require $_SERVER['DOCUMENT_ROOT'] . '/ts2/config/consts.php';
require_once DOCUMENT_ROOT . 'classes/Response.php';
$response = new Response();
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['spoof_proof']) && $_POST['spoof_proof'] == $_SESSION['spoof_proof']) {
require_once DOCUMENT_ROOT . 'classes/Registrar.php';
require_once DOCUMENT_ROOT . 'classes/LoginHelper.php';
require_once DOCUMENT_ROOT . 'config/db.php';
if (isset($_POST['email'])) {
// Email provided - Make and email a reset link to the user
$email = $db->escape($_POST['email']);
$db->where('email', $email)->where('oauth_type', 0);
$user = $db->getOne('users', 'id, email');
if ($db->count > 0) {
// Email record exist - Send reset email
$registrar = new Registrar($db);
if ($registrar->sendResetEmail($user['id'], $user['email'])) {
$response->success();
} else {
$response->error('Unexpected error: ERR_SND_RESET_EMAIL');
}
} else {
// Email record doesn't exist
$response->error('No such email record exist in our database.');
}
} elseif (isset($_POST['new_password']) && isset($_SESSION['reset_verified']) && isset($_SESSION['reset_id'])) {
$user_id = $_SESSION['reset_id'];
$password = sha1($db->escape($_POST['new_password']));
$user = array();
$user['password'] = $password;
$user['auth_code'] = '';
$user['verified'] = 1;
