id != $userId) { coreFunctions::redirect(WEB_ROOT); } // page settings define("PAGE_NAME", t("forgot_password_page_name", "Forgot Password")); define("PAGE_DESCRIPTION", t("forgot_password_meta_description", "Forgot account password")); define("PAGE_KEYWORDS", t("forgot_password_meta_keywords", "forgot, password, account, short, url, user")); define("TITLE_DESCRIPTION_LEFT", t("forgot_password_reset_title_page_description_left", "")); define("TITLE_DESCRIPTION_RIGHT", t("forgot_password_reset_title_page_description_right", "")); $success = false; // top navigation require_once(SITE_TEMPLATES_PATH . '/partial/_navigation_header.inc.php'); // process forgot password, this is a non-ajax fallback so rarely used if ((int) $_REQUEST['submitme']) { // validation $password = trim($_REQUEST['password']); $confirmPassword = trim($_REQUEST['confirmPassword']); if (!strlen($password)) { notification::setError(t("please_enter_your_password", "Please enter your new password")); } elseif ($password != $confirmPassword) { notification::setError(t("password_confirmation_does_not_match", "Your password confirmation does not match")); } else { $passValid = passwordPolicy::validatePassword($password); if(is_array($passValid)) { notification::setError(implode('
', $passValid)); } } // create the account if (!notification::isErrors()) { // update password $db = Database::getDatabase(true); $db->query('UPDATE users SET passwordResetHash = "", password = :password WHERE id = :id', array('password' => Password::createHash($password), 'id' => $userId)); // success coreFunctions::redirect(WEB_ROOT . "/login." . SITE_CONFIG_PAGE_EXTENSION . "?s=1"); } } // header top require_once(SITE_TEMPLATES_PATH . '/partial/_header_file_manager_top.inc.php'); ?>