<?php
/**
 * The Strangecode Codebase - a general application development framework for PHP
 * For details visit the project site: <http://trac.strangecode.com/codebase/>
 * Copyright 2001-2012 Strangecode, LLC
 *
 * This file is part of The Strangecode Codebase.
 *
 * The Strangecode Codebase is free software: you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your option)
 * any later version.
 *
 * The Strangecode Codebase is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License along with
 * The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>.
 */

/*
* reset_password.php
*
* @author   Quinn Comendant <quinn@strangecode.com>
* @version  1.0
* @since    30 Jun 2006 01:39:32
*/


/********************************************************************
* CONFIG
********************************************************************/

// Redefine include_path including the codebase/services but allow local templates override global ones.
ini_set('include_path', join(PATH_SEPARATOR, array(
    get_include_path(),
    dirname(__FILE__) . '/templates'
)));

// The object to validate form input from the user.
require_once 'codebase/lib/FormValidator.inc.php';
$fv = new FormValidator();

require_once 'codebase/lib/HTML.inc.php';

/********************************************************************
* MAIN
********************************************************************/

// If boomerang is set remember which page we came from so we can go back there.
if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) {
    $app->setBoomerangURL($_SERVER['HTTP_REFERER'], 'reset_password');
}

switch (getFormData('op')) {
case 'reset' :
    $fv->notEmpty('username', sprintf(_("You must enter your %s."), _("Username")));
    if (!$fv->anyErrors()) {
        // Get the user id for this username, if it exists.
        $qid = $db->query("
            SELECT " . $db->escapeString($auth->getParam('db_primary_key')) . "
            FROM " . $db->escapeString($auth->getParam('db_table')) . "
            WHERE " . $db->escapeString($auth->getParam('db_username_column')) . " = '" . $db->escapeString(getFormData('username')) . "'
        ");
        if ((list($user_id) = mysql_fetch_row($qid)) && $auth->resetPassword($user_id, 'This was requested on the "I forgot my password" page.')) {
            $app->raiseMsg(sprintf(_("Your password has been reset. Your new password has been sent to you in an email."), null), MSG_SUCCESS, __FILE__, __LINE__);
            $app->dieURL($auth->getParam('login_url'));
        } else {
            $app->raiseMsg(sprintf(_("There was a problem resetting the password for <em>%s</em>. Please contact us if you need assistance."), oTxt(getFormData('username'))), MSG_WARNING, __FILE__, __LINE__);
            $app->logMsg(sprintf('Password reset for %s failed.', getFormData('username')), LOG_NOTICE, __FILE__, __LINE__);
            $frm = array('username' => getFormData('username'));
        }
    }
    break;

case 'form' :
default :
    $frm = array('username' => '');
    break;
}


/********************************************************************
* OUTPUT
********************************************************************/

$nav->add(_("Reset Password"));
$nav->set('id', 'reset_password');

include 'header.' . $app->getParam('template_ext');
include 'reset_password.ihtml';
include 'footer.' . $app->getParam('template_ext');