if (isset($_POST["submit"])) {
$found_user = User::find_by_name($database->escape_value($_POST['email_address']), 'email_address');
if ($found_user) {
//the e-mail address was found
//now we need to make sure it does not belong to an account that is deleted
if ($found_user->is_deleted == '1') {
$session->message("The account associated to that Email Address is disabled.");
}
} else {
//the e-mail address is not associated with an account
$session->message("The e-mail address you entered does not belong to an account.");
}
//only execute here if there was an account found, AND it is not soft-deleted
if (empty($session->message())) {
$new_request = new Reset_Password();
$new_request->set_new_key();
$new_request->user_wk = $found_user->user_wk;
//save the record
$new_request->save();
//send e-mail here
//only if we're not in a local environment
if (!$am_i_local) {
$to = $found_user->email_address;
$subject = "Password Reset Request";
$message = "\n\t\t\t\t<html>\n\t\t\t\t\t<head>\n\t\t\t\t\t\t<title>" . $subject . "</title>\n\t\t\t\t\t</head>\n\t\t\t\t\t<body>\n\t\t\t\t\t\t<p>Your username is: <strong>" . $found_user->username . "</strong></p>\n\t\t\t\t\t\t<p>Please the link below to reset your password. The link will be acive for 24 hours.</p>\n\t\t\t\t\t\t<p><a href=\"" . ROOT_URL . "reset_my_password.php?reset_key=" . $new_request->random_key . "\">" . ROOT_URL . "reset_my_password.php?reset_key=" . $new_request->random_key . "</a></p>\n\t\t\t\t\t</body>\n\t\t\t\t</html>\n\t\t\t\t";
// Always set content-type when sending HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
// More headers
$headers .= 'From: <support@pet_adoption.com>' . "\r\n";
//send out the email
