phpBB

Code Changes

File: includes/ucp/ucp_remind.php

  Unmodified   Added   Modified   Removed
Line 36Line 36

if ($submit)
{


if ($submit)
{

			$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason

			$sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason

				FROM ' . USERS_TABLE . "

				FROM ' . USERS_TABLE . "

				WHERE user_email = '" . $db->sql_escape($email) . "'

				WHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'

					AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);

					AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);

Line 64Line 64
				{
trigger_error('ACCOUNT_NOT_ACTIVATED');
}

				{
trigger_error('ACCOUNT_NOT_ACTIVATED');
}

 
			}

// Check users permissions
$auth2 = new auth();
$auth2->acl($user_row);

if (!$auth2->acl_get('u_chgpasswd'))
{
trigger_error('NO_AUTH_PASSWORD_REMINDER');

			}

$server_url = generate_board_url();


			}

$server_url = generate_board_url();


			$key_len = 54 - strlen($server_url);
$key_len = max(6, $key_len); // we want at least 6
$key_len = ($config['max_pass_chars']) ? min($key_len, $config['max_pass_chars']) : $key_len; // we want at most $config['max_pass_chars']
$user_actkey = substr(gen_rand_string(10), 0, $key_len);
$user_password = gen_rand_string(8);


			// Make password at least 8 characters long, make it longer if admin wants to.
// gen_rand_string() however has a limit of 12 or 13.
$user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));

// For the activation key a random length between 6 and 10 will do.
$user_actkey = gen_rand_string(mt_rand(6, 10));


$sql = 'UPDATE ' . USERS_TABLE . "
SET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'


$sql = 'UPDATE ' . USERS_TABLE . "
SET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'

Line 87Line 97

$messenger->to($user_row['user_email'], $user_row['username']);
$messenger->im($user_row['user_jabber'], $user_row['username']);


$messenger->to($user_row['user_email'], $user_row['username']);
$messenger->im($user_row['user_jabber'], $user_row['username']);

 

$messenger->anti_abuse_headers($config, $user);


$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($user_row['username']),


$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($user_row['username']),