Pman/Login.php

[Pman.Base] / Pman / Login.php

diff --git a/Pman/Login.php b/Pman/Login.php
index 5feeb62..a6ce5cd 100644 (file)
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -254,9 +254,7 @@ class Pman_Login extends Pman
         }
         
         if (!empty($_REQUEST['passwordRequest'])) { //|| (strpos($_REQUEST['username'], '@') < 1)) {
-            
-            return $this->passwordRequest($_REQUEST['passwordRequest']);
-            
+            return $this->passwordRequest($_REQUEST['passwordRequest']);   
         }
         
         if (!empty($_REQUEST['changePassword'])) {
@@ -436,6 +434,38 @@ class Pman_Login extends Pman
         
     }
     
+    
+    function resetPassword($id,$t, $key)
+    {
+        
+        $au = $this->getAuthUser();
+        if ($au) {
+            return "Already Logged in - no need to use Password Reset";
+        }
+        
+        $u = DB_DataObject::factory('core_person');
+        //$u->company_id = $this->company->id;
+        $u->active = 1;
+        if (!$u->get($id) || !strlen($u->passwd)) {
+            return "invalid id";
+        }
+        
+        // validate key.. 
+        if ($key != $u->genPassKey($t)) {
+            return "invalid key";
+        }
+        $uu = clone($u);
+        $u->no_reset_sent = 0;
+        $u->update($uu);
+        
+        if ($t < strtotime("NOW - 1 DAY")) {
+            return "expired";
+        }
+        $this->showNewPass = implode("/", array($id,$t,$key));
+        return false;
+    }
+    
+    
     function changePassword($r)
     {   
         $au = $this->getAuthUser();