window.top.location='".$modules["base_url"]."';"; } $id = $_REQUEST["id"]; $step = 1; if ($id) { $step = 3; //check if the token is still legal $sql = "SELECT * FROM `member` WHERE token='".($id)."'"; $result = $db->execute($sql); $userdetails = $result->getRow(); if (!isset($userdetails["id"])) { $step = 5; } } $errormessage = ""; if (isset($_POST["formsubmitted"])) { if ($step==1) { $email = isset($_POST["email"]) ? trim(strip_tags($_POST["email"])) : ""; if ($email) { $step = 2; $sql = "SELECT * FROM `member` WHERE email='".($email)."';"; $result = $db->execute($sql); $userdetails = $result->getRow(); if (isset($userdetails["id"])) { if ($userdetails["email"]) { sendForgotEmail($userdetails["id"]); } } } else { $errormessage = 'Vul alstublieft uw e-mailadres in in het veld "E-mailadres"'; } } if ($step==3) { $passwd = isset($_POST["passwd"]) ? trim(strip_tags($_POST["passwd"])) : ""; $passwd2 = isset($_POST["passwd2"]) ? trim(strip_tags($_POST["passwd2"])) : ""; if (!$passwd || $passwd!=$passwd2) $errormessage = 'De velden "Nieuwe wachtwoord" en "Bevestig nieuw wachtwoord" komen niet overeen, probeer het alstublieft nogmaals!'; if (!$errormessage) { $sql = "UPDATE `member` SET passwd='".$passwd."', token='' WHERE token='".($id)."';"; $db->execute($sql); $step = 4; } } } ?>