From 24e0f3408cfaa760bc0bc302f8d0a75e134f8ad3 Mon Sep 17 00:00:00 2001
From: Alan Knowles <alan@roojs.com>
Date: Fri, 7 Dec 2018 10:38:16 +0800
Subject: [PATCH] Pman.php

---
 Pman.php | 31 +------------------------------
 1 file changed, 1 insertion(+), 30 deletions(-)

diff --git a/Pman.php b/Pman.php
index 6e3c196..84fb106 100644
--- a/Pman.php
+++ b/Pman.php
@@ -196,7 +196,7 @@ class Pman extends HTML_FlexyFramework_Page
         }
         
         
-        if (strlen($base)) {
+        if (strlen($base) && $bits[0] != 'PasswordReset') {
             $this->jerror("BADURL","invalid url: $base");
         }
         // deliver template
@@ -394,35 +394,6 @@ class Pman extends HTML_FlexyFramework_Page
      */
     
     
-    function resetPassword($id,$t, $key)
-    {
-        
-        $au = $this->getAuthUser();
-        if ($au) {
-            return "Already Logged in - no need to use Password Reset";
-        }
-        
-        $u = DB_DataObject::factory('core_person');
-        //$u->company_id = $this->company->id;
-        $u->active = 1;
-        if (!$u->get($id) || !strlen($u->passwd)) {
-            return "invalid id";
-        }
-        
-        // validate key.. 
-        if ($key != $u->genPassKey($t)) {
-            return "invalid key";
-        }
-        $uu = clone($u);
-        $u->no_reset_sent = 0;
-        $u->update($uu);
-        
-        if ($t < strtotime("NOW - 1 DAY")) {
-            return "expired";
-        }
-        $this->showNewPass = implode("/", array($id,$t,$key));
-        return false;
-    }
     
     /**
      * jerrAuth: standard auth failure - with data that let's the UI know..
-- 
2.39.2