retval
This commit is contained in:
@@ -426,6 +426,7 @@ long wrenchboard_api_main(CVars in, CVars &out) {
|
||||
if (load_db_record(out, "SELECT p.id AS lostpass_id,p.member_id, p.uid AS pending_uid,m.uid AS m_uid FROM password_reset p LEFT JOIN members m ON m.id = p.member_id WHERE p.pass_link ='%s' AND p.status IN (0,1)", in["reset_link"].c_str())) {
|
||||
if (out["lostpass_id"].Long() > 0){
|
||||
pgsql_exec("UPDATE password_reset SET status = 3,expired = now() + '5 minutes' WHERE status IN (0, 1) AND member_id=%lu AND id = %lu ", out["member_id"].Long(), out["lostpass_id"].Long());
|
||||
retval = PHP_API_OK;
|
||||
}else{
|
||||
out["status_message"] = "Invalid Request";
|
||||
}
|
||||
@@ -439,13 +440,34 @@ long wrenchboard_api_main(CVars in, CVars &out) {
|
||||
|
||||
|
||||
case WRENCHBOARD_COMPLETE_PASSWORDRESET:
|
||||
|
||||
if ( in["channel"]=="MOBILE"){
|
||||
REQ_STRING(in, "reset_uid", 1, 100, "(.*)");
|
||||
REQ_STRING(in, "m_uid", 1, 100, "(.*)");
|
||||
REQ_STRING(in, "reset_pin", 1, 15, "(.*)");
|
||||
|
||||
CVars xx;
|
||||
if (load_db_record(xx, "SELECT p.id AS lostpass_id,p.member_id, p.uid AS pending_uid "
|
||||
" FROM password_reset p LEFT JOIN members m ON m.id = p.member_id "
|
||||
" WHERE p.uid ='%s' AND p.reset_pin='%s' AND p.status = 3 AND m.uid='%s'", in["reset_uid"].c_str(), in["reset_pin"].c_str(), in["m_uid"].c_str())) {
|
||||
in["reset_link"] = xx["pass_link"]; in["reset_link"] .set_valid( true );
|
||||
|
||||
}
|
||||
else{
|
||||
out["status"] = "Invalid";
|
||||
out["status_msg"] = "invalid_password_reset_action";
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
REQ_STRING(in, "reset_link", 1, 100, "(.*)");
|
||||
REQ_STRING(in, "newpass", 5, 20, "(.*)");
|
||||
if (load_db_record(out, "SELECT p.id AS lostpass_id,p.member_id, m.* FROM password_reset p LEFT JOIN members m ON m.id = p.member_id WHERE p.pass_link ='%s' AND p.status IN (0,1)", in["reset_link"].c_str())) {
|
||||
if (load_db_record(out, "SELECT p.id AS lostpass_id,p.member_id, m.* FROM password_reset p LEFT JOIN members m ON m.id = p.member_id WHERE p.pass_link ='%s' AND p.status = 3 ", in["reset_link"].c_str())) {
|
||||
if (out["lostpass_id"].Long() > 0){
|
||||
pgsql_exec("UPDATE password_reset SET status = 5 WHERE status IN (3) AND member_id=%lu AND id = %lu ", out["member_id"].Long(), out["lostpass_id"].Long());
|
||||
pgsql_exec("UPDATE password_reset SET status = 5, expired = now() WHERE status IN (3) AND member_id=%lu AND id = %lu ", out["member_id"].Long(), out["lostpass_id"].Long());
|
||||
pgsql_exec("UPDATE members SET password =md5('%s') WHERE id = %lu ", in["newpass"].c_str(), out["member_id"].Long());
|
||||
CompletePassResetEmail(out);
|
||||
retval = PHP_API_OK;
|
||||
}else{
|
||||
out["status_message"] = "Invalid Request";
|
||||
}
|
||||
@@ -456,6 +478,7 @@ long wrenchboard_api_main(CVars in, CVars &out) {
|
||||
break;
|
||||
|
||||
case WRENCHBOARD_START_PASSWORDRESET:
|
||||
/*
|
||||
REQ_STRING(in, "email", 1, 100, "(.*)");
|
||||
if (load_db_record(out, "SELECT id as customer_id,* FROM customer WHERE LOWER(email)=LOWER('%s') AND status=1", in["email"].c_str())) {
|
||||
xx["customer_id"] = out["id"];
|
||||
@@ -475,6 +498,7 @@ long wrenchboard_api_main(CVars in, CVars &out) {
|
||||
StartPassResetEmail(out);
|
||||
}
|
||||
}
|
||||
*/
|
||||
break;
|
||||
|
||||
case WRENCHBOARD_BULKTOPUP_ORDER:
|
||||
|
||||
Reference in New Issue
Block a user