Index: branches/RC/core/units/users/users_event_handler.php
===================================================================
diff -u -r8929 -r9037
--- branches/RC/core/units/users/users_event_handler.php	(.../users_event_handler.php)	(revision 8929)
+++ branches/RC/core/units/users/users_event_handler.php	(.../users_event_handler.php)	(revision 9037)
@@ -859,8 +859,13 @@
 			if ($found && $allow_reset) {
 				$this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId"));
 				$this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email"));
-				$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
 
+				$confirm_template = $this->Application->GetVar('reset_confirm_template');
+				if (!$confirm_template) {
+					$this->Application->SetVar('reset_confirm_template', 'platform/login/forgotpass_reset');
+				}
+				$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField('PortalUserId'));
+
 				$event->redirect = $this->Application->GetVar('template_success');
 			}
 			else {
@@ -916,64 +921,61 @@
 
 		function OnResetPasswordConfirmed(&$event)
 		{
-		   	$passed_key = $this->Application->GetVar('user_key');
-
-	     	$user_object = &$this->Application->recallObject('u.forgot');
-
 	     	// used for error reporting only -> rewrite code + theme (by Alex)
 	     	$user_current_object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true));// TODO: change theme too
 			/* @var $user_current_object UsersItem */
 
-		    if (strlen(trim($passed_key)) == 0) {
-				$event->redirect_params = array('opener' => 's', 'pass' => 'all');
+			$passed_key = trim($this->Application->GetVar('user_key'));
+
+		    if (!$passed_key) {
+				$event->redirect_params = Array('opener' => 's', 'pass' => 'all');
 				$event->redirect = false;
 
 				$user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid');
 		    }
 
+		    $user_object =& $this->Application->recallObject('u.forgot', null, Array('skip_autoload' => true));
+			/* @var $user_object UsersItem */
 
-		    if($user_object->Load(array('PwResetConfirm'=>$passed_key)))
-		    {
+			$user_object->Load($passed_key, 'PwResetConfirm');
+
+		    if ($user_object->isLoaded()) {
 		    	$exp_time = $user_object->GetDBField('PwRequestTime') + 3600;
-		    	$user_object->SetDBField("PwResetConfirm", '');
-		      	$user_object->SetDBField("PwRequestTime", 0);
-		      	if ( $exp_time > adodb_mktime() )
-		      	{
-		      		//$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
+		    	$user_object->SetDBField('PwResetConfirm', '');
+		      	$user_object->SetDBField('PwRequestTime', 0);
+
+		      	if ($exp_time > adodb_mktime()) {
 			    	$newpw = makepassword4();
 
 			    	$this->Application->StoreVar('password', $newpw);
 
-			      	$user_object->SetDBField("Password",$newpw);
-			      	$user_object->SetDBField("PassResetTime", adodb_mktime());
-			      	$user_object->SetDBField("PwResetConfirm", '');
-			      	$user_object->SetDBField("PwRequestTime", 0);
+			      	$user_object->SetDBField('Password', $newpw);
+			      	$user_object->SetDBField('PassResetTime', adodb_mktime());
+			      	$user_object->SetDBField('PwResetConfirm', '');
+			      	$user_object->SetDBField('PwRequestTime', 0);
 			      	$user_object->Update();
 
 			      	$this->Application->SetVar('ForgottenPassword', $newpw);
 
-			     	$email_event_user 	= &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
-			     	$email_event_admin 	= &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
+			     	$email_event_user 	=& $this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
+			     	$email_event_admin 	=& $this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
 
 			     	$this->Application->DeleteVar('ForgottenPassword');
 
-			      	if ($email_event_user->status == erSUCCESS){
+			      	if ($email_event_user->status == erSUCCESS) {
 						$event->redirect_params = array('opener' => 's', 'pass' => 'all');
 						$event->redirect = $this->Application->GetVar('template_success');
 					}
 
-			        $user_object->SetDBField("Password",md5($newpw));
+			        $user_object->SetDBField('Password', md5($newpw));
 			        $user_object->Update();
-
 		      	} else {
 		      		$user_current_object->SetError('PwResetConfirm', 'code_expired', 'lu_code_expired');
 		      		$event->redirect = false;
-
 		      	}
 		    } else {
 		    	$user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid');
 		    	$event->redirect = false;
-
 		    }
 		}