</form>
</div>
</div>';
} else {
//check if the key is set
if ($key) {
//load the Tokens module
$CORE->load_CoreModule('tokens');
//construct
$token = new Tokens();
//Set the application string so the token is only valid for this app
$token->setApplication('PRECOVER');
//set and validate the token
$TokenValidation = $token->set_decodedToken($key);
//make sure the token checks out
if ($TokenValidation === true) {
//the token is valid, save the token for the execute
$_SESSION['P_Recovery_Token'] = $key;
echo '
<div class="page-desc-holder">
This is the final step of the password recovery process,
all you have to do is to enter your new password.
</div>
<div class="container_3 account-wide" align="center">
<p style="padding: 20px;">
<form action="', $config['BaseURL'], '/execute.php?take=precovery_finish" method="post">
$ERRORS->Add('You\'ve failed to confirm your new password.');
} else {
if (strlen($password) > 64) {
//password too long
$ERRORS->Add('The new password is too long, maximum length 64.');
} else {
if (strlen($password) < 6) {
//password too short
$ERRORS->Add('The new password is too short, minimum length 6.');
}
}
}
}
}
//Check if the key is set and valid
if (!$key or $token->set_decodedToken($key) !== true) {
//Setup our notification
$NOTIFICATIONS->SetTitle('Notification');
$NOTIFICATIONS->SetHeadline('Error!');
$NOTIFICATIONS->SetText('Invalid security token.<br>Please open your your e-mail and follow the instruction we have sent you.');
$NOTIFICATIONS->SetTextAlign('center');
//$NOTIFICATIONS->SetAutoContinue(true);
//$NOTIFICATIONS->SetContinueDelay(5);
$NOTIFICATIONS->Apply();
header("Location: " . $config['BaseURL'] . "/index.php?page=password_recovery");
die;
}
$password = trim($password);
//Check for errors
$ERRORS->Check('/index.php?page=password_recovery&verify=1&key=' . $key);
##################################################
