include("settings.php"); $db = mysql_connect($DB_host,$DB_user,$DB_pass); mysql_select_db($DB_base,$db); include ("include/get_authorized.php"); if (isset($_GET['action'])) { if ($_GET['action'] == "logout") { session_unset(); header("Location:index.php"); exit; } if ($_GET['action'] == "add_number" && $not_cabinet == 1) { $query_ac = "INSERT INTO bb_account (_number,_id_user,_demo,_id_product) VALUES (".$_POST['number'].",".$_GET['id_user'].",".$_GET['demo'].",".$_GET['expert'].")"; $result_ac = mysql_query($query_ac); header("Location:index.php"); exit; } if ($_GET['action'] == "account_delete" && $not_cabinet == 1) { $query_ac = "DELETE FROM bb_account WHERE _id='".$_GET['id']."'"; $result_ac = mysql_query($query_ac); header("Location:index.php"); exit; } if ($_GET['action'] == "add_pass") { if (isset($_POST['pass1']) && isset($_POST['pass2']) && isset($_GET['id']) && preg_match("/^[0-9]+$/", $_GET['id'])) { if (trim($_POST['pass1']) != "") { if ($_POST['pass1'] == $_POST['pass2']) { $query = "SELECT * FROM bb_user WHERE _id='".$_GET['id']."'"; $result = mysql_query($query); if ($myrow = mysql_fetch_array($result)) { $inkey = $myrow["_name"].$myrow["_family"].$myrow["_mail"].$myrow["_pass"]."nfb67xjhbs".$myrow['_date']; $key = md5(md5($inkey)); if (isset($_GET['key']) && $key == $_GET['key']) { $pass1 = md5(md5(mysql_real_escape_string(stripslashes(htmlspecialchars(trim($_POST['pass1'])))))); $result_update = mysql_query ("UPDATE bb_user SET _pass = '$pass1' WHERE _id = '".$myrow['_id']."'"); header("Location:index.php?info=passput"); exit(); } else {header("Location:index.php?msg=err");exit();} } else {header("Location:index.php?msg=err");exit();} } else {header("Location:index.php?action=repass&id=".$_GET['id']."&key=".$_GET['key']."&msg=pp");exit();} } else {header("Location:index.php?action=repass&id".$_GET['id']."&key=".$_GET['key']."$msg=nokey");exit();} } else {header("Location:index.php?msg=err");exit();} } if ($_GET['action'] == "restoration") { if (isset($_POST['email']) && preg_match("/[0-9a-z_]+@[0-9a-z_^\.]+\.[a-z]{2,3}/i",$_POST['email'])) { $mail = mysql_real_escape_string(htmlspecialchars(stripslashes(trim($_POST['email'])))); $result = mysql_query("SELECT * FROM bb_user WHERE _mail='".$mail."'",$db); if ($myrow = mysql_fetch_array($result)) { $mail = $myrow['_mail']; $id = $myrow['_id']; $name = $myrow['_name']; $to= $myrow['_name']." ".$myrow['_family']." <".$mail.">"; $subject = $title_message_repas; $inkey = $myrow["_name"].$myrow["_family"].$myrow["_mail"].$myrow["_pass"]."nfb67xjhbs".$myrow['_date']; $key = md5(md5($inkey)); /* сообщение */ $message = "
Hallo, ".$myrow['_name']."
Sie haben neue Password angefordert
bitte hier link anklicken und weitere einweisungen folgen
www.forex-trading-software.ws/vip/index.php?action=repass&id=".$myrow['_id']."&key=".$key."
Falls dies nicht der Fall ist ignorieren sie diesen email.
Bei Fragen VIP Support:
Tel.: +491743384201 am besten von 18-20 Uhr (bei sehr wichtigen Fragen oder Problemme)
Email Support: lizenz@forex-trading-software.ws
Es ist wichtig dass sie unsere Einleitung sorgfaltig durchlesen
und auch alle Schritte befolgen. Bei Fragen kontakt uns.
M.f.G.
W.Wagner
www.forex-trading-software.ws