Mercurial > hg > ywww
diff user/resetPassword.php @ 29:f024f2f08994
a few more undef var fixes
| author | Robert Boland <robert@markup.co.uk> |
|---|---|
| date | Fri, 04 Jan 2019 08:49:25 -0500 |
| parents | 077b0a0a3e6d |
| children | a67bf725e87b |
line wrap: on
line diff
--- a/user/resetPassword.php Fri Jan 04 08:48:00 2019 -0500 +++ b/user/resetPassword.php Fri Jan 04 08:49:25 2019 -0500 @@ -5,15 +5,17 @@ include "passGen.php"; // emailname and password sent from form -$userID=$_GET['userID']; +$mypassword=$_GET['pwd']; $email=$_GET['email']; -$mypassword=$_GET['pwd']; -$oldpass=$_GET['oldpwd']; +if ($mypassword!='regen') { + $oldpass=$_GET['oldpwd']; + $userID=$_GET['userID']; -// To protect MySQL injection -$userID = stripslashes($userID); -$userID = mysqli_real_escape_string($link,$userID); -//echo $userID; + // To protect MySQL injection + $userID = stripslashes($userID); + $userID = mysqli_real_escape_string($link,$userID); + //echo $userID; + } $email = stripslashes($email); $mypassword = stripslashes($mypassword); $email = mysqli_real_escape_string($link,$email);