Pman/Login.php

[Pman.Base] / Pman / Login.php

diff --git a/Pman/Login.php b/Pman/Login.php
index dc84b56..ddd353f 100644 (file)
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -257,12 +257,24 @@ class Pman_Login extends Pman
             return $this->passwordRequest($_REQUEST['passwordRequest']);   
         }
         
+       if (!empty($_REQUEST['ResetPassword'])) {
+           if (empty($_REQUEST['id']) || 
+               empty($_REQUEST['ts']) ||
+               empty($_REQUEST['key']) ||
+               empty($_REQUEST['password1']) ||
+               empty($_REQUEST['password2']) ||
+               ($_REQUEST['password1'] != $_REQUEST['password2'])
+           ) {
+               $this->jerr("Invalid request to reset password");
+           }
+           
+           $this->resetPassword($_REQUEST['id'], $_REQUEST['ts'], $_REQUEST['key'], $_REQUEST['password1'] );
+       }
        
-       
-       
-        //if (!empty($_REQUEST['changePassword'])) {
-        //    return $this->changePassword($_REQUEST);
-        //}
+       // this is 'classic' change password...
+        if (!empty($_REQUEST['changePassword'])) {
+            return $this->changePassword($_REQUEST);
+        }
         
         // login attempt..
         
@@ -438,7 +450,7 @@ class Pman_Login extends Pman
     }
     
     
-    function resetPassword($id,$t, $key)
+    function resetPassword($id,$t, $key, $newpass =false)
     {
         
         $au = $this->getAuthUser();
@@ -455,14 +467,14 @@ class Pman_Login extends Pman
         
         // validate key.. 
         if ($key != $u->genPassKey($t)) {
-            return "invalid key";
+            $this->jerr("Passwor reset key is not valid");
         }
         $uu = clone($u);
         $u->no_reset_sent = 0;
         $u->update($uu);
         
         if ($t < strtotime("NOW - 1 DAY")) {
-            return "expired";
+            $this->jerr("Password reset link has expired");
         }
         $this->showNewPass = implode("/", array($id,$t,$key));
         return false;