From: Alan Knowles <alan@roojs.com>
Date: Fri, 7 Dec 2018 02:40:49 +0000 (+0800)
Subject: Pman/Login.php
X-Git-Url: http://git.roojs.org/?p=Pman.Base;a=commitdiff_plain;h=3c8a1ff8f735a0c7e5b3df4c274c9f1b67b4a35d

Pman/Login.php
---

diff --git a/Pman/Login.php b/Pman/Login.php
index 861f49b..ebd7c1c 100644
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -494,26 +494,8 @@ class Pman_Login extends Pman
     function resetPassword($id,$t, $key, $newpass )
     {
         
-        $au = $this->getAuthUser();
-        if ($au) {
-            $this->jerr( "Already Logged in - no need to use Password Reset");
-        }
-        
-        $u = DB_DataObject::factory('core_person');
-        //$u->company_id = $this->company->id;
-        $u->active = 1;
-        if (!$u->get($id) || !strlen($u->passwd)) {
-            $this->jerr("Password reset link is not valid (id)");
-        }
-        
-        // validate key.. 
-        if ($key != $u->genPassKey($t)) {
-            $this->jerr("Password reset link is not valid ($key)");
-        }
+        $u = $this->verifyResetPassword($id,$t,$k);
 	
-	if ($t < strtotime("NOW - 1 DAY")) {
-            $this->jerr("Password reset link has expired");
-        }
 	
         $uu = clone($u);
         $u->no_reset_sent = 0;