diff --git a/Source/assets/html/restore.twig b/Source/assets/html/restore.twig
new file mode 100644
index 0000000..0ee753c
--- /dev/null
+++ b/Source/assets/html/restore.twig
@@ -0,0 +1,35 @@
+{% extends app.fronthtml~"/base.twig" %}
+
+{% block content %}
+
+{% endblock %}
+{% block js %}
+
+{% endblock %}
\ No newline at end of file
diff --git a/Source/src/app.php b/Source/src/app.php
index 1d92541..cec3ba8 100644
--- a/Source/src/app.php
+++ b/Source/src/app.php
@@ -415,14 +415,26 @@ $app->get('/add', function(Request $request) use($app){
})->bind('add')->method('GET|POST');
+$app->get('/restore', function(Request $request) use($app){
+
+ if($request->getMethod()=="POST"){
+ return $app['data']->createRestoreToken($request->get('emailre'));
+ }
+ $page = array("title"=>"Restore your password",
+ "description"=>"None",
+ "page" =>"None");
+ return $app['twig']->render($app['fronthtml']."/restore.twig",array("page" => $page));
+
+})->bind('restore')->method('GET|POST');
+
$app->get('/restore/{nick}/{token}-{timestamp}', function(Request $request, $nick, $token, $timestamp) use($app){
$time = 3600; //An hour
$now = time();
if($now - $timestamp > $time){
- $app->abort(401);
+ $app->abort(408);
}else{
if(!$app['data']->checkRestoreToken($nick,$token,$timestamp))
- $app->abort(408);
+ $app->abort(401);
if($request->getMethod()=='POST'){
$pass = $request->get('pwdre');
$passre = $request->get('pwdre-re');
@@ -430,12 +442,13 @@ $app->get('/restore/{nick}/{token}-{timestamp}', function(Request $request, $nic
return "NO_MATCH";
}
else{
- $idu = $app['daata']->loadIDU($request->get('emailre'));
+ $idu = $app['data']->loadIDU($request->get('emailre'));
$iduC = $app['data']->loadIDU($nick,'nick');
if($idu != $iduC)
return "BAD_EMAIL";
$app['data']->updatePass($idu,$pass);
}
+ $app['data']->setToken($idu,"");
return "UPDATE";
}else{
$page = array(