Pman/Login.php

[Pman.Base] / Pman / Login.php

diff --git a/Pman/Login.php b/Pman/Login.php
index ed06d38..dac31bf 100644 (file)
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -281,7 +281,8 @@ class Pman_Login extends Pman
                $this->jerr("Invalid request to reset password");
            }
            
-           $this->verifyCheckSum($_REQUEST['id'], $_REQUEST['ts'], $_REQUEST['key']);
+           $this->verifyResetPassword($_REQUEST['id'], $_REQUEST['ts'], $_REQUEST['key']);
+           $this->jok("Checksum is ok");
        }
        
        // this is 'classic' change password...
@@ -462,13 +463,12 @@ class Pman_Login extends Pman
         
     }
     
-    
-    function resetPassword($id,$t, $key, $newpass )
+    function verifyResetPassword($id,$t, $key)
     {
-        
-        $au = $this->getAuthUser();
+       $au = $this->getAuthUser();
+       print_R($au);
         if ($au) {
-            return "Already Logged in - no need to use Password Reset";
+            $this->jerr( "Already Logged in - no need to use Password Reset");
         }
         
         $u = DB_DataObject::factory('core_person');
@@ -486,6 +486,18 @@ class Pman_Login extends Pman
        if ($t < strtotime("NOW - 1 DAY")) {
             $this->jerr("Password reset link has expired");
         }
+       return $u;
+       
+       
+       
+    }
+    
+    
+    function resetPassword($id,$t, $key, $newpass )
+    {
+        
+        $u = $this->verifyResetPassword($id,$t,$key);
+       
        
         $uu = clone($u);
         $u->no_reset_sent = 0;
@@ -493,7 +505,8 @@ class Pman_Login extends Pman
            $u->setPassword($newpass);
        }
         $u->update($uu);
-        $u->login();
+       $this->addEvent("CHANGEPASS", $au);
+
         $this->jok("Password has been Updated");
     }