if ($show_password_form !== false) {
// create new link from user data to stop users from editing the link
$link = Crecket\AdvancedLogin\Login::ForgotpasswordLinkCreator($show_password_form['forgotpassword_code']);
// verify the post request
if (!empty($_POST['password']) && !empty($_POST['repeat_password']) && \SecureFuncs\SecureFuncs::getFormToken('forgot_password', $_POST['form_token']) !== false) {
// verify the password update request
if ($login->changeForgotPassword($_POST['password'], $_POST['repeat_password'], $show_password_form['forgotpassword_code'])) {
//success, return to index
header('Location: index.php');
}
}
}
}
if (!empty($_POST['email'])) {
if (\SecureFuncs\SecureFuncs::getFormToken('forgot_password', $_POST['form_token'])) {
$login->sendForgotPasswordCode($_POST['email']);
}
}
$formToken = \SecureFuncs\SecureFuncs::setFormtoken('forgot_password');
?>
<!DOCTYPE html>
<html>
<head>
<title>LoginScript - Forgot password</title>
</head>
<body>
<div class="header">
<pre>
<?php
print_r($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);
unset($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);
