function prep_reset_password_email($cust_email) { global $connection; $hashed_reset_password_number = password_hash(mt_rand(), PASSWORD_BCRYPT); $hashed_reset_password_number = substr($hashed_reset_password_number, 7); $query = 'SELECT `customers`.`password_reset_count` '; $query .= 'FROM customers '; $query .= 'WHERE `customers`.`email` = "' . $cust_email . '";'; $result = mysqli_query($connection, $query); checkQuery($result); while ($info = mysqli_fetch_assoc($result)) { $password_reset_count = $info["password_reset_count"]; } $password_reset_count++; $customerQuery = 'UPDATE customers SET '; $customerQuery .= 'password_reset_count = ' . $password_reset_count . ', '; $customerQuery .= 'reset_password_token = 1, '; $customerQuery .= 'hashed_reset_password_number = "' . $hashed_reset_password_number . '" '; $customerQuery .= 'WHERE `customers`.`email` = "' . $cust_email . '" '; $customerQuery .= 'LIMIT 1;'; $customerResult = mysqli_query($connection, $customerQuery); checkQuery($customerResult); return send_reset_password_email($cust_email, $hashed_reset_password_number); }
function process_reset_password_form() { $errors = array(); $Email = $_POST['email']; $randomPassword = generate_random_password(8); $Link = ''; global $Link; $md5RandomPassword = md5($randomPassword); $Query = 'UPDATE ' . USER . ' SET password="******" WHERE eMail="' . $Email . '"'; $Result = mysql_query($Query, $Link) or die("sp_clubs (Line " . __LINE__ . "): " . mysql_errno() . ": " . mysql_error()); if ($Result) { send_reset_password_email($Email, $randomPassword); } else { $errors[] = 'Unable to reset password.'; } return $errors; }