getPasswordRecoveryCode($tUsername); if ($token !== false) { $table = table_by_key($context === 'users' ? 'mailbox' : 'admin'); $result = db_query("SELECT * FROM $table WHERE username='$tUsername'"); $row = db_assoc($result['result']); $email_other = trim($row['email_other']); $phone = trim($row['phone']); if ($email_other) { sendCodeByEmail($email_other, $tUsername, $token); } if ($phone) { sendCodeBySMS($phone, $tUsername, $token); } if ($email_other || $phone) { header("Location: password-change.php?username=" . $tUsername); exit(0); } } // throttle password reset requests to prevent brute force attack $elapsed_time = microtime(true) - $start_time; if ($elapsed_time < 2 * pow(10, 6)) { usleep(2 * pow(10, 6) - $elapsed_time); } flash_info(Config::Lang('pPassword_recovery_processed')); } $smarty->assign('language_selector', language_selector(), false); $smarty->assign('smarty_template', 'password-recover'); $smarty->display('index.tpl'); /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */