inviter = r[0] #Check that the email isn't already registered. q.execute('SELECT username FROM users WHERE email in %s',[tuple(list_of_addresses)]) if(q.rowcount!=0): print 'Location: ../admin.php \n\n' exit() for i in list_of_addresses: changekey = ''.join(random.sample(string.ascii_letters + string.digits,50)) list_of_keys.append(changekey) q.execute('INSERT into invites (email, datesent, invitekey) VALUES (%s,localtimestamp,%s)',[i,changekey]) dbconn.commit() q.close() dbconn.close() for i,j in enumerate(list_of_addresses): mailstr="Hi, \n" mailstr+="\tYou have been invited by "+inviter+" to register an account with the Inhibitor Discovery, Design, and Quantification database at "+config.domain+". " mailstr+="Follow the link below to register your account.\n\n" mailstr+=config.domain mailstr+="/registerpage.php?invitekey="+list_of_keys[i]+" \n\n\n\n" mailstr+="(This was an automated message from "+config.domain+")" config.sendemail(j,mailstr) except Exception: config.returnhome(51) print 'Location: ../admin.php \n\n'
print 'Location: ../changepasswordrequestpage.php?status=openrequest \n\n' sys.exit() #This now appears to be a valid request. #End past requests. Unused requests get datechanged set to localtime and the changed variable remains false. q.execute('UPDATE passwordchanges SET datechanged=localtimestamp WHERE userid=%s',[userid]) #Create new request changekey = ''.join(random.sample(string.ascii_letters + string.digits,50)) q.execute('INSERT INTO passwordchanges (userid,daterequested,changekey) VALUES(%s,localtimestamp,%s)',[userid,changekey]) dbconn.commit() q.close() dbconn.close() #Send email to user url = config.domain+"/changepasswordpage.php?key="+changekey mailstr="""Hi, Below is a URL for your password reset at {}. It will expire in 24 hours. {} (This was an automated message from {}) """.format(config.domain,url,config.domain) config.sendemail(email,mailstr) config.returnhome(0) except Exception: config.returnhome(34)