Fix send lost password feature
This commit is contained in:
Jonathan Ernst
WineHQ
@@ -119,14 +119,13 @@ function cmd_do_new()
|
||||
*/
|
||||
function cmd_send_passwd()
|
||||
{
|
||||
$user = new User();
|
||||
|
||||
$userid = $user->lookup_userid($_POST['ext_email']);
|
||||
$userid = user_exists($_POST['ext_email']);
|
||||
$passwd = generate_passwd();
|
||||
|
||||
$user = new User($userid);
|
||||
if ($userid)
|
||||
{
|
||||
if ($user->update($userid, $passwd))
|
||||
if ($user->update(null, $passwd))
|
||||
{
|
||||
$sSubject = "Application DB Lost Password";
|
||||
$sMsg = "We have received a request that you lost your password.\r\n";
|
||||
@@ -135,7 +134,7 @@ function cmd_send_passwd()
|
||||
$sMsg .= "Your new password is: ".$passwd."\r\n";
|
||||
|
||||
|
||||
if (mail_appdb($user->lookup_email($userid), $sSubject ,$sMsg))
|
||||
if (mail_appdb($user->sEmail, $sSubject ,$sMsg))
|
||||
{
|
||||
addmsg("Your new password has been emailed to you.", "green");
|
||||
}
|
||||
|
||||
@@ -409,13 +409,17 @@ function get_active_users_within_days($days)
|
||||
|
||||
/**
|
||||
* Check if a user exists.
|
||||
* returns TRUE if the user exists
|
||||
* returns the userid if the user exists
|
||||
*/
|
||||
function user_exists($sEmail)
|
||||
{
|
||||
$result = query_appdb("SELECT * FROM user_list WHERE email = '$sEmail'");
|
||||
$result = query_appdb("SELECT userid FROM user_list WHERE email = '$sEmail'");
|
||||
if(!$result || mysql_num_rows($result) != 1)
|
||||
return 0;
|
||||
return 1;
|
||||
else
|
||||
{
|
||||
$oRow = mysql_fetch_object($result);
|
||||
return $oRow->userid;
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user