function admin_cp_newpw()
{
global $hmuser;
$hmdb = new MySQL(true, DB_NAME, DB_HOST, DB_USER, DB_PASSWORD, DB_CHARSET);
hook_action('newpw_checkkey');
$key = hm_post('key');
$password = hm_post('password');
$password2 = hm_post('password2');
if ($password == $password2) {
$tableName = DB_PREFIX . "field";
$whereArray = array('name' => MySQL::SQLValue('lostpw_key'), 'object_type' => MySQL::SQLValue('user'), 'val' => MySQL::SQLValue($key));
$hmdb->SelectRows($tableName, $whereArray);
$row = $hmdb->Row();
$user_id = $row->object_id;
$salt = rand(100000, 999999);
$password_encode = hm_encode_str(md5($password . $salt));
$tableName = DB_PREFIX . "users";
$updateArray = array('user_pass' => MySQL::SQLValue($password_encode), 'salt' => MySQL::SQLValue($salt));
$whereArray = array('id' => MySQL::SQLValue($user_id, MySQL::SQLVALUE_NUMBER));
$hmdb->UpdateRows($tableName, $updateArray, $whereArray);
return json_encode(array('status' => 'success', 'mes' => _('Đã đổi mật khẩu thành công')));
} else {
return json_encode(array('status' => 'error', 'mes' => _('Hai mật khẩu bạn nhập vào không khớp')));
}
}