function dochangepw($hash, $newpass1, $newpass2) { $time_stamp = time(); global $maindb; if (!checkpwresethash($hash)) { return false; } if (empty($newpass1) or $newpass1 != $newpass2 or strlen($newpass1) < 5) { return false; } $resultrif = mysql_query("select * from md_passwordresets where reset_hash='{$hash}'", $maindb); $reset_file_detail = mysql_fetch_array($resultrif); $newpass_md5 = md5($newpass1); mysql_query("UPDATE md_passwordresets set reset_status='0' where reset_accountid='{$reset_file_detail['reset_accountid']}'", $maindb); mysql_query("UPDATE md_uaccounts set pass_word='{$newpass_md5}' where user_id='{$reset_file_detail['reset_accountid']}'", $maindb); return true; }
<?php require_once '../../init.php'; require_once MAD_PATH . '/www/cp/auth.php'; require_once MAD_PATH . '/functions/adminredirect.php'; require_once MAD_PATH . '/www/cp/admin_functions.php'; if (!checkpwresethash($_GET['hash'])) { echo "Invalid Hash"; exit; } ?> <!doctype html> <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" lang="en"> <!--<![endif]--> <head> <title><?php echo getconfig_var('adserver_name'); ?> - Update Password</title> <meta charset="utf-8"/> <meta name="description" content=""/> <meta name="author" content=""/>