$email_message .= "http://" . $defined['hostname'] . " (without SSL)<br>"; $email_message .= "https://" . $defined['hostname'] . " (with SSL)<br>"; $email_message = wordwrap($email_message, 20); // proceed to send the new user an email with account registration info if (mail($user_email, "New phpDHCPAdmin Account", $email_message, $headers)) { $message = $err->GenerateErrorLink("help/help.php", "#new_acct", $defined['good'], $errors['new_acct'], '600', '600'); } else { $message = $err->GenerateErrorLink("help/help.php", "#new_acct", $defined['error'], $errors['new_acct_err'], '600', '600'); } } // use the form to our users password } else { // check for required fields on password reset if (!empty($user_pw_list) && !empty($user_pw_1) && !empty($user_pw_2)) { // validate form data prior to password reset if ($val->ValidateAlphaChar($user_pw_list) !== -1 && $val->ValidatePasswordFields($user_pw_1, $user_pw_2) === 0) { // just one sql statement for password resets $sql = "UPDATE `auth_users` SET `password` = \"" . sha1($user_pw_1) . "\", `reset` = \"FALSE\" WHERE `username` = \"" . $user_pw_list . "\" LIMIT 1"; // begin processing our SQL object if (($sql_res = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) === -1) { if (eregi("duplicate", $db->dbCatchError())) { $sql = $update; $sql = $val->ValidateSQL($sql, $dbconn); if (($sql_res = $db->dbQuery($sql, $dbconn)) === -1) { $message = $err->GenerateErrorLink("help/help.php", "#db_edit", $defined['error'], $errors['db_edit_err'], '600', '600'); } } else { $message = $err->GenerateErrorLink("help/help.php", "#db_insert", $defined['good'], $errors['db_edit'], '600', '600'); } } else { $message = $err->GenerateErrorLink("help/help.php", "#db_insert", $defined['good'], $errors['db_insert'], '600', '600');