1 files changed, 24 insertions, 30 deletions

diff --git a/actions/user/requestnewpassword.php b/actions/user/requestnewpassword.php
index 3ed2d604e..f1d4fa43c 100644
--- a/actions/user/requestnewpassword.php
+++ b/actions/user/requestnewpassword.php
@@ -1,33 +1,27 @@
 <?php
-	/**
-	 * Action to request a new password.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008
-	 * @link http://elgg.org/
-	 */
+/**
+ * Action to request a new password.
+ *
+ * @package Elgg.Core
+ * @subpackage User.Account
+ */
 
-	require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
-	global $CONFIG;
-	
-	action_gatekeeper();
-	
-	$username = get_input('username');
-	
-	$user = get_user_by_username($username);
-	if ($user)
-	{
-		if (send_new_password_request($user->guid))
-			system_message(elgg_echo('user:password:resetreq:success'));
-		else
-			register_error(elgg_echo('user:password:resetreq:fail')); 
+$username = get_input('username');
+
+// allow email addresses
+if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) {
+	$username = $users[0]->username;
+}
+
+$user = get_user_by_username($username);
+if ($user) {
+	if (send_new_password_request($user->guid)) {
+		system_message(elgg_echo('user:password:resetreq:success'));
+	} else {
+		register_error(elgg_echo('user:password:resetreq:fail'));
 	}
-	else
-		register_error(sprintf(elgg_echo('user:username:notfound'), $username));
-	
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-?>
\ No newline at end of file
+} else {
+	register_error(elgg_echo('user:username:notfound', array($username)));
+}
+
+forward();