if (true == $disabled) { $session->message['txt'] = $registry->option->errorMessage->wrongResetPasswordUrl; $session->message['type'] = 'error'; } // IF the form was submmited and there are NO errors if ($_SERVER['REQUEST_METHOD'] === 'POST' && false == $disabled) { // POST values that will be validated $values['password'] = array('password' => isset($_POST['password']) ? $_POST['password'] : '', 'password2' => isset($_POST['password2']) ? $_POST['password2'] : ''); $dotValidateUser = new Dot_Validate_User(array('who' => 'user', 'action' => 'update', 'values' => $values, 'userId' => $userId)); if ($dotValidateUser->isValid()) { $data['password'] = $_POST['password']; $data['id'] = $userId; $data['username'] = $userInfo['username']; $userModel->updateUser($data); $userModel->authorizeLogin($data); } else { $data = $dotValidateUser->getData(); $session->message['txt'] = $dotValidateUser->getError(); $session->message['type'] = 'error'; } } // show the form, enabled or disabled $userView->resetPasswordForm('reset_password', $disabled, $userId, $userToken); break; case 'logout': $dotAuth = Dot_Auth::getInstance(); $dotAuth->clearIdentity('user'); header('location: ' . $registry->configuration->website->params->url); exit; break; }