Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/indem/
Upload File :
Current File : /var/www/html/mmishra/indem/setsecret.inc

<span id='title'>Password Recovery</span><br><br>
<?php
if (!isset($_SESSION["uid"])) {
        login($pg);
} else {
	$forwardmail = htmlsafe($_POST["forwardmail"]);
	$secrethint = htmlsafe($_POST["secrethint"]);
	$secretcode = htmlsafe($_POST["secretcode"]);
	$source_ip = $_SERVER["REMOTE_ADDR"];
	$dated = date("Y-m-d H:i:s");

	$ds = ldap_connect("ldap.iiita.ac.in");  // must be a valid LDAP server!
	if ($ds) {
        	$z = ldap_bind($ds);
        	$a = ldap_search($ds, "dc=iiita,dc=ac,dc=in", "uid=$uid");
        	$b = ldap_get_entries($ds, $a);
        	$dn = $b[0]["dn"];
		$r = ldap_bind($ds, $dn);
		$q = ldap_search($ds, "dc=iiita,dc=ac,dc=in", "(&(uid=$uid)(objectclass=posixAccount))");
		$info = ldap_get_entries($ds, $q);
	} else {
        	echo "<b id='alert'>Ldap error</b>";
        	exit;
	}

	/*
	echo "<div align='center'>";
	for ($item = 0; $item < $info['count']; $item++) {
		for ($attribute = 0; $attribute < $info[$item]['count']; $attribute++) {
			$data = $info[$item][$attribute];
    			echo $data.":&nbsp;&nbsp;<b>".$info[$item][$data][0]."</b><br>";
       		}
	}
	echo "</div>";
	*/
	if ($info["count"] > 0) {
               	$cn = strtoupper($info[0]["cn"][0]);
               	$gecos = ucwords(strtolower(strtr($info[0]["gecos"][0],"-"," ")));
               	$rollno = $info[0]["employeenumber"][0];
               	$mail = $info[0]["mail"][0];
               	if (!$forwardmail) $forwardmail = $info[0]["mailforwardingaddress"][0];
               	if (!$mobile) $mobile = $info[0]["mobile"][0];
		$secret = explode(':',$info[0]["registeredaddress"][0]);
               	$secrethint = $secret[0];
               	//$secretcode1 = $secret[1];
	}
	if (!$secrethint) {
		echo "Secret hint/code has not been set by you.<br>
		Please goto <a href='?pg=accountreg&loginid=$uid'>Account Registration Form</a> 
		to set these information.<br>
		Thanks.";
		exit;
	}
	if ($submit == 'RESET PASSWORD') {
		if (strpos($forwardmail, "iiita.ac.in") || !$forwardmail) {
			echo "Please mention some external email address.<br>
			Thanks.";
			exit;
		}
		if ($info["count"] > 0) {
               		$gecos = ucwords(strtolower(strtr($info[0]["gecos"][0],"-"," ")));
			$secret = explode(':',$info[0]["registeredaddress"][0]);
       			$secretcode1 = $secret[1];
		}
		if ($secretcode1 == $secretcode) {
               		$bd = ldap_bind($ds, "cn=Manager,dc=iiita,dc=ac,dc=in","aksr2it");
       			$pwd1 = 'iiita' . rand(111,999);
       			$pwd = '{CRYPT}' . crypt($pwd1);
       			$info1["userPassword"][0] = "$pwd";
        		$r = ldap_modify($ds, $dn, $info1);
     		
       			$mail = new PHPMailer();
       			$mail->IsSMTP(); // telling the class to use SMTP
       			$mail->FromName = "indem@iiita.ac.in";
       			$mail->From = "indem@iiita.ac.in";
       			$mail->AddAddress("$forwardmail","$uid");
       			$mail->AddAddress("indem@iiita.ac.in","INDEM@IIITA");

			$mail->Subject = "Password Recovery for Mail@IIITA";
       			$mail->Body = "Dear $gecos ! \n
Your request for password recovery has been recevied at INDEM.
Password will be mailed to you at your address after verification
of your account information on IIITA LDAP.

If needed you will be contacted on your no. $mobile. You may also
contact at 91-532-2922152 at your desire.

Temporary password of your mail account is: $pwd1
Kindly change it at very first login to your mailbox.

IP address request received from: $source_ip

Good whishes,


INDEM
IIIT - Allahabad";
			if ($mail->Send()) {
				echo "<br>Thanks $gecos! Goto your mailbox $forwardmail and check for password";
			} else {
				echo "<br>Sorry $gecos! Mail could not be send on $forwardmail. Try with other email address";
			}
		} else {
			echo "<br>Sorry $gecos! Try again as secret code did not match.<br> 
			Please set secret code on <a href='accountreg.php'>Account Registration Page</a> 
			or contact at 91-532-2922152<br>
			Thanks.";
			exit;
		}
	}
        echo "<br>
        <table class=normal border='0' bgcolor='white' cellspacing='0' width='100%'>
        <tr><td >Login ID</td><td><b>$uid</b></td></tr>
        <tr valign='top'><td>Secret Hint</td><td><b>$secrethint</b></td></tr>
        <tr valign='top'><td>Secret Code *</td><td><input type='password' name='secretcode' value='$secretcode' size='20'>
        <br>help to recover password of IIITA mail account via mail at external address mentioned below</td></tr>
        <tr valign='top'><td>External Email *</td><td><input type='text' name='forwardmail' value='$forwardmail' size='40'>
        <br>must be an external email to receive password of IIITA mail account</td></tr>
        <tr valign='top'><td>Contact No.</td><td><input type='text' name='mobile' value='$mobile' size='40'>
        <br>in case INDEM needs to communicate password telephonically</td></tr>
        <tr><td></td><td><input type='submit' name='submit' value='RESET PASSWORD'></td></tr>
        </table><br>
	<ol>
      	<li>Employee No./Roll No. setting on LDAP is must to avail online password recovery.</li>
	<li>Secret hint and secret code setting is must on LDAP for this service.</li>
      	<li>Blank fields may cause problem on IIITA mail server.</li>
      	<li>Mail forwarding address is must for receiving password. If not set mail would be discarded.</li>
      	<li>Contact no. is useful in communication when mail is not accessible.</li>
      	</ol>";
	ldap_close($ds);
}
?>