if ($new_password1 !== $new_password2){ $GLOBALS['error']['password_mismatch'] = 1; $GLOBALS['smarty']->display('page_reset.txt'); exit(); } $rsp = users_update_password($user, $new_password1); if (! $rsp['ok']){ $GLOBALS['error']['update_failed'] = 1; $GLOBALS['smarty']->display('page_reset.txt'); exit(); } users_purge_password_reset_codes($user); users_reload_user($user); login_do_login($user); exit(); } # # output # $smarty->display('page_reset.txt'); exit(); ?>
function users_generate_password_reset_code(&$user) { loadlib('random'); users_purge_password_reset_codes($user); $code = ''; while (!$code) { $code = random_string(32); $enc_code = AddSlashes($code); if (db_single(db_fetch("SELECT 1 FROM users_password_reset WHERE reset_code='{$enc_code}'"))) { $code = ''; } break; } $rsp = db_insert('users_password_reset', array('user_id' => $user['id'], 'reset_code' => $enc_code, 'created' => time())); if (!$rsp['ok']) { return null; } return $code; }