diff options
| author | Andrew Dolgov <[email protected]> | 2013-03-29 10:10:20 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2013-03-29 10:10:20 +0400 |
| commit | e216d3025f486cee0398410a7842484f268b8c9d (patch) | |
| tree | 71f91a7fb0e73f4cec9bc66cee8da3b05514de78 | |
| parent | 9a2aed919347ef68264ba556eeb1ddcbff2db005 (diff) | |
forgotpass: remove secretkey stuff because of new session handling; use stylesheet/javascript_tag
| -rw-r--r-- | classes/handler/public.php | 33 |
1 files changed, 9 insertions, 24 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index 902e836fc..6822faa77 100644 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -723,15 +723,13 @@ class Handler_Public extends Handler { function forgotpass() { header('Content-Type: text/html; charset=utf-8'); - print "<html> - <head> - <title>Tiny Tiny RSS</title> - <link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\"> - <script type=\"text/javascript\" src=\"lib/prototype.js\"></script> - <script type=\"text/javascript\" src=\"lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls\"></script> - <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> - </head> - <body id='forgotpass'>"; + print "<html><head><title>Tiny Tiny RSS</title>"; + + print stylesheet_tag("utility.css"); + print javascript_tag("lib/prototype.js"); + + print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> + </head><body id='forgotpass'>"; print '<div class="floatingLogo"><img src="images/logo_small.png"></div>'; print "<h1>".__("Password recovery")."</h1>"; @@ -740,13 +738,9 @@ class Handler_Public extends Handler { @$method = $_POST['method']; if (!$method) { - $secretkey = uniqid(); - $_SESSION["secretkey"] = $secretkey; - print_notice(__("You will need to provide valid account name and email. New password will be sent on your email address.")); print "<form method='POST' action='public.php'>"; - print "<input type='hidden' name='secretkey' value='$secretkey'>"; print "<input type='hidden' name='method' value='do'>"; print "<input type='hidden' name='op' value='forgotpass'>"; @@ -771,7 +765,6 @@ class Handler_Public extends Handler { print "</form>"; } else if ($method == 'do') { - $secretkey = $_POST["secretkey"]; $login = db_escape_string($this->link, $_POST["login"]); $email = db_escape_string($this->link, $_POST["email"]); $test = db_escape_string($this->link, $_POST["test"]); @@ -784,7 +777,7 @@ class Handler_Public extends Handler { <input type=\"submit\" value=\"".__("Go back")."\"> </form>"; - } else if ($_SESSION["secretkey"] == $secretkey) { + } else { $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login' AND email = '$email'"); @@ -796,7 +789,7 @@ class Handler_Public extends Handler { print "<p>"; - print_notice("Completed."); + print "<p>"."Completed."."</p>"; print "<form method=\"GET\" action=\"index.php\"> <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> @@ -811,14 +804,6 @@ class Handler_Public extends Handler { </form>"; } - - } else { - print_error(__("Form secret key incorrect. Please enable cookies and try again.")); - print "<form method=\"GET\" action=\"public.php\"> - <input type=\"hidden\" name=\"op\" value=\"forgotpass\"> - <input type=\"submit\" value=\"".__("Go back")."\"> - </form>"; - } } |