Index: openacs-4/packages/acs-subsite/www/register/email-password-2.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/register/Attic/email-password-2.tcl,v
diff -u -r1.2 -r1.3
--- openacs-4/packages/acs-subsite/www/register/email-password-2.tcl	9 Sep 2001 14:02:45 -0000	1.2
+++ openacs-4/packages/acs-subsite/www/register/email-password-2.tcl	14 Apr 2002 04:34:36 -0000	1.3
@@ -4,9 +4,10 @@
 
     @author Hiro Iwashima <iwashima@mit.edu>
     @creation-date 15 Aug 2000
-    @cvs-id $ID$
+    @version $Id$
 } {
-    user_id:integer
+    user_id:integer,notnull
+    {validated_p 0}
     {answer ""}
     {first_names ""}
     {last_name ""}
@@ -22,77 +23,62 @@
 
 if {![ad_parameter EmailForgottenPasswordP security 1]} {
     ad_return_error "Feature disabled" "This feature is disabled on this server."
-    return    
+    return
 }
 
-if ![db_0or1row users_state_authorized_or_deleted "select 
-email from cc_users where user_id=:user_id
--- and user_state in ('authorized','deleted')"] {
+if {![db_0or1row select_email {}]} {
     db_release_unused_handles
-    ad_return_error "Couldn't find user $user_id" "Couldn't find user $user_id.  This is probably a bug in our code."
+    ad_return_error "Couldn't find user $user_id" "Couldn't find user $user_id. This is probably a bug in our code."
     return
 }
 
-# Use exists
-
-set ask_question_p 0
-if [exists_and_not_null answer] {
-    # There was a question
-    set value [db_string password_answer "select password_answer from users where user_id = :user_id"]
-    if {![string compare $value $answer]} {
-	set validated_p 1
+if {!$validated_p} {
+    set ask_question_p 0
+    if {[exists_and_not_null answer]} {
+        if {[db_string select_answer_matches_p {}} {
+            set validated_p 1
+        }
     } else {
-	set validated_p 0
-    }
+        if {[db_string select_names_match_p {} -default 0]} {
+            set validated_p 1
+        }
 
-} else {
-    # We check their first and last names
-    
-    db_0or1row first_last_name "select first_names db_first_names, last_name db_last_name from cc_users where user_id = $user_id"
-
-    if { [string compare $first_names $db_first_names] || [string compare $last_name $db_last_name] } {
-	set validated_p 0
-    } else {
-	set validated_p 1
+        if {[ad_parameter UseCustomQuestionForPasswordReset security 1]} {
+            set ask_question_p 1
+        }
     }
-    
-    if { [ad_parameter UseCustomQuestionForPasswordReset security 1] } {
-
-	set ask_question_p 1
-
-    }
-
 }
 
-if { $validated_p != 1 } {
+if {!$validated_p} {
     # Unauthorized Access
     ad_return_error "Unauthorized Access" "The validation didn't match what we had.  Either press back on the browser and retype it in, or <a href=\"/register\">go back to the login page</a>."
     return
 }
 
+set require_question_p [ad_parameter "RequireQuestionForPasswordResetP"]
 
-#generate a random password
+# generate a random password
 set password [ad_generate_random_string]
 ad_change_password $user_id $password
 
+set system_owner [ad_system_owner]
+set system_name [ad_system_name]
+
 # Send email
-if [catch { ns_sendmail $email [ad_system_owner] "Your forgotten password on [ad_system_name]" "Here's how you can log in at [ad_url]:
+if [catch {ns_sendmail $email $system_owner "Your forgotten password on $system_name" "Here's how you can log in at [ad_url]:
 
 Username:  $email
 Password:  $password
 
 "} errmsg] {
-    ad_return_error "Error sending mail" "Now we're really in trouble because we got an error trying to send you email: 
+    ad_return_error "Error sending mail" "Now we're really in trouble because we got an error trying to send you email:
 <blockquote>
-<pre>
-$errmsg
-</pre>
+  <pre>
+    $errmsg
+  </pre>
 </blockquote>
 "
     return
 }
 
-set system_owner [ad_system_owner]
-set system_name [ad_system_name]
-
 ad_return_template