From 9df797299320cea01c541bb4997e498f915f98fa Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 20 Mar 2012 01:50:20 -0700
Subject: [PATCH] bug #339 - lostpass sending to username, not email

---
 mod/lostpass.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/mod/lostpass.php b/mod/lostpass.php
index b71398fa4b..57e6d69653 100755
--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@@ -3,13 +3,13 @@
 
 function lostpass_post(&$a) {
 
-	$email = notags(trim($_POST['login-name']));
-	if(! $email)
+	$loginame = notags(trim($_POST['login-name']));
+	if(! $loginame)
 		goaway(z_root());
 
 	$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `verified` = 1 AND `blocked` = 0 LIMIT 1",
-		dbesc($email),
-		dbesc($email)
+		dbesc($loginame),
+		dbesc($loginame)
 	);
 
 	if(! count($r)) {
@@ -19,6 +19,7 @@ function lostpass_post(&$a) {
 
 	$uid = $r[0]['uid'];
 	$username = $r[0]['username'];
+	$email = $r[0]['email'];
 
 	$new_password = autoname(12) . mt_rand(100,9999);
 	$new_password_encoded = hash('whirlpool',$new_password);