svn commit: r323 - trunk/mapbender/http/php/mod_forgottenPassword.php

[uli at osgeo.org]

Author: uli
Date: 2006-05-16 13:32:44+0000
New Revision: 323

Modified:
   trunk/mapbender/http/php/mod_forgottenPassword.php

Log:
db_prep_query included

Modified: trunk/mapbender/http/php/mod_forgottenPassword.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/php/mod_forgottenPassword.php?view=diff&rev=323&p1=trunk/mapbender/http/php/mod_forgottenPassword.php&p2=trunk/mapbender/http/php/mod_forgottenPassword.php&r1=322&r2=323
==============================================================================
--- trunk/mapbender/http/php/mod_forgottenPassword.php	(original)
+++ trunk/mapbender/http/php/mod_forgottenPassword.php	2006-05-16 13:32:44+0000
@@ -102,22 +102,22 @@
 		   if ($admin->sendEmail("", "", $mailToAddr, $mailToName, "Your new Mapbender password", "login:    " . $mailToName . "\npassword: " . $sql_password, $error_msg)) {
 		      //set new password in db
 				if(SYS_DBTYPE == "mysql") {
-							$passwd_tmp = "password('".$sql_password."')";	
+							$passwd_tmp = "password($1)";	
 				}
 				else {
 					if(MD5 == 'true'){
-						$passwd_tmp = "md5('".$sql_password."')";
+						$passwd_tmp = "md5($1)";
 					}else{
-						$passwd_tmp = $sql_password;
+						$passwd_tmp = "$1";
 					}
 				}
-		      	$sql_update = "UPDATE mb_user SET mb_user_password=";
+		      	$sql_update = "UPDATE mb_user SET mb_user_password = ";
 				$sql_update .= $passwd_tmp ;
-		      	$sql_update .= " WHERE mb_user_id='".$user_id."'";
+		      	$sql_update .= " WHERE mb_user_id = $2";
 		      #echo $sql_update;
-
-		      
-		      db_query($sql_update);
+				$v = array($sql_password,$user_id);
+				$t = array('s','i');		      
+		      db_prep_query($sql_update,$v,$t);
 		      
 		      //reset login count
 		      $admin->resetLoginCount($user_id);