diff options
| author | James Atkinson <thefinn@users.sourceforge.net> | 2001-10-11 08:03:03 +0000 |
|---|---|---|
| committer | James Atkinson <thefinn@users.sourceforge.net> | 2001-10-11 08:03:03 +0000 |
| commit | 38d780d1cebc701e1d475b5efe9b093e106b0cd7 (patch) | |
| tree | 53487ad529bee06930b63da5e820bbba929f48e0 /phpBB/profile.php | |
| parent | 2f10b2076e20639959082909fbdc38632af20bd9 (diff) | |
| download | forums-38d780d1cebc701e1d475b5efe9b093e106b0cd7.tar forums-38d780d1cebc701e1d475b5efe9b093e106b0cd7.tar.gz forums-38d780d1cebc701e1d475b5efe9b093e106b0cd7.tar.bz2 forums-38d780d1cebc701e1d475b5efe9b093e106b0cd7.tar.xz forums-38d780d1cebc701e1d475b5efe9b093e106b0cd7.zip | |
Changed sendpassword so it dosan't deactivate the account
Fixed a security hole in group cp (thanks Ashe)
git-svn-id: file:///svn/phpbb/trunk@1164 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/profile.php')
| -rw-r--r-- | phpBB/profile.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/phpBB/profile.php b/phpBB/profile.php index 194a2c99b0..6c3e65a94a 100644 --- a/phpBB/profile.php +++ b/phpBB/profile.php @@ -1429,9 +1429,9 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) $username = $row['username']; $user_actkey = generate_activation_key(); $user_password = generate_password(); - + $sql = "UPDATE " . USERS_TABLE . " - SET user_active = 0, user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey' + SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey' WHERE user_id = " . $row['user_id']; if( !$result = $db->sql_query($sql) ) { |