$NOTIFICATIONS->SetHeadline('Error!'); $NOTIFICATIONS->SetText('Invalid security token.<br>Please open your your e-mail and follow the instruction we have sent you.'); $NOTIFICATIONS->SetTextAlign('center'); //$NOTIFICATIONS->SetAutoContinue(true); //$NOTIFICATIONS->SetContinueDelay(5); $NOTIFICATIONS->Apply(); header("Location: " . $config['BaseURL'] . "/index.php?page=password_recovery"); die; } $password = trim($password); //Check for errors $ERRORS->Check('/index.php?page=password_recovery&verify=1&key=' . $key); ################################################## ############## The actual script ################# //Get the external data for the token $row = $token->get_enternalData(); //Destroy this token $token->destroyToken(); //unset the class unset($token); //get the column names for table accounts $columns = CORE_COLUMNS::get('accounts'); //make our new pass hash $shapasshash = server_Account::makeHash($row[$columns['username']], $password); //Apply the new hash to the account $update = $AUTH_DB->prepare("UPDATE `" . $columns['self'] . "` SET `" . $columns['shapasshash'] . "` = :hash, `" . $columns['sessionkey'] . "` = '', `" . $columns['v'] . "` = '', `" . $columns['s'] . "` = '' WHERE `" . $columns['id'] . "` = :acc LIMIT 1;"); $update->bindParam(':hash', $shapasshash, PDO::PARAM_STR); $update->bindParam(':acc', $row[$columns['id']], PDO::PARAM_INT); $update->execute(); //check if the account was affected if ($update->rowCount() > 0) {