/**
* @param mysqli $db
* @param mysqli_stmt $stmt
* @return boolean The result of mysqli_stmt->execute()
*/
function checkExecute($db, $stmt)
{
$result = $stmt->execute();
if ($result === FALSE) {
stmtError($db, $stmt);
}
return $result;
}
if (!isset($user)) {
showResetScreen();
exit;
}
// handle the case that we got the username.
$db = getAuthDb();
if ($db === NULL) {
handleError("Could not connect to the database");
}
$stmt = checkPrepare($db, "SELECT UNIX_TIMESTAMP()-UNIX_TIMESTAMP(`resettime`) FROM `users` WHERE `user`=?");
checkBindParam($db, $stmt, "s", $user);
checkBindResult($db, $stmt, $resettime);
checkExecute($db, $stmt);
$result = $stmt->fetch();
if ($result === FALSE) {
stmtError($db, $stmt);
} elseif ($result === NULL) {
$stmt->close();
$db->close();
showResetScreen("Invalid user");
exit;
}
$stmt->close();
if ($resettime !== NULL && $resettime < MIN_RESET_DELAY) {
$db->close();
handleError("Only one reset attempt allowed per " . MIN_RESET_DELAY . "seconds");
}
$db->autocommit(FALSE);
$fp = fopen('/dev/urandom', 'rb');
if ($fp !== FALSE) {
$token = bin2hex(fread($fp, 10));
