fix password reset for multiple accounts, add clarifications

app.rb

@@ -446,6 +446,8 @@ Hello! This is the NeoCities cat, and I have received a password reset request f
 
 Go to this URL to reset your password: http://neocities.org/password_reset_confirm?code=#{token}
 
+After clicking on this link, your password for all the sites registered to this email address will be changed to this token: #{token}
+
 If you didn't request this reset, you can ignore it. Or hide under a bed. Or take a nap. Your call.
 
 Meow,
@@ -467,11 +469,13 @@ the NeoCities Cat
 end
 
 get '/password_reset_confirm' do
-  site = Site[password_reset_token: params[:code]]
+  site = Site.filter(password_reset_token: params[:code]).all
 
-  if site
-    site.password = params[:code]
-    site.save
+  if sites.length < 0
+    sites.each do |site|
+      site.password = params[:code]
+      site.save
+    end
 
     flash[:success] = 'Your password has been changed to the token sent in your e-mail. Please login and change your password in the settings page as soon as possible.'
   else

views/contact.slim

@@ -14,6 +14,12 @@ javascript:
   .span8.offset2
     h2 style="margin-bottom: 20px" Contact Us
 
+    div
+      h5 Please Note Before Contacting:
+      ul
+        li For security reasons, we cannot reset your password if you did not enter an e-mail for your site. You will have to make a new site (don't worry, it's free!). If you didn't get an e-mail from the password reset form, you didn't enter an e-mail (or it's in your spam folder). Again you will have to make a new site, we cannot help you for security reasons.
+        li We do not support FTP or GIT uploading, and have no plans to. SFTP possibly, if we can find the time.
+
     form action="/contact" method="POST"
       input name="csrf_token" type="hidden" value="#{csrf_token}"