diff options
| author | friendica <info@friendica.com> | 2012-03-20 01:50:20 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2012-03-20 01:50:20 -0700 |
| commit | 9df797299320cea01c541bb4997e498f915f98fa (patch) | |
| tree | be041c9cbb29defbb22fadb1a11c1e28396eaf32 | |
| parent | 5a5aadb743e055530aa071dd3e47705a3bf5d728 (diff) | |
| download | volse-hubzilla-9df797299320cea01c541bb4997e498f915f98fa.tar.gz volse-hubzilla-9df797299320cea01c541bb4997e498f915f98fa.tar.bz2 volse-hubzilla-9df797299320cea01c541bb4997e498f915f98fa.zip | |
bug #339 - lostpass sending to username, not email
| -rwxr-xr-x | mod/lostpass.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/mod/lostpass.php b/mod/lostpass.php index b71398fa4..57e6d6965 100755 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -3,13 +3,13 @@ function lostpass_post(&$a) { - $email = notags(trim($_POST['login-name'])); - if(! $email) + $loginame = notags(trim($_POST['login-name'])); + if(! $loginame) goaway(z_root()); $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `verified` = 1 AND `blocked` = 0 LIMIT 1", - dbesc($email), - dbesc($email) + dbesc($loginame), + dbesc($loginame) ); if(! count($r)) { @@ -19,6 +19,7 @@ function lostpass_post(&$a) { $uid = $r[0]['uid']; $username = $r[0]['username']; + $email = $r[0]['email']; $new_password = autoname(12) . mt_rand(100,9999); $new_password_encoded = hash('whirlpool',$new_password); |