diff --git a/admin/password.php b/admin/password.php
new file mode 100644
index 00000000..79b745be
--- /dev/null
+++ b/admin/password.php
@@ -0,0 +1,361 @@
+is_valid)
+ {
+ //$_SESSION['img_a_verified']=true;
+ }
+ else
+ {
+ $hesk_error_buffer['mysecnum']=$hesklang['recaptcha_error'];
+ }
+ }
+ // Using ReCaptcha API v2?
+ elseif ($hesk_settings['recaptcha_use'] == 2)
+ {
+ require(HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php');
+
+ $resp = null;
+ $reCaptcha = new ReCaptcha($hesk_settings['recaptcha_private_key']);
+
+ // Was there a reCAPTCHA response?
+ if ( isset($_POST["g-recaptcha-response"]) )
+ {
+ $resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response") );
+ }
+
+ if ($resp != null && $resp->success)
+ {
+ //$_SESSION['img_a_verified']=true;
+ }
+ else
+ {
+ $hesk_error_buffer['mysecnum']=$hesklang['recaptcha_error'];
+ }
+ }
+ // Using PHP generated image
+ else
+ {
+ $mysecnum = intval( hesk_POST('mysecnum', 0) );
+
+ if ( empty($mysecnum) )
+ {
+ $hesk_error_buffer['mysecnum'] = $hesklang['sec_miss'];
+ }
+ else
+ {
+ require(HESK_PATH . 'inc/secimg.inc.php');
+ $sc = new PJ_SecurityImage($hesk_settings['secimg_sum']);
+ if ( isset($_SESSION['checksum']) && $sc->checkCode($mysecnum, $_SESSION['checksum']) )
+ {
+ //$_SESSION['img_a_verified'] = true;
+ }
+ else
+ {
+ $hesk_error_buffer['mysecnum'] = $hesklang['sec_wrng'];
+ }
+ }
+ }
+ }
+
+ // Connect to database and check for brute force attempts
+ hesk_load_database_functions();
+ hesk_dbConnect();
+ hesk_limitBfAttempts();
+
+ // Get email
+ $email = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email'];
+
+ // Any errors?
+ if (count($hesk_error_buffer)!=0)
+ {
+ $_SESSION['a_iserror'] = array_keys($hesk_error_buffer);
+
+ $tmp = '';
+ foreach ($hesk_error_buffer as $error)
+ {
+ $tmp .= "
$error\n";
+ }
+ $hesk_error_buffer = $tmp;
+
+ $hesk_error_buffer = $hesklang['pcer'].'
';
+ hesk_process_messages($hesk_error_buffer,'NOREDIRECT');
+ }
+ else
+ {
+ // Get user data from the database
+ $res = hesk_dbQuery("SELECT `id`, `name`, `pass` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `email` LIKE '".hesk_dbEscape($email)."' LIMIT 1");
+ if (hesk_dbNumRows($res) != 1)
+ {
+ hesk_process_messages($hesklang['noace'],'NOREDIRECT');
+ }
+ else
+ {
+ $row = hesk_dbFetchAssoc($res);
+ $hash = sha1(microtime() . $_SERVER['REMOTE_ADDR'] . mt_rand() . $row['id'] . $row['name'] . $row['pass']);
+
+ // Insert the verification hash into the database
+ hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` (`user`, `hash`, `ip`) VALUES (".intval($row['id']).", '{$hash}', '".hesk_dbEscape($_SERVER['REMOTE_ADDR'])."') ");
+
+ // Prepare and send email
+ require(HESK_PATH . 'inc/email_functions.inc.php');
+
+ // Get the email message
+ $msg = hesk_getEmailMessage('reset_password',array(),1,0,1);
+
+ // Replace message special tags
+ $msg = str_replace('%%NAME%%', hesk_msgToPlain($row['name'],1,1), $msg);
+ $msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg);
+ $msg = str_replace('%%SITE_TITLE%%', $hesk_settings['site_title'], $msg);
+ $msg = str_replace('%%PASSWORD_RESET%%', $hesk_settings['hesk_url'].'/'.$hesk_settings['admin_dir'].'/password.php?h='.$hash, $msg);
+
+ // Send email
+ hesk_mail($email, $hesklang['reset_password'], $msg);
+
+ // Show success
+ hesk_process_messages($hesklang['pemls'],'NOREDIRECT','SUCCESS');
+ }
+ }
+}
+// If the "h" parameter is set verify it and reset the password
+elseif ( isset($_GET['h']) )
+{
+ // Get the hash
+ $hash = preg_replace('/[^a-zA-Z0-9]/', '', $_GET['h']);
+
+ // Connect to database
+ hesk_load_database_functions();
+ hesk_dbConnect();
+
+ // Expire verification hashes older than 2 hours
+ hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `dt` < (NOW() - INTERVAL 2 HOUR)");
+
+ // Verify the hash exists
+ $res = hesk_dbQuery("SELECT `user`, `ip` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `hash` = '{$hash}' LIMIT 1");
+ if (hesk_dbNumRows($res) != 1)
+ {
+ // Not a valid hash
+ hesk_limitBfAttempts();
+ hesk_process_messages($hesklang['ehash'],'NOREDIRECT');
+ }
+ else
+ {
+ // Get info from database
+ $row = hesk_dbFetchAssoc($res);
+
+ // Only allow resetting password from the same IP address that submitted password reset request
+ if ($row['ip'] != $_SERVER['REMOTE_ADDR'])
+ {
+ hesk_limitBfAttempts();
+ hesk_process_messages($hesklang['ehaip'],'NOREDIRECT');
+ }
+ else
+ {
+ // Expire all verification hashes for this user
+ hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `user`=".intval($row['user']));
+
+ // Get user details
+ $res = hesk_dbQuery('SELECT * FROM `'.$hesk_settings['db_pfix']."users` WHERE `id`=".intval($row['user'])." LIMIT 1");
+ $row = hesk_dbFetchAssoc($res);
+ foreach ($row as $k=>$v)
+ {
+ $_SESSION[$k]=$v;
+ }
+ unset($_SESSION['pass']);
+
+ // Clean brute force attempts
+ hesk_cleanBfAttempts();
+
+ // Regenerate session ID (security)
+ hesk_session_regenerate_id();
+
+ // Get allowed categories
+ if (empty($_SESSION['isadmin']))
+ {
+ $_SESSION['categories']=explode(',',$_SESSION['categories']);
+ }
+
+ // Redirect to the profile page
+ hesk_process_messages($hesklang['resim'],'profile.php','NOTICE');
+ exit();
+
+ } // End IP matches
+ }
+}
+
+// Tell header to load reCaptcha API if needed
+if ($hesk_settings['recaptcha_use'] == 2)
+{
+ define('RECAPTCHA',1);
+}
+
+$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' .$hesklang['passr'];
+require_once(HESK_PATH . 'inc/header.inc.php');
+?>
+
+
+
+
+
+
+
+
+