test: password recovery
diff --git a/README.md b/README.md
index 61a0ffa..0a22c4e 100644
--- a/README.md
+++ b/README.md
@@ -52,7 +52,7 @@
       fastcgi_pass unix:/run/php/php7.4-fpm.sock;                      
       include fastcgi_params;                                          
    }                                                                    
-   location ~ ^/signup/static/.*(\.html|\.css|\.js)$ {                  
+   location ~ ^/signup/static/.+$ {                  
       root /var/www/html/;                                             
       try_files $uri =404;                                             
    }                                                                               
@@ -125,6 +125,9 @@
 application, like validation errors on the frontend. Pay attention to the
 template notation with double braces: `{{num}}`.
 
+You can edit `email.php` to change the mail template messages that are sent for
+each language.
+
 
 ### Field Validation
 
diff --git a/config.php.example b/config.php.example
index 46c2536..d2a1f9f 100755
--- a/config.php.example
+++ b/config.php.example
@@ -65,6 +65,8 @@
 // CONFIRMATION EMAIL TEMPLATE
 // text is the version for mail clients that don't support html
 // html is the version with html support
+// You can create templaets for different languages under
+// templates_cc/email.php
 $MAIL_TEMPLATE = (object)[
         "subject" => "Confirm your email", 
         "text" => "To complete your registration please paste this to your browser: {{url}}",
diff --git a/index.php b/index.php
index 9b9b31a..6f8f6c4 100755
--- a/index.php
+++ b/index.php
@@ -11,12 +11,12 @@
 use Gregwar\Captcha\PhraseBuilder;
 
 $URI = array_slice(explode("/", explode('?', $_SERVER['REQUEST_URI'], 2)[0]), -1)[0];
-if (strlen($URI) == 2){
+if (strlen($URI) == 2) {
     $GLOBALS["cc"] = $URI;
     $_SESSION["cc"] = $URI;
 }
 
-if (isset($_GET["lang"])){
+if (isset($_GET["lang"])) {
     $GLOBALS["cc"] = $_GET["lang"];
     $_SESSION["cc"] = $_GET["lang"];
 }
@@ -24,21 +24,48 @@
 $TEMPLATE = template_path();
 
 
-
-function register_page($error=false){
-    $TEMPLATE = template_path();
+function send_confirmation_email(string $mail, object $smtp, string $url)
+{
     include 'config.php';
-    if ($error)
-        include $TEMPLATE.'error.htm';
-    $_SESSION["captcha_token"] = generateRandomString(12);
-    include $TEMPLATE."register.htm";
+    include 'utils.php';
+    include "mail.php";
+    $TEMPLATE = template_path();
+    include $TEMPLATE . "emails.php";
+
+    send_mail($mail, $smtp, (object) [
+        "subject" => $MAIL_TEMPLATE->subject,
+        "text"    => str_replace("{{url}}", $url, $MAIL_TEMPLATE->text),
+        "html"    => str_replace("{{url}}", $url, $MAIL_TEMPLATE->html)
+    ]);
+}
+
+function send_recovery_email(string $mail, object $smtp, string $url)
+{
+    include 'config.php';
+    include 'utils.php';
+    include "mail.php";
+    $TEMPLATE = template_path();
+    include $TEMPLATE . "emails.php";
+
+    send_mail($mail, $smtp, (object) [
+        "subject" => $RECOVERY_EMAIL_TEMPLATE->subject,
+        "text"    => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->text),
+        "html"    => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->html)
+    ]);
+}
+
+function reload_captcha_script()
+{
+    include 'config.php';
+    $TEMPLATE = template_path();
+    include $TEMPLATE . "strings.php";
     echo '
     <script>
         const reload_captcha = async (e) => {
             var cont = document.getElementById("reload_captcha");
-            cont.innerHTML = "<div class=\'spinner-border text-info\' role=\'status\'><span class=\'sr-only\'>'.$STRINGS->reloading_captcha.'</span></div>";
+            cont.innerHTML = "<div class=\'spinner-border text-info\' role=\'status\'><span class=\'sr-only\'>' . $STRINGS->reloading_captcha . '</span></div>";
             var img = document.getElementById("captcha")
-            var url =  "'.$BASE_URL.'/captcha.php?token='.$_SESSION["captcha_token"].'"
+            var url =  "' . $BASE_URL . '/captcha.php?token=' . $_SESSION["captcha_token"] . '"
             await fetch(url, { cache: "reload", mode: "no-cors" })
              .then(() => {
                 img.src = url+"&t=" + new Date().getTime();
@@ -57,12 +84,24 @@
     ';
 }
 
