$tpl->set_block("forgotpassword", "success"); $tpl->set_block("forgotpassword", "unknown"); $page = $_REQUEST['page']; if (!isset($page)) { $page = "/"; } /* FIXME: Dumb workaround */ unset($tpl->varkeys["PAGE"]); unset($tpl->varvals["PAGE"]); $tpl->set_var("PAGE", $page); /* forgotpassword might get a POST with submit/email, or a simple GET with email */ if (isset($_REQUEST['email'])) { $email = $_REQUEST['email']; $tpl->set_var("EMAIL", $email); $user = new AccountUser(); $user->find_by_email($email); if (!$user->valid()) { $tpl->set_var("success", ""); } else { $user->forgotpassword(); $user->update(); $tpl->set_var("unknown", ""); $tpl->set_var("form", ""); } } else { $tpl->set_var("EMAIL", ""); $tpl->set_var("unknown", ""); $tpl->set_var("success", ""); } print generate_page('Forgot Password', $tpl->parse("content", "forgotpassword"));
} $page = $_REQUEST['page']; if (isset($_REQUEST['url'])) { $page = "http://" . $_REQUEST['url']; } if (!isset($page)) { $page = "/"; } $tpl->set_var("PAGE", $page); if (isset($_POST['login']) && isset($_POST['email'])) { $email = $_POST['email']; $password = $_POST['password']; $tpl->set_var("EMAIL", $email); $user = new AccountUser(); $user->find_by_email($email); if (!$user->valid() || !$user->checkpassword($password)) { $message = "Invalid password for {$email}\n"; } else { if ($tou_available && !$_REQUEST["tou_agree"]) { $message = "You must agree to the Terms Of Use\n"; } else { $user->setcookie(); header("Location: {$page}"); exit; } } } else { $tpl->set_var("EMAIL", ""); } if (isset($message) && !empty($message)) { $tpl->set_var("MESSAGE", $message);