<form action="<?php
echo $settings['domain'] . "/admin_login.php";
?>
" accept-charset="utf-8" method="post">
<div class="panel">
<?php
($hook = get_hook('forgot_password_header')) ? eval($hook) : null;
?>
<?php
if (isset($_REQUEST['email'])) {
?>
<table>
<tr>
<td>
<?php
send_password_email();
?>
</td>
</tr>
</table>
<?php
} elseif (isset($_REQUEST['old_pw'])) {
?>
<table>
<tr>
<td>
<?php
get_new_password();
?>
</td>
</tr>
/**
* Check user's email & send password
*
* @access public
* @return void
*/
function check_password_reminder()
{
global $task, $err, $debug;
$task = 'password_sender';
if (!$_POST['email']) {
$err[] = 'Please enter your email address';
} else {
$_POST['email'] = echo_value('email');
}
if (!count($err) && !validate_email($_POST['email'])) {
$err[] = 'Please enter a valid email address';
}
// look up email in DB
if (!count($err)) {
// check email
$_POST['email'] = mysql_real_escape_string($_POST['email']);
// Escaping all input data
$row = db_fetch("SELECT email, password, title, forename, surname FROM " . TABLE_COMMUNITY . " WHERE email='{$_POST['email']}'");
// if email exists, check password
if ($row['email']) {
$name = $row['title'] . ' ' . $row['forename'] . ' ' . $row['surname'];
send_password_email($row['email'], $name, $row['password']);
$err[] = 'A password reminder has been sent to your registered email address';
$task = 'start';
} else {
$err[] = 'Not a registered email address';
}
}
}
