}
$show_request_form = true;
// default is yes whether to show the request email form is shown
$show_password_form = false;
// check if code isset
if (!empty($_GET['code'])) {
$show_request_form = false;
$show_password_form = $login->checkForgotPasswordCode($_GET['code']);
// the code is valid and returned user data
if ($show_password_form !== false) {
// create new link from user data to stop users from editing the link
$link = Crecket\AdvancedLogin\Login::ForgotpasswordLinkCreator($show_password_form['forgotpassword_code']);
// verify the post request
if (!empty($_POST['password']) && !empty($_POST['repeat_password']) && \SecureFuncs\SecureFuncs::getFormToken('forgot_password', $_POST['form_token']) !== false) {
// verify the password update request
if ($login->changeForgotPassword($_POST['password'], $_POST['repeat_password'], $show_password_form['forgotpassword_code'])) {
//success, return to index
header('Location: index.php');
}
}
}
}
if (!empty($_POST['email'])) {
if (\SecureFuncs\SecureFuncs::getFormToken('forgot_password', $_POST['form_token'])) {
$login->sendForgotPasswordCode($_POST['email']);
}
}
$formToken = \SecureFuncs\SecureFuncs::setFormtoken('forgot_password');
?>
<!DOCTYPE html>
<html>
