Kyberia v2.3 - 1st revision from SVN (Without patches of kyberia.sk team)

[mirrors/Kyberia-bloodline.git] / inc / eventz / reset_password.inc

diff --git a/inc/eventz/reset_password.inc b/inc/eventz/reset_password.inc
new file mode 100644 (file)
index 0000000..8c3554e
--- /dev/null
+++ b/inc/eventz/reset_password.inc
@@ -0,0 +1,57 @@
+<?php
+function reset_password() {
+    global $db,$error;
+    $login = $_POST['login'];
+    $login_type = $_POST['login_type'];
+    $vercode = $_POST['vercode'];
+    $password1 = $_POST['new_password1'];
+    $password2 = $_POST['new_password2'];
+
+    if ($login == '') {
+        $error="Please enter name or id";
+        return false;
+    }
+
+    if ($password1 == '' || $password2 == '') {
+        $error="Please enter password";
+        return false;
+    }
+
+    if ($password1 != $password2) {
+        $error = "The two passwords that you entered do not match.";
+        return false;
+    }
+
+    switch ($login_type) {
+        case "name":
+            $set=$db->query("select * from users where login='$login'");
+            $set->next();
+            $user_name=$set->getString('login');
+            $user_id=$set->getString('user_id');
+            $hash=$set->getString('hash');
+        break;
+        case "id":
+            $set=$db->query("select * from users where user_id='$login'");
+            $set->next();
+            $user_name=$set->getString('login');
+            $user_id=$set->getString('user_id');
+            $hash=$set->getString('hash');
+        break;
+    }
+
+    if ($hash != $vercode) {
+        $error="Bad verification code!";
+        return false;
+    }
+
+    $password = md5($password1);
+    $q="update users set password='$password' where user_id='$user_id'";
+    $db->query($q);
+
+    require(SYSTEM_ROOT.'/inc/ldap.inc');
+    LDAPuser::change_pass_forced($user_id,$password1);
+
+    $error="Password changed. Now you can login with your new password.";
+    return false;
+}
+?>
\ No newline at end of file