oops: Fix display of forgot-my-password link

Reported by @ntozier

include/staff/login.tpl.php

@@ -12,7 +12,7 @@ $info = ($_POST && $errors)?Format::htmlchars($_POST):array();
             <input type="text" name="userid" id="name" value="<?php echo $info['userid']; ?>" placeholder="username" autocorrect="off" autocapitalize="off">
             <input type="password" name="passwd" id="pass" placeholder="password" autocorrect="off" autocapitalize="off">
         </fieldset>
-        <?php if ($_SESSION['_staff']['strikes'] > 1 && $cfg->allowPasswordReset()) { ?>
+        <?php if ($show_reset && $cfg->allowPasswordReset()) { ?>
         <h3 style="display:inline"><a href="pwreset.php">Forgot my password</a></h3>
         <?php } ?>
         <input class="submit" type="submit" name="submit" value="Log In">

scp/login.php

@@ -23,6 +23,7 @@ $dest = $_SESSION['_staff']['auth']['dest'];
 $msg = $_SESSION['_staff']['auth']['msg'];
 $msg = $msg?$msg:'Authentication Required';
 $dest=($dest && (!strstr($dest,'login.php') && !strstr($dest,'ajax.php')))?$dest:'index.php';
+$show_reset = false;
 if($_POST) {
     // Lookup support backends for this staff
     $username = trim($_POST['userid']);
@@ -34,6 +35,7 @@ if($_POST) {
     }
 
     $msg = $errors['err']?$errors['err']:'Invalid login';
+    $show_reset = true;
 }
 // Consider single sign-on authentication backends
 else if (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) {