Fix send lost password feature

2005-02-06 22:34:43 +00:00
parent 792151c574
commit ddfb83e988
2 changed files with 12 additions and 9 deletions
--- a/account.php
+++ b/account.php
@@ -119,14 +119,13 @@ function cmd_do_new()
 */
 function cmd_send_passwd()
 {
-    $user = new User();
+   
-    
+    $userid = user_exists($_POST['ext_email']);
    $userid = $user->lookup_userid($_POST['ext_email']);
    $passwd = generate_passwd();
-    
+    $user = new User($userid);
    if ($userid)
    {
-        if ($user->update($userid, $passwd))
+        if ($user->update(null, $passwd))
        {
            $sSubject =  "Application DB Lost Password";
            $sMsg  = "We have received a request that you lost your password.\r\n";
@@ -135,7 +134,7 @@ function cmd_send_passwd()
            $sMsg .= "Your new password is: ".$passwd."\r\n";
-            if (mail_appdb($user->lookup_email($userid), $sSubject ,$sMsg))
+            if (mail_appdb($user->sEmail, $sSubject ,$sMsg))
            {
                addmsg("Your new password has been emailed to you.", "green");
            }
--- a/include/user.php
+++ b/include/user.php
@@ -409,13 +409,17 @@ function get_active_users_within_days($days)
 /**
 * Check if a user exists.
- * returns TRUE if the user exists
+ * returns the userid if the user exists
 */
 function user_exists($sEmail)
 {
-    $result = query_appdb("SELECT * FROM user_list WHERE email = '$sEmail'");
+    $result = query_appdb("SELECT userid FROM user_list WHERE email = '$sEmail'");
    if(!$result || mysql_num_rows($result) != 1)
        return 0;
-    return 1;
+    else
    {
        $oRow = mysql_fetch_object($result);
        return $oRow->userid;
    }
 }
 ?>