public function resetPass($key, $password, $repeatpassword, $captcha = NULL)
{
$return['error'] = true;
$block_status = $this->isBlocked();
if ($block_status == "verify") {
if ($this->checkCaptcha($captcha) == false) {
$return['message'] = $this->lang["user_verify_failed"];
return $return;
}
}
if ($block_status == "block") {
$return['message'] = $this->lang["user_blocked"];
return $return;
}
if (strlen($key) != 20) {
$return['message'] = $this->lang["resetkey_invalid"];
return $return;
}
$validatePassword = $this->validatePassword($password);
if ($validatePassword['error'] == 1) {
$return['message'] = $validatePassword['message'];
return $return;
}
if ($password !== $repeatpassword) {
// Passwords don't match
$return['message'] = $this->lang["newpassword_nomatch"];
return $return;
}
$data = $this->getRequest($key, "reset");
if ($data['error'] == 1) {
$return['message'] = $data['message'];
return $return;
}
$user = $this->getBaseUser($data['uid']);
if (!$user) {
$this->addAttempt();
$this->deleteRequest($data['id']);
$return['message'] = $this->lang["system_error"] . " #11";
return $return;
}
if (password_verify($password, $user['password'])) {
$this->addAttempt();
$return['message'] = $this->lang["newpassword_match"];
return $return;
}
$password = $this->getHash($password);
$query = $this->dbh->prepare("UPDATE {$this->config->table_users} SET password = ? WHERE id = ?");
$query->execute(array($password, $data['uid']));
if ($query->rowCount() == 0) {
$return['message'] = $this->lang["system_error"] . " #12";
return $return;
}
$this->deleteRequest($data['id']);
$return['error'] = false;
$return['message'] = $this->lang["password_reset"];
return $return;
}