reset_passwod final fix

[mirrors/Kyberia-bloodline.git] / wwwroot / inc / eventz / reset_password.inc

diff --git a/wwwroot/inc/eventz/reset_password.inc b/wwwroot/inc/eventz/reset_password.inc
index 9b0af652d4b7abf5c585255fa0335581b43b779d..ecaae400660b6cfb2f55e9104bd1b3c5dfe3c6a3 100644 (file)
--- a/wwwroot/inc/eventz/reset_password.inc
+++ b/wwwroot/inc/eventz/reset_password.inc
@@ -1,58 +1,39 @@
 <?php
 function reset_password() {
     global $db,$error;
-    $login = db_escape_string($_POST['login']);
-    $login_type = db_escape_string($_POST['login_type']);
-    $vercode = db_escape_string($_POST['vercode']);
-    $password1 = db_escape_string($_POST['new_password1']);
-    $password2 = db_escape_string($_POST['new_password2']);
-
-    if ($login == '') {
-        $error="Please enter name or id";
-        return false;
-    }
-
-    if ($password1 == '' || $password2 == '') {
-        $error="Please enter password";
-        return false;
-    }
-
-    if ($password1 != $password2) {
-        $error = "The two passwords that you entered do not match.";
-        return false;
-    }
-
-    switch ($login_type) {
-        case "name":
-            $set=$db->query("select * from users where login='$login'");
-            $set->next();
-            $user_name=$set->getString('login');
-            $user_id=$set->getString('user_id');
-            $hash=$set->getString('hash');
-        break;
-        case "id":
-            $set=$db->query("select * from users where user_id='$login'");
-            $set->next();
-            $user_name=$set->getString('login');
-            $user_id=$set->getString('user_id');
-            $hash=$set->getString('hash');
-        break;
-    }
-
-    if ($hash != $vercode) {
-        $error="Bad verification code!";
-        return false;
-    }
-
-    // XXX fix
-    $password = md5($password1);
-    $q="update users set password='$password' where user_id='$user_id'";
-    $db->query($q);
-
-//    require(INCLUDE_DIR.'ldap.inc');
-//    LDAPuser::change_pass_forced($user_id,$password1);
-
-    $error="Password changed. Now you can login with your new password.";
-    return false;
+    $login = $_POST['login'];
+    $login_type = $_POST['login_type'];
+    $vercode = $_POST['vercode'];
+    $password1 = $_POST['new_password1'];
+    $password2 = $_POST['new_password2'];
+
+       if ($login == '') {
+               $error="Please enter name or id";
+               print "$error";
+               return false;
+       }
+
+       if ($password1 == '' || $password2 == '') {
+               $error="Please enter password";
+               print "$error";
+               return false;
+       }
+
+       if ($password1 != $password2) {
+               $error = "The two passwords that you entered do not match.";
+               print "$error";
+               return false;
+       }
+
+       if ($login_type == 'id') {
+               $login_id=$login;
+               $login='';
+       } else {
+               $login_id=0;
+       }
+       $error=nodes::resetPassword($login_id,$login,$vercode,$password1);
+       print "$error\n";
+       
+       return 0;
 }
 ?>