Update password_reminder.php

This is to prevent the logic vulnerability, pretty serious bug tbh. The $_SESSION array gets re-written between setting and checking and so your logic fails and an attacker can update anyones password...

Author: stevenseeley

password_reminder.php

@@ -96,7 +96,6 @@
 
 		if ($_REQUEST['h'] != $hash_bit) {
 			$msg->addError('INVALID_LINK');
-			$savant->display('password_reminder_feedback.tmpl.php'); 
 		} else if (($_REQUEST['h'] == $hash_bit) && !isset($_POST['form_change'])) {
 			$savant->assign('id', $_REQUEST['id']);
 			$savant->assign('g', $_REQUEST['g']);
@@ -178,4 +177,4 @@
 }
 
 
-?>
+?>