31 lines
808 B
PHP
31 lines
808 B
PHP
<?php
|
|
require_once('db.php');
|
|
include('functions.php');
|
|
|
|
$query = mysql_query("SELECT * FROM users WHERE ID = '".mysql_real_escape_string($_GET['ID'])."'");
|
|
|
|
if(mysql_num_rows($query)==1)
|
|
{
|
|
$row = mysql_fetch_assoc($query);
|
|
if($row['Temp_pass']==$_GET['new'] && $row['Temp_pass_active']==1)
|
|
{
|
|
$update = mysql_query("UPDATE users SET Password = '".md5(mysql_real_escape_string($_GET['new']))."', Temp_pass_active=0 WHERE ID = '".mysql_real_escape_string($_GET['ID'])."'");
|
|
$msg = 'Your new password has been confirmed. You may login using it.';
|
|
}
|
|
else
|
|
{
|
|
$error = 'The new password is already confirmed or is incorrect';
|
|
}
|
|
}
|
|
else {
|
|
$error = 'You are trying to confirm a new password for an unexisting member';
|
|
}
|
|
|
|
if(isset($error))
|
|
{
|
|
echo $error;
|
|
}
|
|
else {
|
|
echo $msg;
|
|
}
|
|
?>
|