Revision 2052
Added by darkviper almost 12 years ago
- account/forgot_form : fixed fix...
| forgot_form.php | ||
|---|---|---|
| 42 | 42 |
$email = ''; |
| 43 | 43 |
} else {
|
| 44 | 44 |
// Check if the email exists in the database |
| 45 |
$sql = 'SELECT `user_id`,`username`,`display_name`,`email`,`last_reset`,`password` '.
|
|
| 46 |
'FROM `'.TABLE_PREFIX.'users` '.
|
|
| 47 |
'WHERE `email`=\''.$wb->add_slashes($email).'\'';
|
|
| 45 |
$sql = 'SELECT `user_id`,`username`,`display_name`,`email`,`last_reset`,`password` ' |
|
| 46 |
. 'FROM `'.TABLE_PREFIX.'users` '
|
|
| 47 |
. 'WHERE `email`=\''.$wb->add_slashes($email).'\'';
|
|
| 48 | 48 |
|
| 49 | 49 |
if(($results = $database->query($sql))) |
| 50 | 50 |
{
|
| ... | ... | |
| 59 | 59 |
$old_pass = $results_array['password']; |
| 60 | 60 |
// Generate a random password then update the database with it |
| 61 | 61 |
$new_pass = $pwh->createNew(); |
| 62 |
$sql = 'UPDATE `'.TABLE_PREFIX.'users` '.
|
|
| 63 |
'SET `password`=\''.md5($new_pass);
|
|
| 64 |
'`last_reset`='.time().' '.
|
|
| 65 |
'WHERE `user_id`='.(int)$results_array['user_id'];
|
|
| 62 |
$sql = 'UPDATE `'.TABLE_PREFIX.'users` ' |
|
| 63 |
. 'SET `password`=\''.md5($new_pass).'\', '
|
|
| 64 |
. '`last_reset`='.time().' '
|
|
| 65 |
. 'WHERE `user_id`='.(int)$results_array['user_id'];
|
|
| 66 | 66 |
unset($pwh); // destroy $pwh-Object |
| 67 | 67 |
if($database->query($sql)) |
| 68 | 68 |
{ // Setup email to send
|
Also available in: Unified diff