// uzivatelske jmeno and otisk
$badlink = false;
$userdata = DB::query("SELECT id,email,password,salt,username FROM `" . _mysql_prefix . "-users` WHERE username='******'");
if (DB::size($userdata) == 0) {
$errors[] = $_lang['mod.lostpass.badlink'];
$badlink = true;
} else {
$userdata = DB::row($userdata);
if ($hash != md5($userdata['email'] . $userdata['salt'] . $userdata['password'])) {
$errors[] = $_lang['mod.lostpass.badlink'];
$badlink = true;
}
}
// zmena a odeslani emailu nebo vypis chyb
if (count($errors) == 0) {
$newpass = _md5Salt(_wordGen());
$text_tags = array("*domain*", "*username*", "*newpass*", "*date*", "*ip*");
$text_contents = array(_getDomain(), $userdata['username'], $newpass[2], _formatTime(time()), _userip);
if (_mail($userdata['email'], str_replace('*domain*', _getDomain(), $_lang['mod.lostpass.mail.subject']), str_replace($text_tags, $text_contents, $_lang['mod.lostpass.mail.text2']), "Content-Type: text/plain; charset=UTF-8\n" . _sysMailHeader())) {
DB::query("UPDATE `" . _mysql_prefix . "-users` SET password='******', salt='" . $newpass[1] . "' WHERE id=" . $userdata['id']);
$module .= _formMessage(1, $_lang['mod.lostpass.generated']);
} else {
$module .= _formMessage(3, $_lang['hcm.mailform.msg.failure2']);
}
$done = true;
} else {
$module .= _formMessage(2, _eventList($errors, "errors"));
if ($badlink) {
_iplogUpdate(1);
}
}
/**
* Vytvoreni MD5 hashe
* @param string $str vstupni retezec
* @param string|null $salt string saltu.. pokud je null, vybere se nahodne a funkce vrati array(hash, salt, puvodni_vstup)
* @return string|array
*/
function _md5Salt($str, $usesalt = null)
{
if ($usesalt === null) {
$salt = _wordGen(8, 3);
} else {
$salt = $usesalt;
}
$hash = md5($salt . $str . $salt);
if ($usesalt === null) {
return array($hash, $salt, $str);
} else {
return $hash;
}
}
