fix(recovery) Fix recovery to use new standAlonePage workflow

This should fix CSRF crashes with recovery

issue #5854

html/recovery.php

 <?php
 /*
   This code is part of FusionDirectory (http://www.fusiondirectory.org/)
-  Copyright (C) 2011-2016  FusionDirectory
+  Copyright (C) 2011-2018  FusionDirectory
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -18,14 +18,8 @@
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 */
 
-require_once("../include/php_setup.inc");
-require_once("functions.inc");
-require_once("variables.inc");
+require_once('../include/php_setup.inc');
+require_once('functions.inc');
+require_once('variables.inc');
 
-$pwRecovery = new passwordRecovery();
-
-$pwRecovery->execute();
-
-$pwRecovery->displayPWchanger();
-
-?>
+passwordRecovery::run();

ihtml/themes/legacy/recovery.tpl

@@ -9,6 +9,7 @@
 <div id="window-div">
 
   <form action='recovery.php{$params}' method='post' name='mainform' onSubmit='js_check(this);return true;'>
+    <input type="hidden" name="CSRFtoken" value="{$CSRFtoken}"/>
 
   <div id="window-titlebar">
     <p>

include/class_passwordRecovery.inc

@@ -66,7 +66,7 @@ class passwordRecovery extends standAlonePage {
     }
   }
 
-  function execute()
+  function save_object()
   {
     if (!$this->activated) {
       return;
@@ -98,8 +98,10 @@ class passwordRecovery extends standAlonePage {
     }
   }
 
-  function displayPWchanger()
+  function execute()
   {
+    $this->save_object();
+
     /* Do we need to show error messages? */
     if (count($this->message) != 0) {
       /* Show error message and continue editing */