. */ require_once 'lib/include.php'; require_once 'lib/d-sigs.php'; start_session (null, true); $session->auth ('iflogged'); echo ''; ?> Cheetah News status['afterlogged'] == 'yes') { if ($session->email == 'guest') { echo '

'._('You are using a guest account. You must register in order to do this.').'

'; echo "\n\n"; exit (); } $auth = 1; $email = $session->email; if (!empty ($submit)) { if (empty ($pass)) $validPassLen = false; if ($pass != $rpass) $validPass = false; if ($validPassLen && $validPass) { $success = $session->change_password ($opass, $pass, $rpass); if ($success) $message = _('Your password has been successfully changed.'); else $validOPass = false; } } } else if (!empty ($hash)) { $auth = 2; $db = new Database (); $db->query ("SELECT email, UNIX_TIMESTAMP(date) AS forgot_date ". "FROM forgotpassword WHERE hash='".$db->escape ($hash)."'"); if ($db->next_record ()) { $email = $db->f ('email'); $forgot_date = $db->f ('forgot_date'); $db->query ("SELECT email FROM user WHERE email='".$email."'"); if ($db->next_record ()) { $now = time (); $db->query ("SELECT UNIX_TIMESTAMP(UTC_TIMESTAMP()) AS now"); if ($db->next_record ()) $now = $db->f ('now'); $diff = $now - $forgot_date; if ($diff > (3600 * 24)) { /* 24 hours */ $message = _('Your password recovery session has expired.'); } else if (!empty ($submit)) { if (empty ($pass)) $validPassLen = false; if ($pass != $rpass) $validPass = false; if ($validPassLen && $validPass) { $db->query ("UPDATE user SET pass='".make_password ($pass). "', failogCount=0 WHERE email='".$email."'"); $db->query ("DELETE FROM forgotpassword WHERE email='".$email."'"); $message = _('Your password has been successfully changed.'); } } } else $message = printf (_("Account %s doesn't exist."), $email); } else $message = _('Your password recovery session has expired.'); } if ($auth) { if ($message) { ?>

Cheetah: '.$email.')'; } ?>

'; else if (!$validPass) echo ''; else if (!$validOPass) echo ''; ?>
'._('Password cannot be an empty string.').'
'._('Passwords do not match.').'
'._('Invalid old password.').'