Download | Plain Text | No Line Numbers
- --- html.orig/lostpwd.php 2007-12-19 01:26:31.000000000 +0100
- +++ html/lostpwd.php 2008-04-25 14:38:34.000000000 +0200
- @@ -101,10 +101,10 @@
- $confixx_user = 'confixx';
- $from = $confixx_user.'@'.$hostname;
- $mailtext = "From: \"Confixx on $hostname\" <$from>".
- - "\n\n".ltext('lost_pwd_mail', array($_POST['username'], $newpw))."\n\n";
- + "\n\n".ltext('lost_pwd_mail', array($account_info['login'], $newpw))."\n\n";
- if(@mail($email, ltext('lost_pwd_mail_subj'), "",$mailtext,"-f$from")) {
- db_query("INSERT INTO pwdreminder (user, password, usertype, server_id)".
- - " VALUES ('" . $_POST['username'] . "', '$newpw', '$type', '$ServerID')");
- + " VALUES ('" . $account_info['login'] . "', '$newpw', '$type', '$ServerID')");
- $_SESSION['_error'] = 'lost_pwd_sent';
- $_SESSION['_error_args'] = null;
- }
- --- html.orig/include/login.inc.php 2007-12-19 01:26:32.000000000 +0100
- +++ html/include/login.inc.php 2008-04-17 13:26:00.000000000 +0200
- @@ -29,7 +29,8 @@
- break;
-
- case USERTYPE_USER:
- - db_query("UPDATE kunden SET longpw='$pwd' WHERE kunde='" . addslashes($user) . "' AND server_id='$lcServerID'");
- + db_query("UPDATE kunden SET longpw='$pwd', pw=1 WHERE kunde='" . addslashes($user) . "' AND server_id='$lcServerID'");
- + db_query("UPDATE allgemein SET newpwd=1 WHERE server_id='$lcServerID'");
- break;
- }
-
-