</form> </div> </div>'; } else { //check if the key is set if ($key) { //load the Tokens module $CORE->load_CoreModule('tokens'); //construct $token = new Tokens(); //Set the application string so the token is only valid for this app $token->setApplication('PRECOVER'); //set and validate the token $TokenValidation = $token->set_decodedToken($key); //make sure the token checks out if ($TokenValidation === true) { //the token is valid, save the token for the execute $_SESSION['P_Recovery_Token'] = $key; echo ' <div class="page-desc-holder"> This is the final step of the password recovery process, all you have to do is to enter your new password. </div> <div class="container_3 account-wide" align="center"> <p style="padding: 20px;"> <form action="', $config['BaseURL'], '/execute.php?take=precovery_finish" method="post">
$ERRORS->Add('You\'ve failed to confirm your new password.'); } else { if (strlen($password) > 64) { //password too long $ERRORS->Add('The new password is too long, maximum length 64.'); } else { if (strlen($password) < 6) { //password too short $ERRORS->Add('The new password is too short, minimum length 6.'); } } } } } //Check if the key is set and valid if (!$key or $token->set_decodedToken($key) !== true) { //Setup our notification $NOTIFICATIONS->SetTitle('Notification'); $NOTIFICATIONS->SetHeadline('Error!'); $NOTIFICATIONS->SetText('Invalid security token.<br>Please open your your e-mail and follow the instruction we have sent you.'); $NOTIFICATIONS->SetTextAlign('center'); //$NOTIFICATIONS->SetAutoContinue(true); //$NOTIFICATIONS->SetContinueDelay(5); $NOTIFICATIONS->Apply(); header("Location: " . $config['BaseURL'] . "/index.php?page=password_recovery"); die; } $password = trim($password); //Check for errors $ERRORS->Check('/index.php?page=password_recovery&verify=1&key=' . $key); ##################################################