/** * */ //STATUS: wip //XXX use XhtmlForm? namespace cd; if ($session->id) { return; } $header->embedCss('.forgot_pwd_box{' . 'font-size:14px;' . 'border:1px solid #aaa;' . 'min-width:280px;' . 'color:#000;' . 'background-color:#ddd;' . 'padding:10px;' . 'border-radius:15px 15px 15px 15px;' . '-moz-border-radius:15px 15px 15px 15px;' . '}'); echo '<div id="forgot_pwd_layer" class="forgot_pwd_box">'; echo '<b>Forgot password</b><br/><br/>'; if (isset($_POST['forgot_pwd'])) { $header->embedJsOnload('show_recover_form();'); if (!ForgotPasswordHandler::getInstance()->sendMail($_POST['forgot_pwd'])) { $error->add('The specified email address does not match any registered user.'); } else { echo 'A email has been sent to your mail address with instructions how to reclaim your account.'; echo '</div>'; return; } } echo $error->render(true); echo 'Enter the e-mail address used when registering your account.<br/><br/>'; echo 'You will recieve an e-mail with a link to follow,<br/>'; echo 'where you can set a new password.<br/><br/>'; echo xhtmlForm(); echo '<table cellpadding="2">' . '<tr>' . '<td>E-mail:</td>' . '<td>' . xhtmlInput('forgot_pwd', '', 26) . ' ' . xhtmlImage($page->getRelativeCoreDevUrl() . 'gfx/icon_mail.png', t('E-mail')) . '</td>' . '</tr>' . '</table><br/>'; echo xhtmlSubmit('Forgot password', 'button', 'font-weight: bold'); $x = new XhtmlComponentButton();
<?php /** * */ //STATUS: works (???) //TODO: use js from views/core/js_validation.php to check password //XXX use XhtmlForm? namespace cd; if (!$this->token) { return; } $duration = ForgotPasswordHandler::getInstance()->getExpireTime(); if (Token::isExpired('activation_code', $this->token, $duration)) { echo 'The token is no longer valid.'; return; } $user_id = Token::getOwner('activation_code', $this->token); if (!$user_id) { throw new \Exception('token dont exist'); } if ($session->id && $user_id != $session->id) { throw new \Exception('HACKER stop doing that!'); } if ($session->id) { echo '<div class="critical">You are already logged in! Are you sure you want to reset your password?</div>'; } if (isset($_POST['reset_pwd']) && isset($_POST['reset_pwd2'])) { /// TODO reuse code from register user if ($_POST['reset_pwd'] == $_POST['reset_pwd2']) {