<?include('config/site.php');if ($_POST['s'] == 1){$u=$_POST['user'];$p=

1. <?
2. include('config/site.php');
3. if ($_POST['s'] == 1){
4. $u=$_POST['user'];
5. $p=$_POST['pass'];
6. $pass = md5($p.':'.PASSWORD_SALT);
7.  
8. $con = mysql_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD);
9. if (!$con)
10. {
11. die('Could not connect: ' . mysql_error());
12. }
13.  
14. mysql_select_db(DB_DATABASE, $con);
15. mysql_query("UPDATE Users SET uPassword = '$pass'
16. WHERE uName = '$u'");
17. mysql_close($con);
18. echo' There I fixed your stupid. Your new password is "'.$p.'". Don\'t loose it again.<br/>';
19. }
20. else
21. echo'<html><head><title>Who says you can\'t fix stupid.</title></head><body>
22. <form action="fixstupid.php" method="post">
23. Username:<input name="user" type="text" />
24. New Pass:<input name="pass" type="text" />
25. <input name="s" type="hidden" value="1" />
26. <input name="" type="submit" />
27. </form><body>';
28. ?>