# HG changeset patch
# User Robert Boland <robert@markup.co.uk>
# Date 1546609765 18000
# Node ID f024f2f089941574e5c9b0b9ba8058f92bb6ee3f
# Parent  b058736bc9ad9d58ef3385049608270cb24e3b29
a few more undef var fixes

diff -r b058736bc9ad -r f024f2f08994 php/read/updateLink.php
--- a/php/read/updateLink.php	Fri Jan 04 08:48:00 2019 -0500
+++ b/php/read/updateLink.php	Fri Jan 04 08:49:25 2019 -0500
@@ -7,7 +7,9 @@
 $dir = strval($_GET['dir']);
 echo $dir;
 $userID="";
-$userID = strval($_GET['userID']);
+if (isset($_GET['userID'])) {
+    $userID = strval($_GET['userID']);
+  }
 echo $userID;
 
 include "../../../private/db.php";  
diff -r b058736bc9ad -r f024f2f08994 user/resetPassword.php
--- a/user/resetPassword.php	Fri Jan 04 08:48:00 2019 -0500
+++ b/user/resetPassword.php	Fri Jan 04 08:49:25 2019 -0500
@@ -5,15 +5,17 @@
 include "passGen.php";
 
 // emailname and password sent from form
-$userID=$_GET['userID'];
+$mypassword=$_GET['pwd'];
 $email=$_GET['email'];
-$mypassword=$_GET['pwd'];
-$oldpass=$_GET['oldpwd'];
+if ($mypassword!='regen') {
+  $oldpass=$_GET['oldpwd'];
+  $userID=$_GET['userID'];
 
-// To protect MySQL injection 
-$userID = stripslashes($userID);
-$userID = mysqli_real_escape_string($link,$userID);
-//echo $userID;
+  // To protect MySQL injection 
+  $userID = stripslashes($userID);
+  $userID = mysqli_real_escape_string($link,$userID);
+  //echo $userID;
+ }
 $email = stripslashes($email);
 $mypassword = stripslashes($mypassword);
 $email = mysqli_real_escape_string($link,$email);