+function register_page($error = false)
+{
+    $TEMPLATE = template_path();
+    include 'config.php';
+    if ($error)
+        include $TEMPLATE . 'error.htm';
+    $_SESSION["captcha_token"] = generateRandomString(12);
+    include $TEMPLATE . "register.htm";
+    reload_captcha_script();
+}
 
-function verify_request($user){
+
+function verify_request($user)
+{
     $TEMPLATE = template_path();
     unset($_SESSION['captcha_token']);
     include 'validators.php';
-    include $TEMPLATE.'strings.php';
+    include $TEMPLATE . 'strings.php';
     $password = $_POST["password"];
     $error = "";
 
@@ -74,56 +113,52 @@
 
 
     if (!(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) {
-        $error = $error."Wrong captcha!<br>";
+        $error = $error . $STRINGS->wrong_captcha;
     }
     unset($_SESSION["captcha"]);
-    
+
     return $error;
 }
 
-function approve_request($user){
+function approve_request($user)
+{
     include "mail.php";
     $token = generateRandomString();
     redis_set($token, $user, $MAIL_CONFIRMATION_AWAIT_DELAY);
     $pending = redis_get("pending");
-    if ($pending){
+    if ($pending) {
         $maillist = $pending->mails;
         array_push($maillist, $user->email);
-    }
-    else
+    } else
         $maillist = [$user->email];
-    redis_set("pending", (object)["mails"=>$maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
+    redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
 
-    $url = $BASE_URL."?type=confirmation&token=".$token;
+    $url = $BASE_URL . "?type=confirmation&token=" . $token;
     if (in_array(explode("@", $user->email)[1], $MAIL_HOST_DIRECT_FALLBACK))
         $smtp = $FALLBACK_SMTP;
     else
         $smtp = $SMTP;
-    send_mail($user->email, $smtp, (object) [
-        "subject" => $MAIL_TEMPLATE->subject, 
-        "text" => str_replace("{{url}}", $url, $MAIL_TEMPLATE->text),
-        "html" => str_replace("{{url}}", $url, $MAIL_TEMPLATE->html)
-    ]);
+    send_confirmation_email($user->email, $smtp, $url);
     $_SESSION['resend'] = generateRandomString(12);
     $_SESSION['token'] = $token;
     $_SESSION['email'] = $user->email;
     $TEMPLATE = template_path();
-    include $TEMPLATE."confirm_your_email.htm";
+    include $TEMPLATE . "confirm_your_email.htm";
 }
 
