/**
* Checks if a user has the rights to view this page, is not locked/banned or not logged in
*
* @param string $name - permission name
*/
function auth($name)
{
locked();
// stop blocked people from acessing
if (!$this->loggedIn()) {
// if not authorised/logged in
set_error('Please login to Echelon');
sendLogin();
exit;
}
if (!$this->reqLevel($name)) {
// if users level is less than needed access, deny entry, and cause error
set_error('You do not have the correct privilages to view that page');
sendHome();
exit;
}
}
$token = genFormToken('resetpw');
// setup token
// gets vars and check valid
$key = cleanvar($_GET['key']);
$email = cleanvar($_GET['email']);
// check email is valid
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
set_error('You cannot reset your password without a valid link from an email');
sendLogin();
exit;
}
$result = $dbl->verifyRegKey($key, $email, $key_expire);
if (!$result) {
// if non key
set_error('You cannot reset your password without a valid link from an email');
sendLogin();
exit;
}
?>
<fieldset id="lostpw-field">
<legend>Reset Password</legend>
<form id="lostpw-form" action="login.php" method="post">
<p>Please enter your new password.</p>
<label for="pw1">Password:</label>
<input type="password" name="pw1" id="pw1" tabindex="1" />
<label for="pw2">Password Again:</label>
<input type="password" name="pw2" id="pw2" tabindex="2" />
