} //We're using u, e and c codes from the url... if (isset($_GET['u']) && isset($_GET['e']) && isset($_GET['c'])) { $ready_for_reset = true; } else { $ready_for_reset = false; if (isset($_POST['sendReset'])) { $answer = $sc->please_reset_my_password_because_im_stupid($_POST['user']); $we_have_an_answer = true; } } if ($ready_for_reset === true) { $u = sanitize_text($_GET['u']); $e = sanitize_text($_GET['e']); $c = sanitize_text($_GET['c']); $student_id = $sc->get_student_from_u_e_and_c_codes($u, $e, $c); if ($student_id === false) { $ready_for_reset = false; } elseif ($student_id > 0) { $reset_student = new Student($student_id); if (isset($_POST['saveNewPass'])) { $pass1 = sanitize_text($_POST['pass1']); $pass2 = sanitize_text($_POST['pass2']); if ($sc->compare_passwords($pass1, $pass2)) { $result = $reset_student->change_password($pass1); echo $result; if ($result === true) { $sc->set_reset_request_to_used($u, $e, $c); ?> <script> window.location = "<?php