$tpl->set_block("forgotpassword", "success");
$tpl->set_block("forgotpassword", "unknown");
$page = $_REQUEST['page'];
if (!isset($page)) {
$page = "/";
}
/* FIXME: Dumb workaround */
unset($tpl->varkeys["PAGE"]);
unset($tpl->varvals["PAGE"]);
$tpl->set_var("PAGE", $page);
/* forgotpassword might get a POST with submit/email, or
a simple GET with email */
if (isset($_REQUEST['email'])) {
$email = $_REQUEST['email'];
$tpl->set_var("EMAIL", $email);
$user = new AccountUser();
$user->find_by_email($email);
if (!$user->valid()) {
$tpl->set_var("success", "");
} else {
$user->forgotpassword();
$user->update();
$tpl->set_var("unknown", "");
$tpl->set_var("form", "");
}
} else {
$tpl->set_var("EMAIL", "");
$tpl->set_var("unknown", "");
$tpl->set_var("success", "");
}
print generate_page('Forgot Password', $tpl->parse("content", "forgotpassword"));
}
$page = $_REQUEST['page'];
if (isset($_REQUEST['url'])) {
$page = "http://" . $_REQUEST['url'];
}
if (!isset($page)) {
$page = "/";
}
$tpl->set_var("PAGE", $page);
if (isset($_POST['login']) && isset($_POST['email'])) {
$email = $_POST['email'];
$password = $_POST['password'];
$tpl->set_var("EMAIL", $email);
$user = new AccountUser();
$user->find_by_email($email);
if (!$user->valid() || !$user->checkpassword($password)) {
$message = "Invalid password for {$email}\n";
} else {
if ($tou_available && !$_REQUEST["tou_agree"]) {
$message = "You must agree to the Terms Of Use\n";
} else {
$user->setcookie();
header("Location: {$page}");
exit;
}
}
} else {
$tpl->set_var("EMAIL", "");
}
if (isset($message) && !empty($message)) {
$tpl->set_var("MESSAGE", $message);
