From: Alan Knowles <alan@roojs.com>
Date: Fri, 7 Dec 2018 02:39:30 +0000 (+0800)
Subject: Pman/Login.php
X-Git-Url: http://git.roojs.org/?p=Pman.Base;a=commitdiff_plain;h=ae6b31647ba6b1d256e1c8ba7c3d78d679526655

Pman/Login.php
---

diff --git a/Pman/Login.php b/Pman/Login.php
index 3c252f7..ed06d38 100644
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -271,6 +271,19 @@ class Pman_Login extends Pman
 	    $this->resetPassword($_REQUEST['id'], $_REQUEST['ts'], $_REQUEST['key'], $_REQUEST['password1'] );
 	}
 	
+	
+	if (!empty($_REQUEST['_verifyCheckSum'])) {
+	    if (empty($_REQUEST['id']) || 
+		empty($_REQUEST['ts']) ||
+		empty($_REQUEST['key'])
+		 
+	    ) {
+		$this->jerr("Invalid request to reset password");
+	    }
+	    
+	    $this->verifyCheckSum($_REQUEST['id'], $_REQUEST['ts'], $_REQUEST['key']);
+	}
+	
 	// this is 'classic' change password...
         if (!empty($_REQUEST['changePassword'])) {
             return $this->changePassword($_REQUEST);