From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/web/login/password_reset.php |   19 +++++++++++--------
 1 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/interface/web/login/password_reset.php b/interface/web/login/password_reset.php
index 5eac46a..683a4bc 100644
--- a/interface/web/login/password_reset.php
+++ b/interface/web/login/password_reset.php
@@ -51,8 +51,8 @@
 	if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error'));
 	if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error'));
 
-	$username = $app->db->quote($_POST['username']);
-	$email = $app->db->quote($_POST['email']);
+	$username = $_POST['username'];
+	$email = $_POST['email'];
 
 	$client = $app->db->queryOneRecord("SELECT client.*, sys_user.lost_password_function FROM client,sys_user WHERE client.username = ? AND client.email = ? AND client.client_id = sys_user.client_id", $username, $email);
 
@@ -60,17 +60,20 @@
 		$app->tpl->setVar("error", $wb['lost_password_function_disabled_txt']);
 	} else {
 		if($client['client_id'] > 0) {
-			$new_password = $app->auth->get_random_password();
+			$server_config_array = $app->getconf->get_global_config();
+			$min_password_length = 8;
+			if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length'];
+			
+			$new_password = $app->auth->get_random_password($min_password_length, true);
 			$new_password_encrypted = $app->auth->crypt_password($new_password);
-			$new_password_encrypted = $app->db->quote($new_password_encrypted);
 
-			$username = $app->db->quote($client['username']);
-			$app->db->query("UPDATE sys_user SET passwort = '$new_password_encrypted' WHERE username = '$username'");
-			$app->db->query("UPDATE client SET password = '$new_password_encrypted' WHERE username = '$username'");
+			$username = $client['username'];
+			$app->db->query("UPDATE sys_user SET passwort = ? WHERE username = ?", $new_password_encrypted, $username);
+			$app->db->query("UPDATE client SET password = ? WHERE username = ?", $new_password_encrypted, $username);
 			$app->tpl->setVar("message", $wb['pw_reset']);
 
 			$app->uses('getconf,ispcmail');
-			$mail_config = $app->getconf->get_global_config('mail');
+			$mail_config = $server_config_array['mail'];
 			if($mail_config['smtp_enabled'] == 'y') {
 				$mail_config['use_smtp'] = true;
 				$app->ispcmail->setOptions($mail_config);

--
Gitblit v1.9.1