bsw@224: trace.disable()
bsw@224:     
bsw/jbe@6: local secret = param.get("secret")
bsw/jbe@6: 
bsw/jbe@6: if not secret then
bsw/jbe@6: 
bsw/jbe@6:   local member = Member:new_selector()
bsw/jbe@6:     :add_where{ "login = ?", param.get("login") }
bsw/jbe@6:     :add_where("password_reset_secret ISNULL OR password_reset_secret_expiry < now()")
bsw/jbe@6:     :optional_object_mode()
bsw/jbe@6:     :exec()
bsw/jbe@6: 
bsw/jbe@6:   if member then
bsw/jbe@6:     if not member.notify_email then
bsw/jbe@6:       slot.put_into("error", _"Sorry, but there is not confirmed email address for your account. Please contact the administrator or support.")
bsw/jbe@6:       return false
bsw/jbe@6:     end
bsw@1231:     member:send_password_reset_mail()
bsw/jbe@6:   end
bsw/jbe@6: 
bsw@990:   slot.put_into("notice", _"Your request has been processed.")
bsw/jbe@6: 
bsw/jbe@6: else
bsw/jbe@6:   local member = Member:new_selector()
bsw/jbe@6:     :add_where{ "password_reset_secret = ?", secret }
bsw/jbe@6:     :add_where{ "password_reset_secret_expiry > now()" }
bsw/jbe@6:     :optional_object_mode()
bsw/jbe@6:     :exec()
bsw/jbe@6: 
bsw/jbe@6:   if not member then
bsw/jbe@6:     slot.put_into("error", _"Reset code is invalid!")
bsw/jbe@6:     return false
bsw/jbe@6:   end
bsw/jbe@6: 
bsw/jbe@6:   local password1 = param.get("password1")
bsw/jbe@6:   local password2 = param.get("password2")
bsw/jbe@6: 
bsw/jbe@6:   if password1 ~= password2 then
bsw/jbe@6:     slot.put_into("error", _"Passwords don't match!")
bsw/jbe@6:     return false
bsw/jbe@6:   end
bsw/jbe@6: 
bsw/jbe@6:   if #password1 < 8 then
bsw/jbe@6:     slot.put_into("error", _"Passwords must consist of at least 8 characters!")
bsw/jbe@6:     return false
bsw/jbe@6:   end
bsw/jbe@6: 
bsw/jbe@6:   member:set_password(password1)
bsw/jbe@6:   member:save()
bsw/jbe@6: 
bsw/jbe@6:   slot.put_into("notice", _"Password has been reset successfully")
bsw/jbe@6: 
jbe@326: end