+} elseif (REQUEST_ISSET_GET('reset_pass')) {
+ // Is the form submitted?
+ if ((REQUEST_ISSET_POST('send_link')) && (REQUEST_ISSET_POST('email'))) {
+ // Try to send the link out
+ $OUT = ADMIN_SEND_PASSWORD_RESET_LINK(REQUEST_POST('email'));
+
+ // Output result
+ LOAD_TEMPLATE('admin_settings_saved', false, $OUT);
+ } elseif (REQUEST_ISSET_GET('hash')) {
+ // Output form for hash validation
+ LOAD_TEMPLATE('admin_validate_reset_hash_form', false, REQUEST_GET('hash'));
+ } elseif ((REQUEST_ISSET_POST('validate_hash')) && (REQUEST_ISSET_POST('login')) && (REQUEST_ISSET_POST('hash'))) {
+ // Validate the login data and hash
+ $valid = ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN(REQUEST_POST('hash'), REQUEST_POST('login'));
+
+ // Valid?
+ if ($valid === true) {
+ // Prepare content first
+ $content = array(
+ 'hash' => SQL_ESCAPE(REQUEST_POST('hash')),
+ 'login' => SQL_ESCAPE(REQUEST_POST('login'))
+ );
+
+ // Validation okay so display form for final password change
+ LOAD_TEMPLATE('admin_reset_password_form', false, $content);
+ } else {
+ // Cannot validate the login data and hash
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED'));
+ }
+ } elseif ((REQUEST_ISSET_POST('reset_pass')) && (REQUEST_ISSET_POST('hash')) && (REQUEST_ISSET_POST('login')) && (REQUEST_ISSET_POST('pass1')) && (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) {
+ // Okay, we shall the admin password here. So first revalidate the hash
+ if (ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN(REQUEST_POST('hash'), REQUEST_POST('login'))) {
+ // Set the password now
+ $OUT = ADMIN_RESET_PASSWORD(REQUEST_POST('login'), REQUEST_POST('pass1'));
+
+ // Output result
+ LOAD_TEMPLATE('admin_reset_pass_done', false, $OUT);
+ } else {
+ // Validation failed
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2'));
+ }
+ } else {
+ // Output reset password form
+ LOAD_TEMPLATE('admin_send_reset_link');
+ }
+} elseif ((!isSessionVariableSet('admin_login')) || (!isSessionVariableSet('admin_md5')) || (!isSessionVariableSet('admin_last')) || (!isSessionVariableSet('admin_to')) || ((getSession('admin_last') + bigintval(getSession('admin_to')) * 3600 * 24) < time())) {