 
 // PAGE
-include $TEMPLATE."header.htm";
+include $TEMPLATE . "header.htm";
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
     include 'ldap.php';
     if (isset($_POST['type'])) {
         switch ($_POST['type']) {
             case "register":
-                $user = new User($_POST["username"], $_POST["name"], $_POST["last_name"], $_POST["email"], $_POST["password"]); 
-                if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS){
-                    include $TEMPLATE."registration_limit.htm";
-                }else{
+                $user = new User($_POST["username"], $_POST["name"], $_POST["last_name"], $_POST["email"], $_POST["password"]);
+                if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) {
+                    include $TEMPLATE . "registration_limit.htm";
+                } else {
                     $error = verify_request($user);
                     if ($error)
                         register_page($error);
@@ -132,72 +167,158 @@
                 }
                 break;
             case "recover":
+                $TEMPLATE = template_path();
+                unset($_SESSION['captcha_token']);
+                include $TEMPLATE . 'strings.php';
+
+                $email = $_POST["email"];
+                if (!ldap_mail_count($email)) {
+                    $error = $error . $STRINGS->recover_email_not_registered;
+                }
+
+                if (!(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) {
+                    $error = $error . $STRINGS->wrong_captcha;
+                }
+
+                unset($_SESSION["captcha"]);
+                if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) {
+                    include $TEMPLATE . "registration_limit.htm";
+                } else {
+                    if ($error) {
+                        include $TEMPLATE . 'error.htm';
+                        include $TEMPLATE . "register.htm";
+                        reload_captcha_script();
+                    } else {
+                        include $TEMPLATE . 'strings.php';
+                        $token = generateRandomString();
+                        redis_set($token, $email, $MAIL_CONFIRMATION_AWAIT_DELAY);
+
+                        $url = $BASE_URL . "?type=password_change&token=" . $token;
+                        if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK))
+                            $smtp = $FALLBACK_SMTP;
+                        else
+                            $smtp = $SMTP;
+                        send_confirmation_email($user->email, $smtp, $url);
+                        $_SESSION['resend']  = generateRandomString(12);
+                        $_SESSION['token']   = $token;
+                        $_SESSION['email']   = $email;
+                        $_SESSION['recover'] = $email;
+                        $TEMPLATE = template_path();
+                        include $TEMPLATE . "confirm_your_email.htm";
+                        send_recovery_email($email, $smtp, $url);
+                    }
+                }
                 break;
-        }
+
+            case "password_change":
+                include 'validators.php';
+                include 'ldap.php';
+                $TEMPLATE = template_path();
+                include $TEMPLATE . "register.htm";
+                $password = $_POST['password'];
+                $error = validate_password($password);
+                if ($error) {
+                    include $TEMPLATE . 'error.htm';
+                    include $TEMPLATE . "recover_new_password_form.htm";
+                }else {
+                    include $TEMPLATE . "recover_success.htm";
+                    include $TEMPLATE . "email.php";
+                    include 'mail.php';
+                    $email = $_SESSION["email_change"];
+                    if (change_password($email, $password)) {
+                        if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK))
+                            $smtp = $FALLBACK_SMTP;
+                        else
+                            $smtp = $SMTP;
+                        send_mail($email, $smtp, $PASSWORD_CHANGED_EMAIL_TEMPLATE);
+                        unset($_SESSION["email_change"]);
+                    }
+                    else {
+                        include $TEMPLATE . "strings.php";
+                        echo $STRINGS->change_password_ldap_error;
+                    }
+                }
+                break;
     }
 } elseif (isset($_GET['type'])) {
     switch ($_GET['type']) {
         case "confirmation":
-            if (!isset($_GET["token"])){
+            if (!isset($_GET["token"])) {
                 echo $RUNTIME_ERROR->user_trying_invalid_get;
-            }else{
+            } else {
                 include "ldap.php";
                 $token = $_GET["token"];
                 $user = redis_get($token);
-                if ($user){
-                    if (ldap_add_user($user)){
+                if ($user && gettype($user) == "object") {
+                    if (ldap_add_user($user)) {
                         if ($REDIRECT_TO)
-                            header( "refresh:5;url=".$REDIRECT_TO);
+                            header("refresh:5;url=" . $REDIRECT_TO);
 
