WordPress > Lost password ?

$v) { if (is_array($v)) { $array[$k] = add_magic_quotes($v); } else { $array[$k] = addslashes($v); } } return $array; } } if (!get_magic_quotes_gpc()) { $HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS); $HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS); $HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS); } $b2varstoreset = array('action','mode','error','text','popupurl','popuptitle'); for ($i = 0; $i < count($b2varstoreset); $i = $i + 1) { $b2var = $b2varstoreset[$i]; if (!isset($$b2var)) { if (empty($HTTP_POST_VARS["$b2var"])) { if (empty($HTTP_GET_VARS["$b2var"])) { $$b2var = ''; } else { $$b2var = $HTTP_GET_VARS["$b2var"]; } } else { $$b2var = $HTTP_POST_VARS["$b2var"]; } } } switch($action) { case 'logout': setcookie('wordpressuser'); setcookie('wordpresspass'); header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); if ($is_IIS) { header('Refresh: 0;url=b2login.php'); } else { header('Location: b2login.php'); } exit(); break; case 'login': if(!empty($HTTP_POST_VARS)) { $log = $HTTP_POST_VARS["log"]; $pwd = $HTTP_POST_VARS["pwd"]; $redirect_to = $HTTP_POST_VARS["redirect_to"]; } function login() { global $wpdb, $log, $pwd, $error, $user_ID; global $tableusers, $pass_is_md5; $user_login = &$log; $password = &$pwd; if (!$user_login) { $error="ERROR: the login field is empty"; return false; } if (!$password) { $error="ERROR: the password field is empty"; return false; } if ('md5:' == substr($password, 0, 4)) { $pass_is_md5 = 1; $password = substr($password, 4, strlen($password)); $query = "SELECT ID, user_login, user_pass FROM $tableusers WHERE user_login = '$user_login' AND MD5(user_pass) = '$password'"; } else { $pass_is_md5 = 0; $query = "SELECT ID, user_login, user_pass FROM $tableusers WHERE user_login = '$user_login' AND user_pass = '$password'"; } $login = $wpdb->get_row($query); if (!$login) { $error = 'ERROR: wrong login or password'; $pwd = ''; return false; } else { $user_ID = $login->ID; if (($pass_is_md5 == 0 && $login->user_login == $user_login && $login->user_pass == $password) || ($pass_is_md5 == 1 && $login->user_login == $user_login && md5($login->user_pass) == $password)) { return true; } else { $error = 'ERROR: wrong login or password'; $pwd = ''; return false; } } } if (!login()) { header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); if ($is_IIS) { header('Refresh: 0;url=b2login.php'); } else { header('Location: b2login.php'); } exit(); } else { $user_login = $log; $user_pass = $pwd; setcookie('wordpressuser', $user_login, time()+31536000); if ($pass_is_md5) { setcookie('wordpresspass', $user_pass, time()+31536000); } else { setcookie('wordpresspass', md5($user_pass), time()+31536000); } if (empty($HTTP_COOKIE_VARS['wordpressblogid'])) { setcookie('wordpressblogid', 1,time()+31536000); } header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); switch($mode) { case 'bookmarklet': $location = "wp-admin/b2bookmarklet.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; break; case 'sidebar': $location = "wp-admin/sidebar.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; break; case 'profile': $location = "wp-admin/profile.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; break; default: $location = "$redirect_to"; break; } if ($is_IIS) { header("Refresh: 0;url=$location"); } else { header("Location: $location"); } } break; case 'lostpassword': ?> WordPress > Lost password ? "; ?> user_email; $user_pass = $user_data->user_pass; $message = "Login: $user_login\r\n"; $message .= "Password: $user_pass\r\n"; $m = mail($user_email, "Your weblog's login/password", $message); if ($m == false) { echo "

The email could not be sent.
\n"; echo "Possible reason: your host may have disabled the mail() function...

"; die(); } else { echo "

The email was sent successfully to $user_login's email address.
Click here to login!

"; die(); } break; default: if((!empty($HTTP_COOKIE_VARS['wordpressuser'])) && (!empty($HTTP_COOKIE_VARS['wordpresspass']))) { $user_login = $HTTP_COOKIE_VARS['wordpressuser']; $user_pass_md5 = $HTTP_COOKIE_VARS['wordpresspass']; } function checklogin() { global $user_login, $user_pass_md5, $user_ID; $userdata = get_userdatabylogin($user_login); if ($user_pass_md5 != md5($userdata->user_pass)) { return false; } else { return true; } } if ( !(checklogin()) ) { if (!empty($HTTP_COOKIE_VARS['wordpressuser'])) { $error="Error: wrong login/password"; //, or your session has expired."; } } else { header("Expires: Wed, 5 Jun 1979 23:41:00 GMT"); /* private joke: this is Michel's birthdate - though officially it's on the 6th, since he's GMT+1 :) */ header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); /* different all the time */ header("Cache-Control: no-cache, must-revalidate"); /* to cope with HTTP/1.1 */ header("Pragma: no-cache"); header("Location: wp-admin/b2edit.php"); exit(); } ?> WordPress > Login form "; ?>