function resetPassword($ticket, $emailAddress, $newPassword)
{
//Create query
$databaseQuery = "SELECT * FROM login WHERE emailAddress='{$emailAddress}'";
//Execute Database query
$result = executeDatabase($databaseQuery);
//Fetch array
while ($row = mysqli_fetch_array($result)) {
//Create ticket based off database
$hash = $row['hash'];
$password = $row['password'];
$checkTicket = $hash . $password;
if ($checkTicket == $ticket) {
//Clean query input
$con = createInstance();
$emailAddress = $con->real_escape_string($emailAddress);
$newPassword = saltPassword($newPassword);
$databaseQuery = "UPDATE login SET password='******' WHERE emailAddress='{$emailAddress}'";
executeDatabase($databaseQuery);
print 'reset';
} else {
print 'brequest';
}
}
}
function changePassword($ticket, $username, $newPassword)
{
//Create query
$databaseQuery = "SELECT * FROM login WHERE username='******'";
//Execute Database query
$result = executeDatabase($databaseQuery);
//Fetch array
while ($row = mysqli_fetch_array($result)) {
//Create ticket based off database
$hash = $row['hash'];
$password = $row['password'];
$checkTicket = $hash;
if ($checkTicket == $ticket) {
$newPassword = saltPassword($newPassword);
$databaseQuery = "UPDATE login SET password='******' WHERE emailAddress='{$username}'";
executeDatabase($databaseQuery);
print 'reset';
} else {
print 'error';
}
}
}
