Your using strtok, dont
(yes i know the core module uses it).
You then sprintf into passcode without any thought of how long that string will be or how much memory is allocated - again, dont use sprintf, use snprintf and specify the max size.
You then use strtok again - dont, you will break anope's core.
You never free anything at all, so you are leaking memory.
P.S That is just at first glance at the code, i could be wrong/missing thigns