<?php
-function passform($user, $input = [])
+function passform(&$user, $input = [])
{
if (empty($user)) {
return "Log eerst (opnieuw?) in.";
@unlink("{$user['dir']}/.token"); # invalidate reset token
- $authhash = md5($input['newpass']);
+ $authhash = md5($passstore);
$user['auth'] = "{$user['name']}:$authhash";
if ($GLOBALS['User'] === $user) {
login_setcookie();