X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Finc%2Feventz%2Freset_password.inc;fp=wwwroot%2Finc%2Feventz%2Freset_password.inc;h=ccea2ff63882d05e11d6c10d76f3eeb0bd441c83;hb=d47273fea89327f93dcd55e48b8800ea2c2134d2;hp=9b0af652d4b7abf5c585255fa0335581b43b779d;hpb=387da281967a2415804f59c471d5c871baa61e83;p=mirrors%2FKyberia-bloodline.git

diff --git a/wwwroot/inc/eventz/reset_password.inc b/wwwroot/inc/eventz/reset_password.inc
index 9b0af65..ccea2ff 100644
--- a/wwwroot/inc/eventz/reset_password.inc
+++ b/wwwroot/inc/eventz/reset_password.inc
@@ -1,58 +1,36 @@
 <?php
 function reset_password() {
     global $db,$error;
-    $login = db_escape_string($_POST['login']);
-    $login_type = db_escape_string($_POST['login_type']);
-    $vercode = db_escape_string($_POST['vercode']);
-    $password1 = db_escape_string($_POST['new_password1']);
-    $password2 = db_escape_string($_POST['new_password2']);
-
-    if ($login == '') {
-        $error="Please enter name or id";
-        return false;
-    }
-
-    if ($password1 == '' || $password2 == '') {
-        $error="Please enter password";
-        return false;
-    }
-
-    if ($password1 != $password2) {
-        $error = "The two passwords that you entered do not match.";
-        return false;
-    }
-
-    switch ($login_type) {
-        case "name":
-            $set=$db->query("select * from users where login='$login'");
-            $set->next();
-            $user_name=$set->getString('login');
-            $user_id=$set->getString('user_id');
-            $hash=$set->getString('hash');
-        break;
-        case "id":
-            $set=$db->query("select * from users where user_id='$login'");
-            $set->next();
-            $user_name=$set->getString('login');
-            $user_id=$set->getString('user_id');
-            $hash=$set->getString('hash');
-        break;
-    }
-
-    if ($hash != $vercode) {
-        $error="Bad verification code!";
-        return false;
-    }
-
-    // XXX fix
-    $password = md5($password1);
-    $q="update users set password='$password' where user_id='$user_id'";
-    $db->query($q);
-
-//    require(INCLUDE_DIR.'ldap.inc');
-//    LDAPuser::change_pass_forced($user_id,$password1);
-
-    $error="Password changed. Now you can login with your new password.";
-    return false;
+    $login = $_POST['login'];
+    $login_type = $_POST['login_type'];
+    $vercode = $_POST['vercode'];
+    $password1 = $_POST['new_password1'];
+    $password2 = $_POST['new_password2'];
+
+	if ($login == '') {
+		$error="Please enter name or id";
+		return false;
+	}
+
+	if ($password1 == '' || $password2 == '') {
+		$error="Please enter password";
+		return false;
+	}
+
+	if ($password1 != $password2) {
+		$error = "The two passwords that you entered do not match.";
+		return false;
+	}
+
+	if ($login_type = 'id') {
+		$login_id=$login;
+		$login='';
+	} else {
+		$login_id=0;
+	}
+	$error=resetPassword($login_id,$login,$vercode,$password1);
+	
+	$error="Password changed. Now you can login with your new password.";
+	return 0;
 }
 ?>