Originally Posted by Home of Poi
Yes it saves the temporary password over the USER_PASSWORD in the USERS table
But did not update the array $user['USER_PASSWORD']=$user['USER_TEMPORARY_PASSWORD'];
before making the $autolog

Can you check again, I may still be wrong

I can't say how the temp password is saved currently.
But I do know that the temp password is just that and does not overwrite the existing password.
In fact I have tried this on the lost password feature.
It sends me a temp password but the current prior password still works. It does tell you that somewhere.
In fact I just tested it here.
The email I received is where the message states.
Quote
A user from the IP Address: xx.xxx.55.118 has requested a temporary password for the Username: 'ruben' at 'UBB.threads PHP Forum Software Community'.

This is a temporary password that can be used if you have forgotten your original password. If you did not request this, please ignore this message.

Your original password will still work fine.

The temporary password for this username is:
xxxxxx

Last edited by Ruben; 07/10/2013 3:53 PM. Reason: Added Comment
Blue Man Group
There is no such thing as stupid questions. Just stupid answers