<?php /* setup includes */ require_once 'includes/master.inc.php'; // check for pending hash $userId = (int) $_REQUEST['u']; $passwordHash = $_REQUEST['h']; $user = UserPeer::loadUserByPasswordResetHash($passwordHash); if (!$user) { redirect(WEB_ROOT); } // check user id passed is valid if ($user->id != $userId) { redirect(WEB_ROOT); } /* setup page */ define("PAGE_NAME", t("forgot_password_page_name", "Forgot Password")); define("PAGE_DESCRIPTION", t("forgot_password_meta_description", "Forgot account password")); define("PAGE_KEYWORDS", t("forgot_password_meta_keywords", "forgot, password, account, short, url, user")); $success = false; /* register user */ if ((int) $_REQUEST['submitme']) { // validation $password = trim($_REQUEST['password']); $confirmPassword = trim($_REQUEST['confirmPassword']); if (!strlen($password)) { setError(t("please_enter_your_password", "Please enter your new password")); } elseif (strlen($password) < 6 || strlen($password) > 20) { setError(t("password_length_incorrect", "Password should be between 6 - 20 characters in length")); } elseif (containsInvalidCharacters(strtolower($password, 'abcdefghijklmnopqrstuvwxyz1234567890@~#!-_£$&*()^%}{()'))) { setError(t("password_contains_illegal_characters", "Password contains invalid characters, please choose another."));