}
if (isset($_POST['forgotSubmit'])) {
$op = $_POST['op'];
if ($op !== 'forgot') {
die('Unknown request');
}
$email = $_POST['email'];
if (empty($email)) {
$msg = 'You need to enter in an email to continue.';
return;
}
if (!preg_match('/^([\\w\\!\\#$\\%\\&\'\\*\\+\\-\\/\\=\\?\\^\\`{\\|\\}\\~]+\\.)*[\\w\\!\\#$\\%\\&\'\\*\\+\\-\\/\\=\\?\\^\\`{\\|\\}\\~]+@((((([a-z0-9]{1}[a-z0-9\\-]{0,62}[a-z0-9]{1})|[a-z])\\.)+[a-z]{2,6})|(\\d{1,3}\\.){3}\\d{1,3}(\\:\\d{1,5})?)$/i', $email)) {
$msg = 'This is an invalid email address';
return;
}
$forgot = $auth->sendForgotEmail($email);
if (empty($forgot)) {
event::fire('USER_FORGOT_PASSWORD');
$msg = "An email has been sent to you. Please read this email and follow the instructions within to reset your password.";
} else {
$msg = $forgot;
}
return $msg;
}
if (isset($_POST['resetSubmit'])) {
$code = $_POST['code'];
$userid = intval($_POST['userid']);
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];
if (empty($code)) {
event::fire('HAX_CONFIRMATION_CODE');
