/** * @param mysqli $db * @param mysqli_stmt $stmt * @return boolean The result of mysqli_stmt->execute() */ function checkExecute($db, $stmt) { $result = $stmt->execute(); if ($result === FALSE) { stmtError($db, $stmt); } return $result; }
if (!isset($user)) { showResetScreen(); exit; } // handle the case that we got the username. $db = getAuthDb(); if ($db === NULL) { handleError("Could not connect to the database"); } $stmt = checkPrepare($db, "SELECT UNIX_TIMESTAMP()-UNIX_TIMESTAMP(`resettime`) FROM `users` WHERE `user`=?"); checkBindParam($db, $stmt, "s", $user); checkBindResult($db, $stmt, $resettime); checkExecute($db, $stmt); $result = $stmt->fetch(); if ($result === FALSE) { stmtError($db, $stmt); } elseif ($result === NULL) { $stmt->close(); $db->close(); showResetScreen("Invalid user"); exit; } $stmt->close(); if ($resettime !== NULL && $resettime < MIN_RESET_DELAY) { $db->close(); handleError("Only one reset attempt allowed per " . MIN_RESET_DELAY . "seconds"); } $db->autocommit(FALSE); $fp = fopen('/dev/urandom', 'rb'); if ($fp !== FALSE) { $token = bin2hex(fread($fp, 10));