id != $userId)
{
coreFunctions::redirect(WEB_ROOT);
}
// page settings
define("PAGE_NAME", t("forgot_password_page_name", "Forgot Password"));
define("PAGE_DESCRIPTION", t("forgot_password_meta_description", "Forgot account password"));
define("PAGE_KEYWORDS", t("forgot_password_meta_keywords", "forgot, password, account, short, url, user"));
define("TITLE_DESCRIPTION_LEFT", t("forgot_password_reset_title_page_description_left", ""));
define("TITLE_DESCRIPTION_RIGHT", t("forgot_password_reset_title_page_description_right", ""));
$success = false;
// top navigation
require_once(SITE_TEMPLATES_PATH . '/partial/_navigation_header.inc.php');
// process forgot password, this is a non-ajax fallback so rarely used
if ((int) $_REQUEST['submitme'])
{
// validation
$password = trim($_REQUEST['password']);
$confirmPassword = trim($_REQUEST['confirmPassword']);
if (!strlen($password))
{
notification::setError(t("please_enter_your_password", "Please enter your new password"));
}
elseif ($password != $confirmPassword)
{
notification::setError(t("password_confirmation_does_not_match", "Your password confirmation does not match"));
}
else
{
$passValid = passwordPolicy::validatePassword($password);
if(is_array($passValid))
{
notification::setError(implode('
', $passValid));
}
}
// create the account
if (!notification::isErrors())
{
// update password
$db = Database::getDatabase(true);
$db->query('UPDATE users SET passwordResetHash = "", password = :password WHERE id = :id', array('password' => Password::createHash($password), 'id' => $userId));
// success
coreFunctions::redirect(WEB_ROOT . "/login." . SITE_CONFIG_PAGE_EXTENSION . "?s=1");
}
}
// header top
require_once(SITE_TEMPLATES_PATH . '/partial/_header_file_manager_top.inc.php');
?>