                         $pending = redis_get("pending");
-                        if ($pending){
+                        if ($pending) {
                             $maillist = $pending->mails;
-                            if (in_array($user->email, $maillist)){
+                            if (in_array($user->email, $maillist)) {
                                 unset($maillist[array_search($user->email, $maillist)]);
-                                redis_set("pending", (object)["mails"=>$maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
+                                redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
                             }
                         }
                         redis_inc_ipdata(getClientIP(), "register");
                         echo $STRINGS->email_confirmation;
-                        include $TEMPLATE."mail_confirmed.htm";
-                    }else{
+                        include $TEMPLATE . "mail_confirmed.htm";
+                    } else {
                         echo $STRINGS->email_confirmation;
-                        include $TEMPLATE."registration_error.htm";
+                        include $TEMPLATE . "registration_error.htm";
                     }
                     redis_delete($token);
-                }else{
-                    include $TEMPLATE."token_expired.htm";
+                } else {
+                    include $TEMPLATE . "token_expired.htm";
                 }
             }
             break;
         case "resend":
-            if (isset($_GET['token']) && isset($_SESSION['resend']) && $_GET['token'] == $_SESSION['resend']){
-                include "mail.php";
-                include $TEMPLATE."resend_mail.htm";
+            if (isset($_GET['token']) && isset($_SESSION['resend']) && $_GET['token'] == $_SESSION['resend']) {
+                include $TEMPLATE . "resend_mail.htm";
                 $token = $_SESSION['token'];
-                $url = $BASE_URL."?type=confirmation&token=".$token;
+                $url = $BASE_URL . "?type=confirmation&token=" . $token;
                 $smtp = $FALLBACK_SMTP;
-                $mail = $_SESSION["email"];
-                send_mail($mail, $smtp, (object) [
-                    "subject" => $MAIL_TEMPLATE->subject, 
-                    "text" => str_replace("{{url}}", $url, $MAIL_TEMPLATE->text),
-                    "html" => str_replace("{{url}}", $url, $MAIL_TEMPLATE->html)
-                ]);
+                $address = $_SESSION["email"];
+                if (isset($_SESSION['recover'])){
+                    $url = $BASE_URL . "?type=password_change&token=" . $token;
+                    send_recovery_email($address, $smtp, $url);
+                    unset($_SESSION['recover']);
+                }
+                else
+                    send_confirmation_email($address, $smtp, $url);
                 unset($_SESSION['resend']);
                 unset($_SESSION['token']);
                 unset($_SESSION['email']);
             }
             break;
+
         case "recover":
+            $TEMPLATE = template_path();
+            include $TEMPLATE . "register.htm";
+            include 'config.php';
+            $_SESSION["captcha_token"] = generateRandomString(12);
+            reload_captcha_script();
             break;
-        case "confirm_recover":
+
+        case "password_change":
+            $TEMPLATE = template_path();
+            include $TEMPLATE . "register.htm";
+            $token = $_GET["token"];
+            $email = redis_get($token);
+            $_SESSION["email_change"] = $email;
+            if ($email && gettype($email) == "string"){
+                include $TEMPLATE . "recover_new_password_form.htm";
+            } else {
+                include $TEMPLATE . "token_expired.htm";
+            }
             break;
     }
-
-
 } else {
     unset($_SESSION['captcha_token']);
     register_page();
 }
 
-include $TEMPLATE."bottom.htm";
+include $TEMPLATE . "bottom.htm";
diff --git a/ldap.php b/ldap.php
index 267a78c..1633eb9 100755
--- a/ldap.php
+++ b/ldap.php
@@ -1,59 +1,64 @@
 <?php
 
-function debug($msg) {
+function debug($msg)
+{
         include 'config.php';
         if ($DEBUG)
-                echo $msg."\n";
+                echo $msg . "\n";
 }
-function generateSalt($length=10) {
-  $chars="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
+function generateSalt($length = 10)
+{
+        $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
 
-  $string="";
-  for($i=0;$i<$length;$i++) {
-    $string.=substr($chars,rand(0,strlen($chars)-1),1);
-  }
+        $string = "";
+        for ($i = 0; $i < $length; $i++) {
+                $string .= substr($chars, rand(0, strlen($chars) - 1), 1);
+        }
 
-  return $string;
+        return $string;
 }
 
-class User {
-        function __construct(string $user_name, string $first_name, string $last_name, string $email, string $password){
+class User
+{
+        function __construct(string $user_name, string $first_name, string $last_name, string $email, string $password)
+        {
                 $this->user_name = $user_name;
                 $this->name = $first_name;
                 $this->first_name = $first_name;
                 $this->last_name = $last_name;
                 $this->email = $email;
-                $this->user_hash = "{crypt}" . crypt($password,'$6$'.generateSalt(10).'$');
+                $this->user_hash = "{crypt}" . crypt($password, '$6$' . generateSalt(10) . '$');
                 $this->password = $this->user_hash;
         }
 }
 
-function ldap_search_query($query, $filter="cn"){
+function ldap_search_query($query, $filter = "cn")
+{
         include 'config.php';
         $ldap_host = $HOST;
         $ldap_port = $PORT;
         $ldaptree = explode("{},", $BASE_DN)[1];
 
-        $ldap_user = "cn=".$USER.",".join(",", array_slice(explode(",", $ldaptree), 1));
+        $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1));
         $ldap_pass = $PASSWORD;
 
         //First: Connect to  LDAP Server
-        $connect = ldap_connect( $ldap_host, $ldap_port)
-         or debug(">>Could not connect to LDAP server to add user<<");
+        $connect = ldap_connect($ldap_host, $ldap_port)
+                or debug(">>Could not connect to LDAP server to add user<<");
         ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
         ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
 
