Thursday, March 19, 2009

Script Forgotpass Dot PHP

<?
include"koneksi.inc.php";
session_start();
function makeRandomcaptcha() {
$salt ="abch123efgABCDEFhjkm4LMNP567npqGHIJKrstuvwxyz89";
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 5) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}

$captcha_word = makeRandomcaptcha();

if($_GET[tampil]=="1")
{
$im = imagecreate(100, 30);

$hitam = imagecolorallocate( $im,255,255,255);
$putih = imagecolorallocate( $im,0,0,0);
$ukuran_font = 5;

imageline($im, 0, 15, 99, 15, $putih);


$pos_x = (imageSX($im) - strlen($_GET[cod]) * imagefontwidth($ukuran_font))/2;
$pos_y =(imageSY($im) - imagefontheight($ukuran_font))/2;

imagestring($im, $ukuran_font, $pos_x, $pos_y, $_GET[cod], $putih);


header("Content-Type: image/jpeg");
imageJPEG($im);
imagedestroy($im);
}

echo"<fieldset style=\"padding:4px;border:1px solid #bbbbbb;width:500px;font-family:verdana;font-size:11px\">";
echo"<legend align=right><b><i>LUPA PASSWORD</i></b></legend>";
echo"<div><form method=\"POST\" action=\"forgotpass.php\">";
echo"<input type=\"hidden\" name=\"words\" value=\"$captcha_word\">";
echo"<div>Masukkan NAMA ID Anda</div>";
echo"<div><input type=\"text\" name=\"namaid\"></div>";
echo"<div><img src=forgotpass.php?tampil=1&cod=$captcha_word></div>";
echo"<div>Masukkan Kode Unik ini</div>";
echo"<div><input type=\"text\" name=\"word\"></div>";
echo"<div><input type=\"submit\" name=\"submit\" value=\"submit\"> [ <a href=\"http://abgamal.blogspot.com\">back to BLOGPROJECT</a> ]</div>";
echo"</form></fieldset>";

if($_POST[submit])
{
$sql=mysql_query("SELECT * FROM user WHERE nama='$_POST[namaid]'");
$ada=mysql_num_rows($sql);

$hsl=mysql_fetch_array($sql);

if($_POST[namaid]=="")
{
echo"<script>alert('Nama ID anda belum diisi');</script>";
}
elseif($ada=="0")
{
echo"<script>alert('Nama ID anda belum terdaftar');</script>";
}
elseif($_POST[word]=="" || $_POST[word]!="$_POST[words]")
{
echo"<script>alert('Kode Unik belum diisi atau salah');</script>";
}
else
{
function password() {
$salt ="abch123efgABCDEFhJKrstuvwxyz89jkm4LMNP567npqGHI";
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 5) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}

$katakunci = password();
$katakuncix=md5($katakunci);

mysql_query("UPDATE user SET password='$katakuncix' WHERE nama='$_POST[namaid]'");

$welcome .="Dear $_POST[namaid]".","."\n";
$welcome .="Password Anda Telah Berubah"."\n\n";
$welcome .="LOGIN ID ANDA".":"."$_POST[namaid]"."\n";
$welcome .="PASSWORD ANDA".":"."$katakunci"."\n\n";
$welcome .="# author:BLOGPROJECT ABDGAMAL\n".
"# email: abdgamal16@gmail.com\n".
"# url :http://abgamal.blogspot.com";
$kirim= mail("$hsl[email]","PERUBAHAN PASSWORD","$welcome\n\n", "FROM:\"BLOGPROJECT ABDGAMAL\"<abdgamal16@gmail.com>\n"."X-IP-Address: $_SERVER[REMOTE_ADDR]\n"."X-Referer: $_SERVER[HTTP_REFERER]\n");

if($kirim)
{
?>
<script>alert("Password Anda telah kami kirim via Email Silahkan di Cek");
window.location="http://abgamal.blogspot.com";
</script>
<?
}
}
}
?>

INI BAGIAN YANG TIDAK TERMASUK YANG DI COPY
Ket : Ganti bagian yang berwarna merah sesuai dengan identitas anda masing-masing

1 comment: