GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Migration to PDO database abstraction layer
[mirrors/Kyberia-bloodline.git] / wwwroot / inc / eventz / reset_password.inc
diff --git a/wwwroot/inc/eventz/reset_password.inc b/wwwroot/inc/eventz/reset_password.inc
index 8c3554e561c53887216c1b3a42998e9bb533b76d..9b0af652d4b7abf5c585255fa0335581b43b779d 100644 (file)
--- a/wwwroot/inc/eventz/reset_password.inc
+++ b/wwwroot/inc/eventz/reset_password.inc
@@ -1,11 +1,11 @@
 <?php
 function reset_password() {
     global $db,$error;
-    $login = $_POST['login'];
-    $login_type = $_POST['login_type'];
-    $vercode = $_POST['vercode'];
-    $password1 = $_POST['new_password1'];
-    $password2 = $_POST['new_password2'];
+    $login = db_escape_string($_POST['login']);
+    $login_type = db_escape_string($_POST['login_type']);
+    $vercode = db_escape_string($_POST['vercode']);
+    $password1 = db_escape_string($_POST['new_password1']);
+    $password2 = db_escape_string($_POST['new_password2']);
 
     if ($login == '') {
         $error="Please enter name or id";
@@ -44,14 +44,15 @@ function reset_password() {
         return false;
     }
 
+    // XXX fix
     $password = md5($password1);
     $q="update users set password='$password' where user_id='$user_id'";
     $db->query($q);
 
-    require(SYSTEM_ROOT.'/inc/ldap.inc');
-    LDAPuser::change_pass_forced($user_id,$password1);
+//    require(INCLUDE_DIR.'ldap.inc');
+//    LDAPuser::change_pass_forced($user_id,$password1);
 
     $error="Password changed. Now you can login with your new password.";
     return false;
 }
-?>
\ No newline at end of file
+?>
https://github.com/Kyberia/Kyberia-bloodline.git (mirrored @ Sat, 01 Jun 2024 20:30:12 +0200)
This page took 0.116173 seconds and 4 git commands to generate.