+ if (!empty($_REQUEST['passwordRequest'])) { //|| (strpos($_REQUEST['username'], '@') < 1)) {
+ return $this->passwordRequest($_REQUEST['passwordRequest']);
+ }
+
+ if (!empty($_REQUEST['ResetPassword'])) {
+ if (empty($_REQUEST['id']) ||
+ empty($_REQUEST['ts']) ||
+ empty($_REQUEST['key']) ||
+ empty($_REQUEST['password1']) ||
+ empty($_REQUEST['password2']) ||
+ ($_REQUEST['password1'] != $_REQUEST['password2'])
+ ) {
+ $this->jerr("Invalid request to reset password");
+ }
+
+ $this->resetPassword($_REQUEST['id'], $_REQUEST['ts'], $_REQUEST['key'], $_REQUEST['password1'] );
+ }
+
+
+ if (!empty($_REQUEST['_verifyCheckSum'])) {
+ if (empty($_REQUEST['id']) ||
+ empty($_REQUEST['ts']) ||
+ empty($_REQUEST['key'])
+
+ ) {
+ $this->jerr("Invalid request to reset password");
+ }
+
+ $this->verifyResetPassword($_REQUEST['id'], $_REQUEST['ts'], $_REQUEST['key']);
+ $this->jok("Checksum is ok");
+ }
+
+ // this is 'classic' change password...