Your IP : 216.73.216.40
<span id='title'>Password@IIITA Self-Recovery</span><br><br>
<?php
//if (!isset($_SESSION["uid"])) {
// login($pg);
//} else {
if (!$uid) {
echo "Login ID <input type='text' name='uid' value='$uid' size='20'>
<input type='submit' name='submit' value='SUBMIT'>";
} else {
$forwardmail = htmlsafe($_POST["forwardmail"]);
$secrethint = htmlsafe($_POST["secrethint"]);
$secretcode = htmlsafe($_POST["secretcode"]);
$ipaddr = $_SERVER["REMOTE_ADDR"];
$dated = date("Y-m-d H:i:s");
$ds = ldap_connect("ldap.iiita.ac.in");
if ($ds) {
$z = ldap_bind($ds);
$a = ldap_search($ds, "dc=iiita,dc=ac,dc=in", "uid=$uid");
$b = ldap_get_entries($ds, $a);
$dn = $b[0]["dn"];
$r = ldap_bind($ds, $dn);
$q = ldap_search($ds, "dc=iiita,dc=ac,dc=in", "(&(uid=$uid)(objectclass=posixAccount))");
$info = ldap_get_entries($ds, $q);
} else {
echo "<b id='alert'>Ldap error</b>";
exit;
}
/*
echo "<div align='center'>";
for ($item = 0; $item < $info['count']; $item++) {
for ($attribute = 0; $attribute < $info[$item]['count']; $attribute++) {
$data = $info[$item][$attribute];
echo $data.": <b>".$info[$item][$data][0]."</b><br>";
}
}
echo "</div>";
*/
if ($info["count"] > 0) {
$cn = strtoupper($info[0]["cn"][0]);
$gecos = ucwords(strtolower(strtr($info[0]["gecos"][0],"-"," ")));
$eno = $info[0]["employeenumber"][0];
$email = $info[0]["mail"][0];
if (!$forwardmail) $forwardmail = $info[0]["mailforwardingaddress"][0];
if (!$mobile) $mobile = $info[0]["mobile"][0];
$secret = explode(':',$info[0]["registeredaddress"][0]);
$secrethint = $secret[0];
$secretcode1 = $secret[1];
}
if (!$secrethint) {
echo "<dir>It seems, secret hint/code has not been set by you.<br><br>
Please goto <a href='?pg=accountreg&loginid=$uid'>Mail Account Setting</a>
to set these information.<br><br>
Thanks.</dir>";
exit;
}
if ($submit == 'RESET PASSWORD') {
if (strpos($forwardmail, "iiita.ac.in") || !$forwardmail) {
echo "Please mention some external email address.<br>
Thanks.";
exit;
}
if ($info["count"] > 0) {
$gecos = ucwords(strtolower(strtr($info[0]["gecos"][0],"-"," ")));
$secret = explode(':',$info[0]["registeredaddress"][0]);
$secretcode1 = $secret[1];
}
if ($secretcode1 == $secretcode) {
$bd = ldap_bind($ds, "cn=Manager,dc=iiita,dc=ac,dc=in","\$dollfinn");
$pwd1 = 'iiita' . rand(111,999);
$pwd = '{CRYPT}' . crypt($pwd1);
$info1["userPassword"][0] = "$pwd";
$r = ldap_modify($ds, $dn, $info1);
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->FromName = "indem@iiita.ac.in";
$mail->From = "indem@iiita.ac.in";
$mail->Username = "indem";
$mail->Password = "#indemica";
$mail->AddAddress("$forwardmail","$uid");
$mail->AddAddress("indem@iiita.ac.in","INDEM@IIITA");
$mail->Subject = "Password Recovery for Mail@IIITA";
$mail->Body = "Dear $gecos ($eno) ! \n
Your request for PASSWORD@IIITA Self-Recovery has been recevied at INDEM. We are pleased to set your new password as $pwd1 so that you can get into your IIIITA mailbox. As this is a pure temporary arrangement, you are requested to kindly change it at the very first login to avoid any inconvenience.
If needed, you will be contacted on your no. $mobile. If desired, you may also contact us at 91-532-2922151/2/3.
$ipaddr is the IP address of your system request for PASSWORD@IIITA Self-Recovery received from.
Happy mailing & good wishes,
INDEM
IIIT - Allahabad";
if ($mail->Send()) {
echo "<br><font color=red>Thanks $gecos! Pl. goto your mailbox $forwardmail and get the new password therein sent mail.</font>";
} else {
echo "<br><font color=red>Sorry $gecos! Mail could not be send on $forwardmail. Try with other email address.</font>";
}
} else {
echo "<br>Sorry $gecos! Try again as secret code did not match.<br>
Please set secret code on <a href='accountreg.php'>Mail Account Setting</a>
or contact at 91-532-2922151/2/3<br>
Thanks.";
exit;
}
}
echo "<br>
<table class=normal border='0' bgcolor='white' cellspacing='0' width='100%'>
<tr><td>User ID</td><td><b>$uid</b> (email address: $email)<input type='hidden' name='uid' value='$uid'></td></tr>
<tr><td>External Email *</td><td><input type='text' name='forwardmail' value='$forwardmail' size='40'>
<br>must be an external email to receive password of IIITA mail account</td></tr>
<tr><td>Mobile No.</td><td><input type='text' name='mobile' value='$mobile' size='40'>
<br>useful if INDEM needs to communicate password telephonically</td></tr>
<tr><td>Secret Hint</td><td><b>$secrethint</b></td></tr>
<tr><td>Secret Code *</td><td><input type='password' name='secretcode' value='$secretcode' size='20'>
<br>help recover password of IIITA mail account via mail at external address mentioned below</td></tr>
<tr><td></td><td><input type='submit' name='submit' value='RESET PASSWORD'></td></tr>
</table><br>
<ol>
<li>Employee No./Roll No. setting on LDAP is must to avail online password recovery.</li>
<li>Secret hint and secret code settings must be set on LDAP for this service.</li>
<li>Blank fields may cause problem on IIITA mail server.</li>
<li>Mail forwarding address is must for receiving password.</li>
<li>Contact no. is useful in communication when mail is not accessible.</li>
</ol>";
ldap_close($ds);
}
?>