}
- function resetPassword($id,$t, $key)
+ function resetPassword($id,$t, $key, $newpass =false)
{
$au = $this->getAuthUser();
//$u->company_id = $this->company->id;
$u->active = 1;
if (!$u->get($id) || !strlen($u->passwd)) {
- return "invalid id";
+ $this->jerr("Password reset link is not valid (id)");
}
// validate key..
if ($key != $u->genPassKey($t)) {
- return "invalid key";
+ $this->jerr("Password reset link is not valid ($key)");
}
+
+ if ($t < strtotime("NOW - 1 DAY")) {
+ $this->jerr("Password reset link has expired");
+ }
+
$uu = clone($u);
$u->no_reset_sent = 0;
+ if ($newpass != false) {
+ $u->setPassword($newpass);
+ }
$u->update($uu);
-
- if ($t < strtotime("NOW - 1 DAY")) {
- return "expired";
- }
- $this->showNewPass = implode("/", array($id,$t,$key));
- return false;
+ $u->login();
+ $this->jok("Password has been Updated");
}