1 trace.disable()

2

3 local secret = param.get("secret")

4

5 if not secret then

6

7 local member = Member:new_selector()

8 :add_where{ "login = ?", param.get("login") }

9 :add_where("password_reset_secret ISNULL OR password_reset_secret_expiry < now()")

10 :optional_object_mode()

11 :exec()

12

13 if member then

14 if not member.notify_email then

15 slot.put_into("error", _"Sorry, but there is not confirmed email address for your account. Please contact the administrator or support.")

16 return false

17 end

18 member:send_password_reset_mail()

19 end

20

21 slot.put_into("notice", _"Your request has been processed.")

22

23 else

24 local member = Member:new_selector()

25 :add_where{ "password_reset_secret = ?", secret }

26 :add_where{ "password_reset_secret_expiry > now()" }

27 :optional_object_mode()

28 :exec()

29

30 if not member then

31 slot.put_into("error", _"Reset code is invalid!")

32 return false

33 end

34

35 local password1 = param.get("password1")

36 local password2 = param.get("password2")

37

38 if password1 ~= password2 then

39 slot.put_into("error", _"Passwords don't match!")

40 return false

41 end

42

43 if #password1 < 8 then

44 slot.put_into("error", _"Passwords must consist of at least 8 characters!")

45 return false

46 end

47

48 member:set_password(password1)

49 member:save()

50

51 slot.put_into("notice", _"Password has been reset successfully")

52

53 end