inviter = r[0]
#Check that the email isn't already registered.
q.execute('SELECT username FROM users WHERE email in %s',[tuple(list_of_addresses)])
if(q.rowcount!=0):
print 'Location: ../admin.php \n\n'
exit()
for i in list_of_addresses:
changekey = ''.join(random.sample(string.ascii_letters + string.digits,50))
list_of_keys.append(changekey)
q.execute('INSERT into invites (email, datesent, invitekey) VALUES (%s,localtimestamp,%s)',[i,changekey])
dbconn.commit()
q.close()
dbconn.close()
for i,j in enumerate(list_of_addresses):
mailstr="Hi, \n"
mailstr+="\tYou have been invited by "+inviter+" to register an account with the Inhibitor Discovery, Design, and Quantification database at "+config.domain+". "
mailstr+="Follow the link below to register your account.\n\n"
mailstr+=config.domain
mailstr+="/registerpage.php?invitekey="+list_of_keys[i]+" \n\n\n\n"
mailstr+="(This was an automated message from "+config.domain+")"
config.sendemail(j,mailstr)
except Exception:
config.returnhome(51)
print 'Location: ../admin.php \n\n'
print 'Location: ../changepasswordrequestpage.php?status=openrequest \n\n'
sys.exit()
#This now appears to be a valid request.
#End past requests. Unused requests get datechanged set to localtime and the changed variable remains false.
q.execute('UPDATE passwordchanges SET datechanged=localtimestamp WHERE userid=%s',[userid])
#Create new request
changekey = ''.join(random.sample(string.ascii_letters + string.digits,50))
q.execute('INSERT INTO passwordchanges (userid,daterequested,changekey) VALUES(%s,localtimestamp,%s)',[userid,changekey])
dbconn.commit()
q.close()
dbconn.close()
#Send email to user
url = config.domain+"/changepasswordpage.php?key="+changekey
mailstr="""Hi,
Below is a URL for your password reset at {}. It will expire in 24 hours.
{}
(This was an automated message from {})
""".format(config.domain,url,config.domain)
config.sendemail(email,mailstr)
config.returnhome(0)
except Exception:
config.returnhome(34)