From 3c8a1ff8f735a0c7e5b3df4c274c9f1b67b4a35d Mon Sep 17 00:00:00 2001
From: Alan Knowles <alan@roojs.com>
Date: Fri, 7 Dec 2018 10:40:49 +0800
Subject: [PATCH] Pman/Login.php

---
 Pman/Login.php | 20 +-------------------
 1 file changed, 1 insertion(+), 19 deletions(-)

diff --git a/Pman/Login.php b/Pman/Login.php
index 861f49b..ebd7c1c 100644
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -494,26 +494,8 @@ class Pman_Login extends Pman
     function resetPassword($id,$t, $key, $newpass )
     {
         
-        $au = $this->getAuthUser();
-        if ($au) {
-            $this->jerr( "Already Logged in - no need to use Password Reset");
-        }
-        
-        $u = DB_DataObject::factory('core_person');
-        //$u->company_id = $this->company->id;
-        $u->active = 1;
-        if (!$u->get($id) || !strlen($u->passwd)) {
-            $this->jerr("Password reset link is not valid (id)");
-        }
-        
-        // validate key.. 
-        if ($key != $u->genPassKey($t)) {
-            $this->jerr("Password reset link is not valid ($key)");
-        }
+        $u = $this->verifyResetPassword($id,$t,$k);
 	
-	if ($t < strtotime("NOW - 1 DAY")) {
-            $this->jerr("Password reset link has expired");
-        }
 	
         $uu = clone($u);
         $u->no_reset_sent = 0;
-- 
2.39.2