Pman/Login.php

author Alan Knowles <alan@roojs.com>

Fri, 7 Dec 2018 02:35:47 +0000 (10:35 +0800)

committer Alan Knowles <alan@roojs.com>

Fri, 7 Dec 2018 02:35:47 +0000 (10:35 +0800)
author Alan Knowles <alan@roojs.com>
Fri, 7 Dec 2018 02:35:47 +0000 (10:35 +0800)
committer Alan Knowles <alan@roojs.com>
Fri, 7 Dec 2018 02:35:47 +0000 (10:35 +0800)
diff --git a/Pman/Login.php b/Pman/Login.php

index ddd353f..7aa7068 100644 (file)
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -462,20 +462,26 @@ class Pman_Login extends Pman
          //$u->company_id = $this->company->id;
          $u->active = 1;
          if (!$u->get($id) || !strlen($u->passwd)) {
-            return "invalid id";
+            $this->jerr("Password reset link is not valid (id)");
          }
          
          // validate key.. 
          if ($key != $u->genPassKey($t)) {
-            $this->jerr("Passwor reset key is not valid");
+            $this->jerr("Password reset link is not valid ($key)");
          }
+       
+       if ($t < strtotime("NOW - 1 DAY")) {
+            $this->jerr("Password reset link has expired");
+        }
+       
          $uu = clone($u);
          $u->no_reset_sent = 0;
+       if ($newpass != false) {
+           $u->setPassword($newpass);
+       }
          $u->update($uu);
          
-        if ($t < strtotime("NOW - 1 DAY")) {
-            $this->jerr("Password reset link has expired");
-        }
+        
          $this->showNewPass = implode("/", array($id,$t,$key));
          return false;
      }
author	Alan Knowles <alan@roojs.com>
	Fri, 7 Dec 2018 02:35:47 +0000 (10:35 +0800)
committer	Alan Knowles <alan@roojs.com>
	Fri, 7 Dec 2018 02:35:47 +0000 (10:35 +0800)