id != $userId) { coreFunctions::redirect(WEB_ROOT); } /* setup page */ define("PAGE_NAME", t("forgot_password_page_name", "Forgot Password")); define("PAGE_DESCRIPTION", t("forgot_password_meta_description", "Forgot account password")); define("PAGE_KEYWORDS", t("forgot_password_meta_keywords", "forgot, password, account, short, url, user")); $success = false; /* register user */ if ((int) $_REQUEST['submitme']) { // validation $password = trim($_REQUEST['password']); $confirmPassword = trim($_REQUEST['confirmPassword']); if (!strlen($password)) { notification::setError(t("please_enter_your_password", "Please enter your new password")); } elseif ((strlen($password) < 6) || (strlen($password) > 20)) { notification::setError(t("password_length_incorrect", "Password should be between 6 - 20 characters in length")); } elseif (validation::containsInvalidCharacters(strtolower($password), 'abcdefghijklmnopqrstuvwxyz1234567890@~#!-_£$&*()^%}{()')) { notification::setError(t("password_contains_illegal_characters", "Password contains invalid characters, please choose another.")); } elseif ($password != $confirmPassword) { notification::setError(t("password_confirmation_does_not_match", "Your password confirmation does not match")); } // create the account if (!notification::isErrors()) { // update password $db = Database::getDatabase(true); $db->query('UPDATE users SET passwordResetHash = "", password = :password WHERE id = :id', array('password' => Password::createHash($password), 'id' => $userId)); // success $success = true; } } // include header require_once(SITE_TEMPLATES_PATH . '/partial/_header.inc.php'); ?>