function resetPassword($row, $toUid)
{
$uid = $row["uid"];
$username = $row["username"];
$email = $row["email"];
$pass = generateRandomString(16);
newPass($uid, $username, $pass, $pass);
$subject = "Password Reset Notice";
if ($toUid === NULL) {
// send to the user whose password is being reset
$message = "Your Puzzletron password has been reset:\n\nUsername: {$username}\nPassword: {$pass}\n\nYou should change your password right away.";
$toUid = $uid;
} else {
// send to an admin, presumably
$message = "The Puzzletron password for this user has been reset:\n\nUsername: {$username}\nPassword: {$pass}\nEmail: {$email}";
}
$link = URL;
sendEmail($toUid, $subject, $message, $link);
}
function change_password($uid, $oldpass, $pass1, $pass2)
{
$sql = sprintf("SELECT username FROM user_info WHERE uid='%s'", mysql_real_escape_string($uid));
$username = get_element($sql);
if ($username == NULL) {
return 'error';
}
if (checkPassword($username, $oldpass) == TRUE) {
$err = newPass($uid, $username, $pass1, $pass2);
return $err;
} else {
return 'wrong';
}
}