function lostPassword($username, $email) { $randomPassword = generate_code(10); if (changePassword($username, $randomPassword, $randomPassword)) { if (sendLostPasswordEmail($username, $email, $randomPassword)) { return true; } } return false; }
function lostPassword($username, $email) { global $seed; if (!valid_username($username) || !user_exists($username) || !valid_email($email)) { return false; } $query = sprintf("select loginid from login where username = '******' and email = '%s' limit 1", $username, $email); $result = mysql_query($query); if (mysql_num_rows($result) != 1) { return false; } $newpass = generate_code(8); $query = sprintf("update login set password = '******' where username = '******'", mysql_real_escape_string(sha1($newpass . $seed)), mysql_real_escape_string($username)); if (mysql_query($query)) { if (sendLostPasswordEmail($username, $email, $newpass)) { return true; } else { return false; } } else { return false; } return false; }