Mercurial > hg > ywww
comparison user/resetPassword.php @ 29:f024f2f08994
a few more undef var fixes
| author | Robert Boland <robert@markup.co.uk> |
|---|---|
| date | Fri, 04 Jan 2019 08:49:25 -0500 |
| parents | 077b0a0a3e6d |
| children | a67bf725e87b |
comparison
equal
deleted
inserted
replaced
| 28:b058736bc9ad | 29:f024f2f08994 |
|---|---|
| 3 | 3 |
| 4 include "../../private/db.php"; | 4 include "../../private/db.php"; |
| 5 include "passGen.php"; | 5 include "passGen.php"; |
| 6 | 6 |
| 7 // emailname and password sent from form | 7 // emailname and password sent from form |
| 8 $userID=$_GET['userID']; | 8 $mypassword=$_GET['pwd']; |
| 9 $email=$_GET['email']; | 9 $email=$_GET['email']; |
| 10 $mypassword=$_GET['pwd']; | 10 if ($mypassword!='regen') { |
| 11 $oldpass=$_GET['oldpwd']; | 11 $oldpass=$_GET['oldpwd']; |
| 12 $userID=$_GET['userID']; | |
| 12 | 13 |
| 13 // To protect MySQL injection | 14 // To protect MySQL injection |
| 14 $userID = stripslashes($userID); | 15 $userID = stripslashes($userID); |
| 15 $userID = mysqli_real_escape_string($link,$userID); | 16 $userID = mysqli_real_escape_string($link,$userID); |
| 16 //echo $userID; | 17 //echo $userID; |
| 18 } | |
| 17 $email = stripslashes($email); | 19 $email = stripslashes($email); |
| 18 $mypassword = stripslashes($mypassword); | 20 $mypassword = stripslashes($mypassword); |
| 19 $email = mysqli_real_escape_string($link,$email); | 21 $email = mysqli_real_escape_string($link,$email); |
| 20 $mypassword = mysqli_real_escape_string($link,$mypassword); | 22 $mypassword = mysqli_real_escape_string($link,$mypassword); |
| 21 | 23 |