Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/scripts/lostpw.php
blob: ce2a78dc941cf3b712a969c864adef9979f1ef04 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

<?php

  /*********************************************************\
  | Deal with lost passwords                                |
  | ~~~~~~~~~~~~~~~~~~~~~~~~                                |
  \*********************************************************/

if (!defined('IN_FS')) {
    die('Do not access this file directly.');
}

$page->setTitle($fs->prefs['page_title'] . L('lostpw'));

if (!Req::has('magic_url') && $user->isAnon()) {
    // Step One: user requests magic url
    $page->pushTpl('lostpw.step1.tpl');
}
elseif (Req::has('magic_url') && $user->isAnon()) {
    # Step Two: user enters new password
    # First as link from email (GET), form could be repeated as POST
    # when user misrepeats the new password. so GET and POST possible here!
    $check_magic = $db->query('SELECT * FROM {users} WHERE magic_url = ?',
            array(Req::val('magic_url')));

    if (!$db->countRows($check_magic)) {
        Flyspray::show_error(12);
    }
    $page->pushTpl('lostpw.step2.tpl');
} else {
    Flyspray::redirect($baseurl);
}
?>

Copyright © 2002-2022 Judd Vinet and Aaron Griffin. Copyright © 2022 Erich Eckner.
The Arch Linux name and logo are recognized trademarks. Some rights reserved. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.