$extAuthPasswordCount = 0;
$passwordFound = false;
$userAccountList = array();
// Get the forgotten email from the form
if (isset($_REQUEST['Femail'])) {
$emailTo = strtolower(trim($_REQUEST['Femail']));
} else {
$emailTo = '';
}
// Main section
if (isset($_REQUEST['searchPassword']) && !empty($emailTo)) {
// search user with this email
$sql = "SELECT `user_id` `uid` ,\n `nom` `lastName` ,\n `prenom` `firstName` ,\n `username` `loginName` ,\n `password` ,\n `email` ,\n `authSource` ,\n `creatorId`\n FROM `" . $tbl_user . "`\n WHERE LOWER(email) = '" . claro_sql_escape($emailTo) . "'";
$userList = claro_sql_query_fetch_all($sql);
if (count($userList) > 0) {
$allowedAuthSources = AuthDriverManager::getDriversAllowingLostPassword();
foreach ($userList as $user) {
if (isset($allowedAuthSources[$user['authSource']])) {
$passwordFound = true;
if (get_conf('userPasswordCrypted', false)) {
/*
* If password are crypted, we can not send them as such.
* We have to generate new ones.
*/
$user['password'] = generate_passwd();
// UPDATE THE DB WITH THE NEW GENERATED PASSWORD
$sql = 'UPDATE `' . $tbl_user . '`
SET `password` = "' . claro_sql_escape(md5($user['password'])) . '"
WHERE `user_id` = "' . $user['uid'] . '"';
if (claro_sql_query($sql) === false) {
trigger_error('<p align="center">' . get_lang('Wrong operation') . '</p>', E_USER_ERROR);
