diff --git a/api.backend.php b/api.backend.php
index 036d376..a42bba6 100644
--- a/api.backend.php
+++ b/api.backend.php
@@ -361,7 +361,7 @@ class api{
 		return "APIKey reset. Key: $key";
 	}
 
-	function resetPass($apidb, $apikey, $udb, $email, $newpass){
+	function resetPass($apidb, $apikey, $udb, $username, $email, $newpass){
 		$apisql = "SELECT * FROM `users` WHERE `key` = '$apikey' LIMIT 1;";
 		if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
 		if($row = $result->fetch_assoc()){
@@ -374,7 +374,7 @@ class api{
 			if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
 		}
 		
-		$sql = "SELECT * FROM `users` WHERE `email` = '$email'";
+		$sql = "SELECT * FROM `users` WHERE `email` = '$email' AND `username` = '$username' LIMIT 1;";
 		if(!$result = $udb->query($sql)) return 'ERROR: ['.$udb->error.']';
 
 		$iterations = mt_rand(11, 51);
diff --git a/api.test.php b/api.test.php
index 936d79a..fabb44b 100644
--- a/api.test.php
+++ b/api.test.php
@@ -15,6 +15,7 @@ $unpsAPI = new api();
 //echo $unpsAPI->regUser($apidb, '580658027', $udb, 'David', 'password123', 'tehfoxy.c0de@gmail.com'); // Register users
 //echo $unpsAPI->regAPI($apidb, '580658027', 'UnPS-GAMA Link Shortener', 'tehfoxy.c0de@gmail.com', '1,0,0,0'); // Register API user
 
-echo $unpsAPI->resetAPI($apidb, '580658027', 'UnPS-GAMA Link Shortener', 'tehfoxy.c0de@gmail.com', '279qit9');
+//echo $unpsAPI->resetAPI($apidb, '580658027', 'UnPS-GAMA Link Shortener', 'tehfoxy.c0de@gmail.com', '279qit9'); // test reset api key
+echo $unpsAPI->resetPass($apidb, '580658027', $udb, 'David', 'tefoxy.c0de@gmail.com', 'password1234s'); // Test change password
 
 ?>
\ No newline at end of file