Revision 2052
Added by darkviper over 10 years ago
- account/forgot_form : fixed fix...
forgot_form.php | ||
---|---|---|
42 | 42 |
$email = ''; |
43 | 43 |
} else { |
44 | 44 |
// Check if the email exists in the database |
45 |
$sql = 'SELECT `user_id`,`username`,`display_name`,`email`,`last_reset`,`password` '.
|
|
46 |
'FROM `'.TABLE_PREFIX.'users` '.
|
|
47 |
'WHERE `email`=\''.$wb->add_slashes($email).'\'';
|
|
45 |
$sql = 'SELECT `user_id`,`username`,`display_name`,`email`,`last_reset`,`password` ' |
|
46 |
. 'FROM `'.TABLE_PREFIX.'users` '
|
|
47 |
. 'WHERE `email`=\''.$wb->add_slashes($email).'\'';
|
|
48 | 48 |
|
49 | 49 |
if(($results = $database->query($sql))) |
50 | 50 |
{ |
... | ... | |
59 | 59 |
$old_pass = $results_array['password']; |
60 | 60 |
// Generate a random password then update the database with it |
61 | 61 |
$new_pass = $pwh->createNew(); |
62 |
$sql = 'UPDATE `'.TABLE_PREFIX.'users` '.
|
|
63 |
'SET `password`=\''.md5($new_pass);
|
|
64 |
'`last_reset`='.time().' '.
|
|
65 |
'WHERE `user_id`='.(int)$results_array['user_id'];
|
|
62 |
$sql = 'UPDATE `'.TABLE_PREFIX.'users` ' |
|
63 |
. 'SET `password`=\''.md5($new_pass).'\', '
|
|
64 |
. '`last_reset`='.time().' '
|
|
65 |
. 'WHERE `user_id`='.(int)$results_array['user_id'];
|
|
66 | 66 |
unset($pwh); // destroy $pwh-Object |
67 | 67 |
if($database->query($sql)) |
68 | 68 |
{ // Setup email to send |
Also available in: Unified diff