+} elseif (isGetRequestParameterSet('reset_pass')) {
+ // Is the form submitted?
+ if ((isPostRequestParameterSet('send_link')) && (isPostRequestParameterSet('email'))) {
+ // Output result
+ loadTemplate('admin_settings_saved', false, sendAdminPasswordResetLink(postRequestParameter('email')));
+ } elseif (isGetRequestParameterSet('hash')) {
+ // Output form for hash validation
+ loadTemplate('admin_validate_reset_hash_form', false, getRequestParameter('hash'));
+ } elseif ((isPostRequestParameterSet('validate_hash')) && (isPostRequestParameterSet('login')) && (isPostRequestParameterSet('hash'))) {
+ // Validate the login data and hash
+ $valid = adminResetValidateHashLogin(postRequestParameter('hash'), postRequestParameter('login'));
+
+ // Valid?
+ if ($valid === true) {
+ // Prepare content first
+ $content = array(
+ 'hash' => secureString(postRequestParameter('hash')),
+ 'login' => secureString(postRequestParameter('login'))
+ );
+
+ // Validation okay so display form for final password change
+ loadTemplate('admin_reset_password_form', false, $content);
+ } else {
+ // Cannot validate the login data and hash
+ loadTemplate('admin_settings_saved', false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED'));
+ }
+ } elseif ((isPostRequestParameterSet('reset_pass')) && (isPostRequestParameterSet('hash')) && (isPostRequestParameterSet('login')) && (isPostRequestParameterSet('pass1')) && (postRequestParameter('pass1') == postRequestParameter('pass2'))) {
+ // Okay, we shall the admin password here. So first revalidate the hash
+ if (adminResetValidateHashLogin(postRequestParameter('hash'), postRequestParameter('login'))) {
+ // Output result
+ loadTemplate('admin_reset_pass_done', false, doResetAdminPassword(postRequestParameter('login'), postRequestParameter('pass1')));
+ } else {
+ // Validation failed
+ loadTemplate('admin_settings_saved', false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2'));
+ }
+ } else {
+ // Output reset password form
+ loadTemplate('admin_send_reset_link');
+ }
+} elseif ((!isSessionVariableSet('admin_login')) || (!isSessionVariableSet('admin_md5')) || (!isSessionVariableSet('admin_last'))) {