$email = '';
 } else {
     // Check if the email exists in the database
     $sql = 'SELECT `user_id`,`username`,`display_name`,`email`,`last_reset`,`password` ' . 'FROM `' . TABLE_PREFIX . 'users` ' . 'WHERE `email`=\'' . $wb->add_slashes($_POST['email']) . '\'';
     if ($results = $database->query($sql)) {
         if ($results_array = $results->fetchRow()) {
             // Get the id, username, email, and last_reset from the above db query
             // Check if the password has been reset in the last 2 hours
             if (time() - (int) $results_array['last_reset'] < 2 * 3600) {
                 // Tell the user that their password cannot be reset more than once per hour
                 $errMsg = $MESSAGE['FORGOT_PASS_ALREADY_RESET'];
             } else {
                 $old_pass = $results_array['password'];
                 // Generate a random password then update the database with it
                 $new_pass = WbAuth::GenerateRandomPassword();
                 $sql = 'UPDATE `' . TABLE_PREFIX . 'users` ' . 'SET `password`=\'' . WbAuth::Hash($new_pass) . '\', ' . '`last_reset`=' . time() . ' ' . 'WHERE `user_id`=' . (int) $results_array['user_id'];
                 unset($pwh);
                 // destroy $pwh-Object
                 if ($database->query($sql)) {
                     // Setup email to send
                     $mail_to = $email;
                     $mail_subject = $MESSAGE['SIGNUP2_SUBJECT_LOGIN_INFO'];
                     // Replace placeholders from language variable with values
                     $search = array('{LOGIN_DISPLAY_NAME}', '{LOGIN_WEBSITE_TITLE}', '{LOGIN_NAME}', '{LOGIN_PASSWORD}');
                     $replace = array($results_array['display_name'], WEBSITE_TITLE, $results_array['username'], $new_pass);
                     $mail_message = str_replace($search, $replace, $MESSAGE['SIGNUP2_BODY_LOGIN_FORGOT']);
                     // Try sending the email
                     if ($wb->mail(SERVER_EMAIL, $mail_to, $mail_subject, $mail_message)) {
                         $message = $MESSAGE['FORGOT_PASS_PASSWORD_RESET'];
                         $display_form = false;
                     } else {
 // Get the id, username, email, and last_reset from the above db query
 $results_array = $results->fetchRow();
 // Check if the password has been reset in the last 2 hours
 $last_reset = $results_array['last_reset'];
 $time_diff = time() - $last_reset;
 // Time since last reset in seconds
 $time_diff = $time_diff / 60 / 60;
 // Time since last reset in hours
 if ($time_diff < 2) {
     // Tell the user that their password cannot be reset more than once per hour
     $message = $MESSAGE['FORGOT_PASS_ALREADY_RESET'];
 } else {
     $old_pass = $results_array['password'];
     // Generate a random password then update the database with it
     $new_pass = WbAuth::GenerateRandomPassword();
     $database->query("UPDATE " . TABLE_PREFIX . "users SET password = '******', last_reset = '" . time() . "' WHERE user_id = '" . $results_array['user_id'] . "'");
     if ($database->is_error()) {
         // Error updating database
         $message = $database->get_error();
     } else {
         // Setup email to send
         $mail_to = $email;
         $mail_subject = $MESSAGE['SIGNUP2_SUBJECT_LOGIN_INFO'];
         // Replace placeholders from language variable with values
         $search = array('{LOGIN_DISPLAY_NAME}', '{LOGIN_WEBSITE_TITLE}', '{LOGIN_NAME}', '{LOGIN_PASSWORD}');
         $replace = array($results_array['display_name'], WEBSITE_TITLE, $results_array['username'], $new_pass);
         $mail_message = str_replace($search, $replace, $MESSAGE['SIGNUP2_BODY_LOGIN_FORGOT']);
         // Try sending the email
         if ($admin->mail(SERVER_EMAIL, $mail_to, $mail_subject, $mail_message)) {
             $message = $MESSAGE['FORGOT_PASS_PASSWORD_RESET'];
             $display_form = false;
// Check if the email already exists
$results = $database->query("SELECT user_id FROM " . TABLE_PREFIX . "users WHERE email = '" . $admin->add_slashes($_POST['email']) . "' AND user_id <> '" . $user_id . "' ");
if ($results->numRows() > 0) {
    if (isset($MESSAGE['USERS_EMAIL_TAKEN'])) {
        $admin->print_error($MESSAGE['USERS_EMAIL_TAKEN'], $js_back);
    } else {
        $admin->print_error($MESSAGE['USERS_INVALID_EMAIL'], $js_back);
    }
}
// Prevent from renaming user to "admin"
if ($username != 'admin') {
    $username_code = ", username = '******'";
} else {
    $username_code = '';
}
// Update the database
if ($password == "") {
    $query = "UPDATE " . TABLE_PREFIX . "users SET groups_id = '{$groups_id}', group_id = '{$group_id}', active = '{$active}'{$username_code}, display_name = '{$display_name}', home_folder = '{$home_folder}', email = '{$email}' WHERE user_id = '{$user_id}'";
} else {
    // MD5 supplied password
    $md5_password = WbAuth::Hash($password);
    $query = "UPDATE " . TABLE_PREFIX . "users SET groups_id = '{$groups_id}', group_id = '{$group_id}', active = '{$active}'{$username_code}, display_name = '{$display_name}', home_folder = '{$home_folder}', email = '{$email}', password = '******' WHERE user_id = '{$user_id}'";
}
$database->query($query);
if ($database->is_error()) {
    $admin->print_error($database->get_error(), $js_back);
} else {
    $admin->print_success($MESSAGE['USERS_SAVED']);
}
// Print admin footer
$admin->print_footer();
$sql = 'SELECT `user_id` FROM `' . TABLE_PREFIX . 'users` WHERE `email` = \'' . $wb->add_slashes($email) . '\'';
$results = $database->query($sql);
if ($results->numRows() > 0) {
    if (isset($MESSAGE['USERS_EMAIL_TAKEN'])) {
        $wb->print_error($MESSAGE['USERS_EMAIL_TAKEN'], $js_back, false);
        $bSignError = true;
    } else {
        $wb->print_error($MESSAGE['USERS_INVALID_EMAIL'], $js_back, false);
        $bSignError = true;
    }
}
if ($bSignError === false) {
    // Generate a random password then update the database with it
    $new_pass = WbAuth::GenerateRandomPassword();
    // hash it
    $md5_password = WbAuth::Hash($new_pass);
    // Inser the user into the database
    $sql = '';
    $query = "INSERT INTO " . TABLE_PREFIX . "users (group_id,groups_id,active,username,password,display_name,email) VALUES ('{$groups_id}', '{$groups_id}', '{$active}', '{$username}','{$md5_password}','{$display_name}','{$email}')";
    $database->query($query);
    if ($database->is_error()) {
        // Error updating database
        $message = $database->get_error();
    } else {
        // Setup email to send
        $mail_to = $email;
        $mail_subject = $MESSAGE['SIGNUP2_SUBJECT_LOGIN_INFO'];
        // Replace placeholders from language variable with values
        $search = array('{LOGIN_DISPLAY_NAME}', '{LOGIN_WEBSITE_TITLE}', '{LOGIN_NAME}', '{LOGIN_PASSWORD}');
        $replace = array($display_name, WEBSITE_TITLE, $username, $new_pass);
        $mail_message = str_replace($search, $replace, $MESSAGE['SIGNUP2_BODY_LOGIN_INFO']);