fs_selfservice/wordpress/process_forgot_password.php

   1 <?php
   2
   3 require( dirname( __FILE__ ) . '/wp-blog-header.php' );
   4 get_header();
   5
   6 $freeside = new FreesideSelfService();
   7
   8 if ( isset($_POST['freeside_session_id']) ) {
   9
  10     $result = $freeside->process_reset_passwd(array(
  11       'session_id'    => $_POST['freeside_session_id'],
  12       'new_password'  => $_POST['new_password'],
  13       'new_password2' => $_POST['new_password2'],
  14     ));
  15
  16     if ( $result['error'] ) {
  17       $_REQUEST['freeside_error'] = $result['error'];
  18       $freeside_session_id = htmlspecialchars($_POST['freeside_session_id']);
  19     }
  20
  21 ?>
  22
  23     <?php include('elements/error.php'); ?>
  24
  25     <?php if ( ! $result['error'] ) { ?>
  26
  27         Your password has been changed.  You can now <A HREF="example_login.php">log in</A>.
  28
  29     <?php get_footer(); die; ?>
  30     <?php } ?>
  31
  32 <?php
  33 } elseif ( isset($_GET['action']) ) {
  34
  35     $freeside_session_id = '';
  36     $matches = array();
  37     if ( preg_match( '/^process_forgot_password_session_(\w+)$/', $_GET['action'], $matches ) ) {
  38       $freeside_session_id = $matches[1];
  39     } else {
  40       #shouldn't be at this URL w/o action; accidentally edited URL or malicious
  41       die();
  42     }
  43 ?>
  44
  45 <?php } ?>
  46
  47     <FORM METHOD="POST">
  48     <INPUT TYPE="hidden" NAME="freeside_session_id" VALUE="<?php echo $freeside_session_id; ?>">
  49     New password: <INPUT TYPE="password" NAME="new_password"><BR>
  50
  51     Re-enter new password: <INPUT TYPE="password" NAME="new_password2"><BR>
  52
  53     <INPUT TYPE="submit" VALUE="Change password">
  54     </FORM>
  55
  56
  57 <?php get_footer(); ?>