session_start();
session_register("customerid");
session_register("tries");
session_register("turingnumber");
include("includes/email2.inc.php");
include("includes/databaseconnect.php");
include("includes/emailtemplate.inc.php");
#if(!isset($tries)) { $tries=5; } else { $tries=$tries-1; }
if(!isset($tries)) { $tries=5; } else { $tries=10; }
if(!isset($pageid)) { $pageid=1; }
$tmstamp = date("YmdHis");
$flgError=0;
if(isset($SubmitAnswer)) {
$sql="select firstname, lastname, securitya, email, password from customers where email='$Email';";
$rs=mysql_query($sql);
$num=mysql_num_rows($rs);
$firstname=mysql_result($rs,0,"firstname");
$lastname=mysql_result($rs,0,"lastname");
$securitya=mysql_result($rs,0,"securitya");
$email=mysql_result($rs,0,"email");
$password=mysql_result($rs,0,"password");
//$loginlink="https://www.phoenix-pay.com/login.php";
$loginlink="http://www.phoenix-pay.com/login.php";
$custname=$firstname." ".$lastname;
$thislogindate=date("Y-m-d H:i:s");
$thisloginip=getenv("REMOTE_ADDR");
$thisloginhost=gethostbyaddr($thisloginip);
$securityinfo1="Requester IP number: $thisloginip";
$securityinfo2="Requester host: $thisloginhost";
if(strtoupper($Answer)==strtoupper($securitya)) {
$pageid=3;
$textbody="Dear $firstname, \n\nYou asked us resend the password for your Phoenix-pay.com account.\nThe password is: $password.\n\nPlease log into phoenix-pay by following this link:\n$loginlink.\n\nThank you for using phoenix-pay!\n\nThe phoenix-pay Team\n\n----------------------\nSecurity information\n---------------------\n$securityinfo1\n$securityinfo2";
$htmlbody="Dear $firstname,
The password for your Phoenix-pay.com account is: $password.
Please log into phoenix-pay by following this link: ";
$htmlbody.="$loginlink
Thank you for using Phoenix-pay.com!
The Phoenix-pay.com Team
---------------------
Security information
---------------------
$securityinfo1
$securityinfo2";
$htmlbody=emailwrapper("Lost password request", $htmlbody);
sendemail("accounts@phoenix-pay.com", "Phoenix-pay.com", "accounts@phoenix-pay.com", $email, $custname, "Lost Phoenix-pay.com password", $htmlbody, $textbody, "text");
} else {
$flgError=1;
$pageid=2;
}
}
if(isset($SubmitEmail)) {
if($turingnumber==$turing) {
if(strlen($Email)<7) {
$flgError=3;
$pageid=1;
} else {
$sql="select customerid, password, securityq from customers where email='$Email';";
$rs=mysql_query($sql);
$num=mysql_num_rows($rs);
if($num==0) {
$flgError=1;
$pageid=1;
} else {
$securityq=mysql_result($rs,0,"securityq");
$pageid=2;
}
}
} else {
$flgError=4;
$pageid=1;
}
}
echo startpage($tmstamp);
if($pageid==1) {
$turingnumber=substr(md5(microtime().posix_getpid()), 0, 6);
?>