<?php

function reset_password(){
    $email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
    $user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
    $key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);

    $target_id = WebUsers::getId($user);
    $webUser = new WebUsers($target_id);

    if( (WebUsers::getIdFromEmail($email) == $target_id) && (hash('sha512',$webUser->getHashedPass()) == $key) ){
        //you are allowed on the page!

        $GETString = "";
	foreach($_GET as $key => $value){
		$GETString = $GETString . $key . '=' . $value . "&";
	}
	if($GETString != ""){
		$GETString = '?'.$GETString;
	}
	$pageElements['getstring'] = $GETString;

        return $pageElements;

    }else{
        global $WEBPATH;
        $_SESSION['error_code'] = "403";
                header("Cache-Control: max-age=1");
        header("Location: ".$WEBPATH."?page=error");
        throw new SystemExit();
    }
}