From 71a598e9ace080c3a636a39cc110e1ed169a1a4e Mon Sep 17 00:00:00 2001
From: niekt0 <niekt0@kyberia.cz>
Date: Thu, 12 Jan 2012 09:58:40 +0100
Subject: [PATCH] reset_password fix

---
 wwwroot/backend/mysql/backend.inc     | 14 +++++++++-----
 wwwroot/inc/eventz/reset_password.inc |  2 +-
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/wwwroot/backend/mysql/backend.inc b/wwwroot/backend/mysql/backend.inc
index 560c5b8..4bdcc8c 100644
--- a/wwwroot/backend/mysql/backend.inc
+++ b/wwwroot/backend/mysql/backend.inc
@@ -705,11 +705,14 @@ public static function resetPassword($login_id,$login,$vercode,$password) {
 
 	// Security checks
 	$login = db_escape_string($login);
-	if (!is_numeric($login_id)) { return false; } 
+	if (!is_numeric($login_id)) {
+		$error="Not numeric id is not numeric. Here, take this stone.";
+		return $error; 
+	} 
 
 	if ($login == '') {
 		$error="Please enter name or id";
-		return false;
+		return $error;
 	}
 
 	if ($login_id = 0) {
@@ -725,14 +728,15 @@ public static function resetPassword($login_id,$login,$vercode,$password) {
 
 	if ($hash != $vercode) {
 		$error="Bad verification code!";
-		return false;
+		return $error;
 	}
 
 	$password = sha1($password);
 	$q="update users set password='$password',hash='' where user_id='$user_id'";
 	$db->query($q);
-
-	return 0;
+	
+	$error="OK, password was RE-set";
+	return $error;
 }
 
 }
diff --git a/wwwroot/inc/eventz/reset_password.inc b/wwwroot/inc/eventz/reset_password.inc
index 883b7b8..3c5f205 100644
--- a/wwwroot/inc/eventz/reset_password.inc
+++ b/wwwroot/inc/eventz/reset_password.inc
@@ -29,8 +29,8 @@ function reset_password() {
 		$login_id=0;
 	}
 	$error=nodes::resetPassword($login_id,$login,$vercode,$password1);
+	print "$error\n";
 	
-	$error="Password changed. Now you can login with your new password.";
 	return 0;
 }
 ?>
-- 
2.30.2