public function RequestPassword() { if (!AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_RESET_PASSWORDS__)) { $this->Login(); return; } $vs_username = $this->getRequest()->getParameter('username', pString); $t_user = new ca_users(); if ($t_user->load($vs_username)) { $t_user->requestPasswordReset(); } else { sleep(2); } // render the same static view no matter if something was actually done. // otherwise you could figure out which user names exist and which don't $this->render('password_reset_instructions_html.php'); }