountName = '" . $username . "'", $con);
if (!$pwqry)
{
error_s("Error querying database: " . mysql_error());
};
if ($pw_check = mysql_fetch_assoc($pwqry))
{
foreach ($pw_check as $key => $value)
{
$pw_check = $value;
};
};
$sha_oldpass_hash = sha1(($pw));
if ($sha_oldpass_hash != $pw_check)
{
error_s("Your account password was incorrect Click <a href=pwreset.php>here</a> and try again.");
exit();
}
$existing_username = ($existing_username);
if ($existing_username == ($_POST['username']))
{
$sha_pass_hash = sha1(($npw));
$register_sql = "UPDATE " . mysql_real_escape_string($DB_DB) . ".tblLoginServerAccounts SET AccountPassword='$sha_pass_hash' WHERE AccountName='$username' ";
};
$mailqry = @mysql_query("select AccountEmail from " . mysql_real_escape_string($DB_DB) . ".tblLoginServerAccounts where AccountName = '" . $username . "'", $con);
if (!$mailqry)
{
error_s("Error querying database: " . mysql_error());
};
if ($acct_email = mysql_fetch_assoc($mailqry))
{
foreach ($acct_email as $key => $value)
{
$acct_email = $value;
};
};
$headers = 'Bcc: admin@somewhere.com' . "\r\n";
$sendto = $acct_email;
$subject = "Your Login Server Password Has Been Changed";
$message = "Your Login Server password for the EQEmulator game server has been changed. Account details:\n username: $user\n password: $npass\n";
unset($mailqry);
unset($qry);
unset($pwqry);
$qry = @mysql_query($register_sql, $con);
if (!$qry)
{
error_s("Error changing password: " . mysql_error());
}
else
{
mail($sendto, $subject, $message, $headers);
echo("Your password was successfully changed!");
};
exit();
};
}
else
{
echo($page);
};
?>
</p>
</body>
</html>