check($_POST['captcha_code']) == false) { // the code was incorrect // you should handle the error so that the form processor doesn't continue // or you can use the following code if there is no validation or you do not know how $the_message = SECURITY_CODE_ERROR; // exit; } else { $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']); $check_customer_query = tep_db_query("select customers_firstname, customers_lastname, customers_password, customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'"); if (tep_db_num_rows($check_customer_query)) { $check_customer = tep_db_fetch_array($check_customer_query); $new_password = tep_create_random_value(ENTRY_PASSWORD_MIN_LENGTH); $crypted_password = tep_encrypt_password($new_password); tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '" . tep_db_input($crypted_password) . "' where customers_id = '" . (int)$check_customer['customers_id'] . "'"); tep_mail($check_customer['customers_firstname'] . ' ' . $check_customer['customers_lastname'], $email_address, EMAIL_PASSWORD_REMINDER_SUBJECT, sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); $messageStack->add_session('login', SUCCESS_PASSWORD_SENT, 'success'); // echo '
output('password_forgotten'); ?> | |||||||||||
|
|||||||||||
|