$link = full_url . script_path . 'login.php';
$message = $l['log-forgot-email'];
$message = str_replace('%USERNAME%', $client->get('username'), $message);
$message = str_replace('%PASSWORD%', $newpass, $message);
$message = str_replace('%LINK%', $link, $message);
$mail->AddAddress($client->get('email'), $client->get('username'));
$mail->Subject = $config->get('site_name') . $l['log-forgot-subject'];
$mail->Body = $message;
if (!$mail->Send()) {
// if we can't send the email, then don't write the
// new password in the db
$ets->page_body = $l['log-forgot-failed'];
break;
} else {
// email was sent, set the password to something new
$client->set('password', $hash);
$client->updateDB();
$ets->page_body = $l['log-forgot-success'];
}
}
}
}
if (empty($_POST) || !empty($err)) {
if (!empty($err)) {
$ets->page_body = input_error_box($err);
}
// build input
$form->action = script_path . 'login.php?action=forgot';
$form->method = 'post';
$form->class = 'nlb_form';
$form->name = 'new_entry';
} else {
$USERID = $_GET['id'];
$edituser = new nlb_user($db, $USERID);
}
$text = new text($_POST, array('username', 'email', 'blog_count', 'timezone', 'access'), array('bio', 'custom'));
$text->validate();
$text->makeClean('trim', 'slash_if_needed');
if (!empty($_POST)) {
// check data
if ($text->is_missing_required) {
$baddata = true;
} else {
$c = $text->clean;
$c['timezone'] -= 13;
foreach ($c as $key => $value) {
$edituser->set($key, $value);
}
$per = '';
foreach ($c['access'] as $key => $val) {
$per .= $key . ':';
}
$per = substr($per, 0, -1);
$edituser->setPermissions(explode(':', $per));
$edituser->updateDb();
$ets->page_body = $l['goodedit'];
}
}
// decide what data to use.
if (empty($_POST)) {
$merge = $db->getArray('SELECT * FROM ' . db_users . ' WHERE user_id=' . $USERID);
} else {
