query("SELECT count(*) Anz FROM dvm_dienststellen WHERE mail = '$mail' AND mail_reset > DATE_SUB(now(), INTERVAL 24 HOUR) AND mail_reset != '0000-00-00 00:00:00' "); $row = $result->fetch_array(); if ($row['Anz'] == 0) { $smarty->assign('index_error', 1); $smarty->assign('index_error_text', "Der Link ist ungültig"); } $_SESSION["reset_mail"] = $mail; $_SESSION["reset_cfCode"] = $_GET["confirmationCode"]; if (isset($_GET['error'])) { $errorno = $_GET['error']; $smarty->assign('index_error', 1); if ($errorno == 1) { # ungültiges Datum $smarty->assign('index_error_text', "Es müssen alle Felder ausgefüllt werden!"); } if ($errorno == 2) { # ungültiges Datum $smarty->assign('index_error_text', "Das eingegebene Passwort stimmt nicht mit der Passwortwiederholung überein!"); } } } if ($action == 'pwback') { $pwd = $_POST['resetpwd']; $pwd_wied = $_POST['resetpwd_wied']; $mail = $_SESSION["reset_mail"]; $cfCode = urlencode($_SESSION["reset_cfCode"]); if($pwd == '' or $pwd_wied == ''){ echo ""; exit; } if($pwd != $pwd_wied){ echo ""; exit; } $pwd_md5 = md5($pwd); $result = $db->query("UPDATE dvm_dienststellen SET pwd = '$pwd_md5' ,mail_reset = '0000-00-00 00:00:00' WHERE mail = '$mail' "); } $smarty->assign('action', "$action"); $smarty->display("$template/praxisstelle/$templatename"); ?>