function updateUserPassword($userID, $password, $key) { global $wiki; if (checkEmailKey($key, $userID) === false) { return false; } $wiki->Query("update " . $wiki->config["table_prefix"] . "users " . "set " . "password = '******' " . "where name = '" . $userID . "' limit 1"); $res = $wiki->DeleteTriple($userID, 'http://outils-reseaux.org/_vocabulary/key', $key); return true; }
if ($_POST['userID'] == '' || $_POST['key'] == '') { header("location: ../index.php"); } if (strcmp($_POST['pw0'], $_POST['pw1']) != 0 || trim($_POST['pw0']) == '') { $error = true; $show = 'recoverForm'; } else { $error = false; $show = 'recoverSuccess'; updateUserPassword($_POST['userID'], $_POST['pw0'], $_POST['key']); } break; } } elseif (isset($_GET['a']) && $_GET['a'] == 'recover' && $_GET['email'] != "") { $show = 'invalidKey'; $result = checkEmailKey($_GET['email'], urldecode(base64_decode($_GET['u']))); if ($result == false) { $error = true; $show = 'invalidKey'; } elseif ($result['status'] == true) { $error = false; $show = 'recoverForm'; $securityUser = $result['userID']; } } if ($_SESSION['badCount'] >= 3) { $show = 'speedLimit'; $_SESSION['lockout'] = true; $_SESSION['lastTime'] = '' ? mktime() : $_SESSION['lastTime']; } ?>
function updateUserPassword($userID, $password, $key) { global $mySQL; if (checkEmailKey($key, $userID) === false) { return false; } if ($SQL = $mySQL->prepare("UPDATE `contactos` SET `contrasenia` = ? WHERE `oid` = ?")) { $converter = new Encryption(); $password = $converter->encode($password); echo $password; //$password = md5(trim($password) . PW_SALT); $SQL->bind_param('si', $password, $userID); $SQL->execute(); $SQL->close(); $SQL = $mySQL->prepare("DELETE FROM `recoverymail` WHERE `Key` = ?"); $SQL->bind_param('s', $key); $SQL->execute(); } }
function updateUserPassword($userID, $password, $key) { if (checkEmailKey($key, $userID) === false) { return false; } //$password = md5(trim($password) . PW_SALT); $password = better_crypt($password); if ($SQL = tep_db_query("UPDATE `users` SET `password` = '" . $password . "' WHERE `id` = {$userID}")) { $SQL = tep_db_query("DELETE FROM `recoveryemails_enc` WHERE `Key` = '{$key}'"); } }