         //Login to LDAP
         ldap_bind($connect, $ldap_user, $ldap_pass)
-           or debug(">>Could not bind to $ldap_host to add user<<");
+                or debug(">>Could not bind to $ldap_host to add user<<");
 
-        
-        $result = ldap_search($connect,$ldaptree, "(".$filter."=".$query.")") or die ("Error in search query: ".ldap_error($connect));
+
+        $result = ldap_search($connect, $ldaptree, "(" . $filter . "=" . $query . ")") or die("Error in search query: " . ldap_error($connect));
         $data = ldap_get_entries($connect, $result);
         return $data;
 }
 
-function ldap_add_user ($user)
+function ldap_add_user($user)
 {
         include 'config.php';
         $ldap_host = $HOST;
@@ -62,15 +67,15 @@
         $ldaptree = explode("{},", $BASE_DN)[1];
 
 
-        $info["givenName"]=$user->first_name;
-        $info["sn"]=$user->last_name;
-        $info["uid"]=$user->user_name;
+        $info["givenName"] = $user->first_name;
+        $info["sn"] = $user->last_name;
+        $info["uid"] = $user->user_name;
         #$info["homeDirectory"]="/home/";
-        $info["mail"]=$user->email;
-        $info["displayName"]= $user->first_name." ".$user->last_name;
+        $info["mail"] = $user->email;
+        $info["displayName"] = $user->first_name . " " . $user->last_name;
         #$info["departmentNumber"]=$user->id;
-        $info["cn"] =$user->user_name;
-        $info["userPassword"]=$user->user_hash;
+        $info["cn"] = $user->user_name;
+        $info["userPassword"] = $user->user_hash;
         $info["objectclass"][0] = "top";
         $info["objectclass"][1] = "person";
         $info["objectclass"][2] = "inetOrgPerson";
@@ -78,35 +83,72 @@
 
 
 
-        $ldap_user = "cn=".$USER.",".join(",", array_slice(explode(",", $ldaptree), 1));
+        $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1));
         $ldap_pass = $PASSWORD;
 
         //First: Connect to  LDAP Server
-        $connect = ldap_connect( $ldap_host, $ldap_port)
-         or debug(">>Could not connect to LDAP server to add user<<");
+        $connect = ldap_connect($ldap_host, $ldap_port)
+                or debug(">>Could not connect to LDAP server to add user<<");
         ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
         ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
 
         //Login to LDAP
         ldap_bind($connect, $ldap_user, $ldap_pass)
-           or debug(">>Could not bind to $ldap_host to add user<<");
+                or debug(">>Could not bind to $ldap_host to add user<<");
 
         // Adding new user
 
-    $add = ldap_add($connect, $base_dn, $info)
-      or debug(">>Not able to load user <<");
+        $add = ldap_add($connect, $base_dn, $info)
+                or debug(">>Not able to load user <<");
 
         // Close connection
-       ldap_close($connect);
+        ldap_close($connect);
 
