if (true == $disabled) {
$session->message['txt'] = $registry->option->errorMessage->wrongResetPasswordUrl;
$session->message['type'] = 'error';
}
// IF the form was submmited and there are NO errors
if ($_SERVER['REQUEST_METHOD'] === 'POST' && false == $disabled) {
// POST values that will be validated
$values['password'] = array('password' => isset($_POST['password']) ? $_POST['password'] : '', 'password2' => isset($_POST['password2']) ? $_POST['password2'] : '');
$dotValidateUser = new Dot_Validate_User(array('who' => 'user', 'action' => 'update', 'values' => $values, 'userId' => $userId));
if ($dotValidateUser->isValid()) {
$data['password'] = $_POST['password'];
$data['id'] = $userId;
$data['username'] = $userInfo['username'];
$userModel->updateUser($data);
$userModel->authorizeLogin($data);
} else {
$data = $dotValidateUser->getData();
$session->message['txt'] = $dotValidateUser->getError();
$session->message['type'] = 'error';
}
}
// show the form, enabled or disabled
$userView->resetPasswordForm('reset_password', $disabled, $userId, $userToken);
break;
case 'logout':
$dotAuth = Dot_Auth::getInstance();
$dotAuth->clearIdentity('user');
header('location: ' . $registry->configuration->website->params->url);
exit;
break;
}
