function ttr2_request(WC_Challenge $chall, GWF_Form $form) { if (false !== ($errors = $form->validate($chall))) { return $errors; } # Generate reset token $sid = GWF_Session::getSessSID(); $email = $form->getVar('email'); $token = ttr2_random(16); if (!TTR2_Tokens::insertToken($sid, $email, $token)) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } # If it's your own real mail, even send it for the lulz :) if ($email === GWF_User::getStaticOrGuest()->getValidMail()) { ttr2_mail_me($chall, $email, $token); } return GWF_HTML::message($chall->lang('title'), $chall->lang('msg_mail_sent')); }
function ttr2_submit(WC_Challenge $chall) { if ('' === ($answer = Common::getPostString('answer', ''))) { return; } $sessid = GWF_Session::getSessSID(); # First check all "custom" solutions $solutions = TTR2_Tokens::getSolutions($sessid); foreach ($solutions as $solution) { if ($solution['ttr_token'] === $answer) { echo GWF_HTML::message($chall->lang('title'), $chall->lang('msg_reset_own', array(htmlspecialchars($solution['ttr_email'])))); return; } } # Now lets check "THE" solution $solution = TTR2_Tokens::getSolution($sessid); $chall->setSolution($solution['ttr_token']); $chall->onSolve(GWF_User::getStaticOrGuest(), $answer); }