BUGFIX: using the recovery password to change your password

to change your password you needed your old password, the recovery
password didn't work, which made it hard to change it, in case you
forgot your old password... fixed

diff --git a/db.php b/db.php
index 03de7f449569b9d8411d442c41cb5f994ed3f3c4..50cc3e520e1a8215c6a9bf738ba54bd83d627af2 100644 (file)
--- a/db.php
+++ b/db.php
@@ -161,6 +161,22 @@ function DB_get_userid_by_email_and_password($email,$password)
     return 0;
 }
 
+function DB_check_recovery_passwords($password,$email)
+{
+  $result = mysql_query("SELECT User.id FROM User".
+                       " LEFT JOIN Recovery ON User.id=Recovery.user_id".
+                       " WHERE email=".DB_quote_smart($email).
+                       " AND Recovery.password=".DB_quote_smart($password).
+                       " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= Recovery.create_date");
+  $r      = mysql_fetch_array($result,MYSQL_NUM);
+
+  if($r)
+    return 1;
+  else
+    return 0;
+  
+}
+
 function DB_get_handid_by_hash($hash)
 {
   $result = mysql_query("SELECT id FROM Hand WHERE hash=".DB_quote_smart($hash));

diff --git a/index.php b/index.php
index 08ae14cdd9cc4ca5a285dabff11dc7178be014cf..fef72fdd78fc02bc20b62c04093e30cc6bb4afaf 100644 (file)
--- a/index.php
+++ b/index.php
@@ -1817,7 +1817,8 @@ else if( myisset("email","password") || isset($_SESSION["name"]) )
                   $ok = 1;
 
                   /* check if old password matches */
-                  if($password != md5($_REQUEST["password0"]))
+                  $oldpasswd = md5($_REQUEST["password0"]);
+                  if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
                     $ok = -1;
                   /* check if new passwords are types the same twice */
                   if($_REQUEST["password1"] != $_REQUEST["password2"] )