-   // Return value of operation
+        // Return value of operation
 
         return $add;
 }
-function ldap_user_count($user){
+function ldap_user_count($user)
+{
         return ldap_search_query($user)["count"];
 }
-function ldap_mail_count($email){
+function ldap_mail_count($email)
+{
         return ldap_search_query($email, "mail")["count"];
 }
-?>
+
+function change_password($email, $new_password)
+{
+        include 'config.php';
+        $ldap_host = $HOST;
+        $ldap_port = $PORT;
+        $ldaptree = explode("{},", $BASE_DN)[1];
+
+        $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1));
+        $ldap_pass = $PASSWORD;
+
+        //First: Connect to  LDAP Server
+        $connect = ldap_connect($ldap_host, $ldap_port)
+                or debug(">>Could not connect to LDAP server to add user<<");
+        ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
+        ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
+
+        //Login to LDAP
+        ldap_bind($connect, $ldap_user, $ldap_pass)
+                or debug(">>Could not bind to $ldap_host to add user<<");
+
+
+        $result = ldap_search($connect, $ldaptree, "(mail=" . $email . ")") or die("Error in search query: " . ldap_error($connect));
+        $data = ldap_get_entries($connect, $result);
+        if (!$data['count'] || !isset($data[0]["dn"]) || empty($data[0]["dn"])) {
+                return false;
+        }
+        $dn = $data[0]["dn"];
+
+        $newEntry = ['userPassword' => "{crypt}" . crypt($new_password, '$6$' . generateSalt(10) . '$')];
+
+        if (ldap_mod_replace($connect, $dn, $newEntry))
+                return true;
+        else
+                return false;
+}
diff --git a/templates/email.php b/templates/email.php
new file mode 100644
index 0000000..f64db8c
--- /dev/null
+++ b/templates/email.php
@@ -0,0 +1,29 @@
+<?php
+$MAIL_TEMPLATE = (object)[
+        "subject" => "Confirm your email",
+        "text"    => "To complete your registration please paste this to your browser: {{url}}",
+        "html"    => "<html><body>
+                <h2>Almost there! Click on the link bellow to confirm your email address</h2>
+                <a href='{{url}}'>Confirm</a>
+        </body></html>"
+];
+
+
+$RECOVERY_EMAIL_TEMPLATE = (object)[
+        "subject" => "Change your password!",
+        "text"    => "Seems you requested a password change. If that wasn't you please ignore this message. Otherwise go to this url to change your password: {{url}}",
+        "html"    => "<html><body>
+                <h3>Seems you requested a password change. If that wasn't you please ignore this message. Otherwise go to this url to change your password</h3>
+                <a href='{{url}}'>Click here</a> to change your password
+        </body></html>"
+];
+
+
+// Add the support email there
+$PASSWORD_CHANGED_EMAIL_TEMPLATE = (object)[
+        "subject" => "Your password was changed",
+        "text"    => "Your password was chanegd successfully. If this wasn't you please contact support",
+        "html"    => "<html><body>
+                <h3>Your password was chanegd successfully. If this wasn't you please contact support</h3>
+        </body></html>"
+];
diff --git a/templates/recover_email_form.htm b/templates/recover_email_form.htm
new file mode 100644
index 0000000..a423568
--- /dev/null
+++ b/templates/recover_email_form.htm
@@ -0,0 +1,32 @@
+<h1>Change your password</h1>
+
+<form action="" method="POST">
+    <!-- Email input -->
+    <div class="form-outline mb-3">
+        <label class="form-label font-weight-bold" for="form3Example3">Email address*</label>
+        <input required name="email" type="email" id="form3Example3"
+            class="form-control <?php if(isset($error) && $error && !isset($_POST['email'])){echo 'border-danger';}?>"
+            placeholder="myemail@example.com"
+            value="<?php echo isset($_POST['email']) ? htmlspecialchars($_POST['email']) : '' ?>" />
+    </div>
+
+    <!--captcha here-->
+    <div class="form-outline mb-3">
+
+        <label class="form-label font-weight-bold" for="form3Example4">Captcha:</label>
+        <div class="container mb-2 offset-md-2">
+            <img id="captcha" src="<?php echo $BASE_URL.'/captcha.php?token='.$_SESSION['captcha_token']; ?>" />
+            <div id="reload_captcha">
+                <button id="reload" class="btn btn-outline-info" type="button"> <span class="glyphicon glyphicon-refresh"
+                    aria-hidden="true"></span></button>
+            </div>
+        </div>
+        <input pattern="[^\s]{<?php echo $CAPTCHA_LENGTH; ?>,}" required title="Please fill the captcha. It has 5 characteres" name="captcha"
+            type="text" id="form3Example6" class="form-control" placeholder="Type what you see on the image above" />
+    </div>
+
+    <!-- Submit button -->
+    <button name="type" value="recover" type="submit" class="btn btn-primary float-right btn-md">Confirm</button>
+
+</form>
+</div>
diff --git a/templates/recover_new_password_form.htm b/templates/recover_new_password_form.htm
new file mode 100644
index 0000000..b83b8e8
--- /dev/null
+++ b/templates/recover_new_password_form.htm
@@ -0,0 +1,27 @@
+<h2>Renewing: <?php echo $email;?></h2>
+
+<form action="" method="POST">
+    <!-- Password input -->
+    <div class="form-outline mb-3">
+        <label class="form-label font-weight-bold" for="form3Example4">Password*</label>
+        <input pattern="[^\s]{<?php echo $VAL_USER->min_password.','.$VAL_USER->max_password;?>}" required title="At least 8 not whitespace characteres" name="password"
+            type="password" id="form3Example4"
+            class="form-control <?php if(isset($error) && $error && !isset($_POST['password'])){echo 'border-danger';}?>"
+            placeholder="********"
+            value="<?php echo isset($_POST['password']) ? htmlspecialchars($_POST['password']) : '' ?>" />
+    </div>
+    <!-- Password input -->
+    <div class="form-outline mb-3">
+        <label class="form-label font-weight-bold" for="form3Example4">Confirm your Password*</label>
+        <input pattern="[^\s]{<?php echo $VAL_USER->min_password.','.$VAL_USER->max_password;?>}" required title="At least 8 not whitespace characteres" name="password_confirm"
+            type="password" id="form3Example5"
+            class="form-control <?php if(isset($error) && $error && !isset($_POST['password_confirm'])){echo 'border-danger';}?>"
+            placeholder="********"
+            value="<?php echo isset($_POST['password_confirm']) ? htmlspecialchars($_POST['password_confirm']) : '' ?>" />
+    </div>
+
+    <!-- Submit button -->
+    <button name="type" value="password_change" type="submit" class="btn btn-primary float-right btn-md">Confirm</button>
+
+</form>
+</div>
diff --git a/templates/recover_success.htm b/templates/recover_success.htm
new file mode 100644
index 0000000..b1d2784
--- /dev/null
+++ b/templates/recover_success.htm
@@ -0,0 +1 @@
+<div class="alert alert-success" role="alert">Your password was changed successfully!</div>
diff --git a/templates/strings.php b/templates/strings.php
index 6133ccc..557a60f 100644
--- a/templates/strings.php
+++ b/templates/strings.php
@@ -48,6 +48,9 @@
 $STRINGS = (object)[
         "email_confirmation" => "<h1>Email Confirmation</h1>",
         "reloading_captcha" => "Loading...",
+        "wrong_captcha" => "Wrong captcha!<br>",
+        "recover_email_not_registered" => "This email is not registered<br>",
+        "change_password_ldap_error" => "<h2>Something went wrong.</h2>",
 ];
 
