<%@ Language=JScript %>

<!--#include file="../includes/db.asp"-->
<!--#include file="../includes/email.asp"-->
<!--#include file="../functions/dates.asp"-->

<%
var email = prepSQL(Request.Form("email"));

sql = "SELECT id, username, pwd FROM [user] WHERE email = '" + email + "'";
var rs = Server.CreateObject("adodb.recordset");
rs.Open(sql, connStr);
	
if (!(rs.eof || rs.BOF))
{
	//send password
	toaddress = email;
	toname = String(rs("username"));
	pwd = String(rs("pwd"));

	var title = "";
	var body = "";

	title = "Forgotten password";
	body = "Hi " + toname + "\n\n";
	body += "You have requested to have your password/username from your registration at the Empire Deluxe Ladder resent to this email address:\n";
	body += "\n";
	body += "Username: " + toname + "\n";
	body += "Password: " + pwd + "\n";
	body += "\n";
	body += "You are now able to login again at the website.\n";
	body += "Good luck,\n";
	body += "\nThe Empire Deluxe Ladder\n";
	body += "www.givoni.com/empire/";
	sendEmail(toaddress, title, body);
	
	Response.Redirect("../forgotten_password.asp?status=ok");
}
else
{
	Response.Redirect("../forgotten_password.asp?error=noemail&email=" + email);
}
%>