"."Completed."."
"; } else { print_error("Some of the information provided is missing or incorrect."); } } else { print_error("Some of the information provided is missing or incorrect."); } } else { print_error("Some of the information provided is missing or incorrect."); } print "".__("Return to Tiny Tiny RSS").""; } else if (!$method) { print_notice(__("You will need to provide valid account name and email. Password reset link will be sent to your email address.")); print ""; } else if ($method == 'do') { $login = clean($_POST["login"]); $email = clean($_POST["email"]); $test = clean($_POST["test"]); if ($test != ($_SESSION["pwdreset:testvalue1"] + $_SESSION["pwdreset:testvalue2"]) || !$email || !$login) { print_error(__('Some of the required form parameters are missing or incorrect.')); print ""; } else { // prevent submitting this form multiple times $_SESSION["pwdreset:testvalue1"] = rand(1, 1000); $_SESSION["pwdreset:testvalue2"] = rand(1, 1000); $sth = $this->pdo->prepare("SELECT id FROM ttrss_users WHERE LOWER(login) = LOWER(?) AND email = ?"); $sth->execute([$login, $email]); if ($row = $sth->fetch()) { print_notice("Password reset instructions are being sent to your email address."); $id = $row["id"]; if ($id) { $resetpass_token = sha1(get_random_bytes(128)); $resetpass_link = get_self_url_prefix() . "/public.php?op=forgotpass&hash=" . $resetpass_token . "&login=" . urlencode($login); $tpl = new Templator(); $tpl->readTemplateFromFile("resetpass_link_template.txt"); $tpl->setVariable('LOGIN', $login); $tpl->setVariable('RESETPASS_LINK', $resetpass_link); $tpl->setVariable('TTRSS_HOST', Config::get(Config::SELF_URL_PATH)); $tpl->addBlock('message'); $message = ""; $tpl->generateOutputToString($message); $mailer = new Mailer(); $rc = $mailer->mail(["to_name" => $login, "to_address" => $email, "subject" => __("[tt-rss] Password reset request"), "message" => $message]); if (!$rc) print_error($mailer->error()); $resetpass_token_full = time() . ":" . $resetpass_token; $sth = $this->pdo->prepare("UPDATE ttrss_users SET resetpass_token = ? WHERE LOWER(login) = LOWER(?) AND email = ?"); $sth->execute([$resetpass_token_full, $login, $email]); } else { print_error("User ID not found."); } print "".__("Return to Tiny Tiny RSS").""; } else { print_error(__("Sorry, login and email combination not found.")); print ""; } } } print "