 ?>
diff --git a/utils.php b/utils.php
index ea2e7e5..0c3ad1f 100644
--- a/utils.php
+++ b/utils.php
@@ -29,27 +29,25 @@
     return $string;
 }
 
-function template_path(string $lang_cc = null){
+function template_path(string $lang_cc = null)
+{
     include "config.php";
-    if (isset($_SESSION["cc"]))
-        $lang_cc = $GLOBALS["cc"];
-    if (isset($GLOBALS["cc"]))
-        $lang_cc = $GLOBALS["cc"];
-    if ($lang_cc)
-        $INCLUDE_STRINGS_PATH = "templates_".$lang_cc;
-    else
-        $INCLUDE_STRINGS_PATH = "templates";
+    if (isset($LANG_CC) && !empty($LANG_CC) && $lang_cc == null) $lang_cc = $LANG_CC;
+    if (isset($_SESSION["cc"])) $lang_cc = $GLOBALS["cc"];
+    if (isset($GLOBALS["cc"]))  $lang_cc = $GLOBALS["cc"];
 
-    if (isset($lang_cc) && !empty($lang_cc)) $TEMPLATE = $INCLUDE_STRINGS_PATH."/";
+    if ($lang_cc) $INCLUDE_STRINGS_PATH = "templates_" . $lang_cc;
+    else  $INCLUDE_STRINGS_PATH = "templates";
+
+    if (isset($lang_cc) && !empty($lang_cc)) $TEMPLATE = $INCLUDE_STRINGS_PATH . "/";
     else $TEMPLATE = "templates/";
 
-    include $TEMPLATE.'strings.php';
+    include $TEMPLATE . 'strings.php';
 
-    if(!isset($RUNTIME_ERROR)){
+    if (!isset($RUNTIME_ERROR)) {
         include_once 'templates/strings.php';
         echo $RUNTIME_ERROR->not_found;
-        echo "<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>";
-        echo format($RUNTIME_ERROR->template_not_found, ["template"=>$INCLUDE_STRINGS_PATH, "langcc"=>$LANG_CC]);
+        echo format($RUNTIME_ERROR->template_not_found, ["template" => $INCLUDE_STRINGS_PATH, "langcc" => $LANG_CC]);
         die();
     }