SO 1-final

[specialops1.git] / resetpassword.php

<?php
require 'config.php';
$require_login = true;
$page_name = 'Reset User Password';
$level_restriction = ADMIN2;
require 'top.inc.php';
require 'encryption.inc.php';

if (isset ($_POST['submit']))
{
        if ($_POST['new_pw'] != $_POST['confirm_pw'])
                echo '<div class="alert">The new passwords do not match.</div>';
        else
        {
                $user = mysql_fetch_row (mysql_query ('SELECT `regip`, `userid` FROM `users` WHERE
`username` = \''.mysql_real_escape_string ($_POST['username']).'\' LIMIT 1'));
                if ($user === false)
                        echo '<div class="alert">THERE WAS AN ERROR FOR NO APPARENT REASON, PLZ DIE<br/>'.mysql_error().'</div>';
                else
                {
                        mysql_query ('UPDATE `users` SET `password` = \''.mysql_real_escape_string (encrypt ($_POST['new_pw'], $user[0])).'\' WHERE
`userid` = '.$user[1].' LIMIT 1');
                        stop ('Password successfully changed.');
                }
        }
}

echo '
<form method="post" action="'.urlpath(2).'">
<div class='.colour().'>
Username:<br/>
<input type="text"  name="username"/><br/>
New password:<br/>
<input type="password" maxlength="40" size="40" name="new_pw"/><br/>
Confirm new password:<br/>
<input type="password" maxlength="40" size="40" name="confirm_pw"/><br/>
<input type="submit" name="submit" value="Change"/>
</div>
</form>
';

require ('foot.php');
?>