diff options
Diffstat (limited to 'pages/account')
-rw-r--r-- | pages/account/forgotten_password.php | 2 | ||||
-rw-r--r-- | pages/account/reset_password.php | 35 |
2 files changed, 35 insertions, 2 deletions
diff --git a/pages/account/forgotten_password.php b/pages/account/forgotten_password.php index 93d786e22..7679eaa55 100644 --- a/pages/account/forgotten_password.php +++ b/pages/account/forgotten_password.php @@ -6,8 +6,6 @@ * @subpackage Registration */ -require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); - if (elgg_is_logged_in()) { forward(); } diff --git a/pages/account/reset_password.php b/pages/account/reset_password.php new file mode 100644 index 000000000..019ec3add --- /dev/null +++ b/pages/account/reset_password.php @@ -0,0 +1,35 @@ +<?php +/** + * Page for resetting a forgotten password + * + * @package Elgg.Core + * @subpackage Registration + */ + +if (elgg_is_logged_in()) { + forward(); +} + +$user_guid = get_input('u'); +$code = get_input('c'); + +$user = get_entity($user_guid); + +// don't check code here to avoid automated attacks +if (!$user instanceof ElggUser) { + register_error(elgg_echo('user:passwordreset:unknown_user')); + forward(); +} + +$params = array( + 'guid' => $user_guid, + 'code' => $code, +); +$form = elgg_view_form('user/passwordreset', array(), $params); + +$title = elgg_echo('resetpassword'); +$content = elgg_view_title(elgg_echo('resetpassword')) . $form; + +$body = elgg_view_layout('one_column', array('content' => $content)); + +echo elgg_view_page($title, $body); |