From 8df3db566a3a937b45ebf11adb90d265e6f5e2d4 Mon Sep 17 00:00:00 2001 From: Andreas Baumann Date: Sun, 17 Nov 2019 20:45:02 +0100 Subject: initial checking of customized version 1.0rc9 --- scripts/lostpw.php | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 scripts/lostpw.php (limited to 'scripts/lostpw.php') diff --git a/scripts/lostpw.php b/scripts/lostpw.php new file mode 100644 index 0000000..ce2a78d --- /dev/null +++ b/scripts/lostpw.php @@ -0,0 +1,32 @@ +setTitle($fs->prefs['page_title'] . L('lostpw')); + +if (!Req::has('magic_url') && $user->isAnon()) { + // Step One: user requests magic url + $page->pushTpl('lostpw.step1.tpl'); +} +elseif (Req::has('magic_url') && $user->isAnon()) { + # Step Two: user enters new password + # First as link from email (GET), form could be repeated as POST + # when user misrepeats the new password. so GET and POST possible here! + $check_magic = $db->query('SELECT * FROM {users} WHERE magic_url = ?', + array(Req::val('magic_url'))); + + if (!$db->countRows($check_magic)) { + Flyspray::show_error(12); + } + $page->pushTpl('lostpw.step2.tpl'); +} else { + Flyspray::redirect($baseurl); +} +?> -- cgit v1.2.3-70-g09d2