/** * Return password reset handler form or redirect to password reset page when key is invalid. * * @param int $id * * @return null|string */ public function get_password_reset_handler_structure($id) { // Verify key / login combo $user = check_password_reset_key($_REQUEST['key'], $_REQUEST['login']); if (!$user || is_wp_error($user)) { if ($user && $user->get_error_code() === 'expired_key') { wp_redirect(pp_password_reset_url() . '?error=expiredkey'); } else { wp_redirect(pp_password_reset_url() . '?error=invalidkey'); } exit; } else { $handler_structure = PROFILEPRESS_sql::get_password_reset_handler_structure($id); $handler_structure .= '<input type="hidden" name="reset_key" value="' . esc_attr($_REQUEST['key']) . '">'; $handler_structure .= '<input type="hidden" name="reset_login" value="' . esc_attr($_REQUEST['login']) . '">'; } return $handler_structure; }