wwwroot/inc/eventz/reset_password.inc

   1 <?php
   2 function reset_password() {
   3     global $db,$error;
   4     $login = $_POST['login'];
   5     $login_type = $_POST['login_type'];
   6     $vercode = $_POST['vercode'];
   7     $password1 = $_POST['new_password1'];
   8     $password2 = $_POST['new_password2'];
   9
  10     if ($login == '') {
  11         $error="Please enter name or id";
  12         return false;
  13     }
  14
  15     if ($password1 == '' || $password2 == '') {
  16         $error="Please enter password";
  17         return false;
  18     }
  19
  20     if ($password1 != $password2) {
  21         $error = "The two passwords that you entered do not match.";
  22         return false;
  23     }
  24
  25     switch ($login_type) {
  26         case "name":
  27             $set=$db->query("select * from users where login='$login'");
  28             $set->next();
  29             $user_name=$set->getString('login');
  30             $user_id=$set->getString('user_id');
  31             $hash=$set->getString('hash');
  32         break;
  33         case "id":
  34             $set=$db->query("select * from users where user_id='$login'");
  35             $set->next();
  36             $user_name=$set->getString('login');
  37             $user_id=$set->getString('user_id');
  38             $hash=$set->getString('hash');
  39         break;
  40     }
  41
  42     if ($hash != $vercode) {
  43         $error="Bad verification code!";
  44         return false;
  45     }
  46
  47     $password = md5($password1);
  48     $q="update users set password='$password' where user_id='$user_id'";
  49     $db->query($q);
  50
  51     require(INCLUDE_DIR.'ldap.inc');
  52     LDAPuser::change_pass_forced($user_id,$password1);
  53
  54     $error="Password changed. Now you can login with your new password.";
  55     return false;
  56 }
  57 ?>