id() != $rec->user_id()) throw new recovery_not_found(); $rec->reset($p1); login($u->id()); header("Location: index.html"); exit; exit; } catch(recovery_not_found $e) { $err = reset_error_not_found; } catch(bad_parameters $e) { $err = reset_error_bad; } catch(different_passwords $e) { $err = reset_error_mismatch; } catch(bad_password $e) { $err = reset_error_bad_password; } if ($err != reset_no_error) { header("Location: reset.html?e=$err&h=$uuid"); exit; } } else if (isset($_GET["e"])) { switch ((int)$_GET["e"]) { case reset_error_bad: $error = "bad error"; break; case reset_error_mismatch: $error = "password mismatch"; break; case reset_error_not_found: $error = "invalid password reset request"; break; case reset_error_bad_password: $error = "bad password"; break; case reset_no_error: // fall-through default: break; } } if (isset($_GET["h"])) { $uuid = safe_get("h"); $rec = get_recovery($uuid); if ($rec === null) $error = "invalid password reset request"; } else { $error = "bad parameters"; } output_head("", loc("reset_title")); ?>

"; if ($rec) output_reset_password($rec); output_footer(); ?>