From 5aaec9e517536af1720ac38aca231d671cc0869b Mon Sep 17 00:00:00 2001
From: Arctic Code <tehfoxy.c0de@gmail.com>
Date: Fri, 26 Jul 2013 23:51:25 -0500
Subject: [PATCH] Fix HashPass input and sql update command on resetPass

---
 api.backend.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api.backend.php b/api.backend.php
index eb0927a..a1dd342 100644
--- a/api.backend.php
+++ b/api.backend.php
@@ -378,11 +378,11 @@ class api{
 		if(!$result = $udb->query($sql)) return 'ERROR: ['.$udb->error.']';
 
 		$iterations = mt_rand(11, 51);
-		$password = explode("/", hashpass($password, NULL, $iterations));
+		$password = explode("/", hashpass($newpass, NULL, $iterations));
 		$salt = $password[1];
 		$password = $password[0];
 
-		$sql = "UPDATE `logins` (password, salt, iterations) VALUES ('$password', '$salt', '$iterations') WHERE `email` = '$email';";
+		$sql = "UPDATE `logins` (`password`, `salt`, `iterations`) VALUES ('$password', '$salt', '$iterations') WHERE `email` = '$email';";
 		if(!$result = $udb->query($sql)) return 'ERROR: ['.$udb->error.']';
 		return "Password changed";