function prep_reset_password_email($cust_email)
{
global $connection;
$hashed_reset_password_number = password_hash(mt_rand(), PASSWORD_BCRYPT);
$hashed_reset_password_number = substr($hashed_reset_password_number, 7);
$query = 'SELECT `customers`.`password_reset_count` ';
$query .= 'FROM customers ';
$query .= 'WHERE `customers`.`email` = "' . $cust_email . '";';
$result = mysqli_query($connection, $query);
checkQuery($result);
while ($info = mysqli_fetch_assoc($result)) {
$password_reset_count = $info["password_reset_count"];
}
$password_reset_count++;
$customerQuery = 'UPDATE customers SET ';
$customerQuery .= 'password_reset_count = ' . $password_reset_count . ', ';
$customerQuery .= 'reset_password_token = 1, ';
$customerQuery .= 'hashed_reset_password_number = "' . $hashed_reset_password_number . '" ';
$customerQuery .= 'WHERE `customers`.`email` = "' . $cust_email . '" ';
$customerQuery .= 'LIMIT 1;';
$customerResult = mysqli_query($connection, $customerQuery);
checkQuery($customerResult);
return send_reset_password_email($cust_email, $hashed_reset_password_number);
}
function process_reset_password_form()
{
$errors = array();
$Email = $_POST['email'];
$randomPassword = generate_random_password(8);
$Link = '';
global $Link;
$md5RandomPassword = md5($randomPassword);
$Query = 'UPDATE ' . USER . ' SET password="******" WHERE eMail="' . $Email . '"';
$Result = mysql_query($Query, $Link) or die("sp_clubs (Line " . __LINE__ . "): " . mysql_errno() . ": " . mysql_error());
if ($Result) {
send_reset_password_email($Email, $randomPassword);
} else {
$errors[] = 'Unable to reset password.';
}
return $errors;
}
