if ($show_password_form !== false) { // create new link from user data to stop users from editing the link $link = Crecket\AdvancedLogin\Login::ForgotpasswordLinkCreator($show_password_form['forgotpassword_code']); // verify the post request if (!empty($_POST['password']) && !empty($_POST['repeat_password']) && \SecureFuncs\SecureFuncs::getFormToken('forgot_password', $_POST['form_token']) !== false) { // verify the password update request if ($login->changeForgotPassword($_POST['password'], $_POST['repeat_password'], $show_password_form['forgotpassword_code'])) { //success, return to index header('Location: index.php'); } } } } if (!empty($_POST['email'])) { if (\SecureFuncs\SecureFuncs::getFormToken('forgot_password', $_POST['form_token'])) { $login->sendForgotPasswordCode($_POST['email']); } } $formToken = \SecureFuncs\SecureFuncs::setFormtoken('forgot_password'); ?> <!DOCTYPE html> <html> <head> <title>LoginScript - Forgot password</title> </head> <body> <div class="header"> <pre> <?php print_r($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]); unset($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);