diff --git a/apps/files_versions/ajax/getVersions.php b/apps/files_versions/ajax/getVersions.php
new file mode 100644
index 0000000000..32aac10b71
--- /dev/null
+++ b/apps/files_versions/ajax/getVersions.php
@@ -0,0 +1,61 @@
+<?php
+
+require_once('../../../lib/base.php');
+OC_JSON::checkAppEnabled('files_versions');
+require_once('../versions.php');
+
+$userDirectory = "/".OC_User::getUser()."/files";
+$source = $_GET['source'];
+$source = strip_tags( $source );
+
+if( OCA_Versions\Storage::isversioned( $source ) ) {
+
+	$count=5; //show the newest revisions
+	$versions = OCA_Versions\Storage::getversions( $source, $count);
+	$versionsFormatted = array();
+	
+	foreach ( $versions AS $version ) {
+	
+		$versionsFormatted[] = OC_Util::formatDate( $version );
+		
+	}
+
+	$versionsSorted = array_reverse( $versionsFormatted );
+	
+	if ( !empty( $versionsSorted ) ) {
+		OC_JSON::encodedPrint($versionsSorted);
+	}
+	
+}else{
+
+	return;
+	
+}
+
+// $path = $source;
+// $users = array();
+// if ($users = OC_Share::getMySharedItem($source)) {
+// 	for ($i = 0; $i < count($users); $i++) {
+// 		if ($users[$i]['uid_shared_with'] == OC_Share::PUBLICLINK) {
+// 			$users[$i]['token'] = OC_Share::getTokenFromSource($source);
+// 		}
+// 	}
+// }
+// $source = dirname($source);
+// while ($source != "" && $source != "/" && $source != "." && $source != $userDirectory) {
+// 	if ($values = OC_Share::getMySharedItem($source)) {
+// 		$values = array_values($values);
+// 		$parentUsers = array();
+// 		for ($i = 0; $i < count($values); $i++) {
+// 			if ($values[$i]['uid_shared_with'] == OC_Share::PUBLICLINK) {
+// 				$values[$i]['token'] = OC_Share::getTokenFromSource($source)."&path=".substr($path, strlen($source));
+// 			}
+// 			$parentUsers[basename($source)."-".$i] = $values[$i];
+// 		}
+// 		$users = array_merge($users, $parentUsers);
+// 	}
+// 	$source = dirname($source);
+// }
+// if (!empty($users)) {
+// 	OC_JSON::encodedPrint($users);
+// }
diff --git a/apps/files_versions/ajax/rollbackVersion.php b/apps/files_versions/ajax/rollbackVersion.php
new file mode 100644
index 0000000000..660411973a
--- /dev/null
+++ b/apps/files_versions/ajax/rollbackVersion.php
@@ -0,0 +1,26 @@
+<?php
+
+require_once('../../../lib/base.php');
+OC_JSON::checkAppEnabled('files_versions');
+require_once('../versions.php');
+
+$userDirectory = "/".OC_User::getUser()."/files";
+
+$source = $_GET['source'];
+
+$source = strip_tags( $source );
+
+echo "\n\n$source\n\n";
+
+$revision = strtotime( $source );
+
+echo "\n\n$revision\n\n";
+
+if( OCA_Versions\Storage::isversioned( $source ) ) {
+
+
+        #\OCA_Versions\Storage::rollback( $source, $revision );
+	
+}
+
+?>
\ No newline at end of file
diff --git a/apps/files_versions/history.php b/apps/files_versions/history.php
index b0aa8fdc98..05a5db55da 100644
--- a/apps/files_versions/history.php
+++ b/apps/files_versions/history.php
@@ -28,17 +28,22 @@ OC_Util::addStyle('files_versions','versions');
 if ( isset( $_GET['path'] ) ) {
 
 	$path = $_GET['path'];
-	$path = strip_tags( $path);
+	$path = strip_tags( $path );
 
 	// roll back to old version if button clicked
         if( isset( $_GET['revert'] ) ) {
-        	\OCA_Versions\Storage::rollback( $path, $_GET['revert'] );
+        	
+        	if( \OCA_Versions\Storage::rollback( $path, $_GET['revert'] ) ) {
+        	
+			echo "<script>OC.dialogs.alert(response.data.message, t('contacts', 'Error'))</script>";
+			
+		}
 	}
 
 	// show the history only if there is something to show
         if( OCA_Versions\Storage::isversioned( $path ) ) {
 
-		$count=5; //show the newest revisions
+		$count=999; //show the newest revisions
 	        $versions=OCA_Versions\Storage::getversions( $path, $count);
 
 		$tmpl = new OC_Template( 'files_versions', 'history', 'user' );
diff --git a/apps/files_versions/js/versions.js b/apps/files_versions/js/versions.js
index 325ef823a9..a9e60a0cfa 100644
--- a/apps/files_versions/js/versions.js
+++ b/apps/files_versions/js/versions.js
@@ -9,29 +9,35 @@ $(document).ready(function(){
 		
 		createVersionsDropdown(filename, file)
 
-		//window.location='../apps/files_versions/history.php?path='+encodeURIComponent($('#dir').val()).replace(/%2F/g, '/')+'/'+encodeURIComponent(filename);
-
-		
+		$.ajax({
+			type: 'GET',
+			url: OC.linkTo('files_versions', 'ajax/getVersions.php'),
+			dataType: 'json',
+			data: {source: file},
+			async: false,
+			success: function(versions) {
+				if (versions) {
+				}
+			}
+		});
+	
 	});
 	
 });
 
 function createVersionsDropdown(filename, files) {
 	var historyUrl = '../apps/files_versions/history.php?path='+encodeURIComponent($('#dir').val()).replace(/%2F/g, '/')+'/'+encodeURIComponent(filename);
-	//alert( historyUrl );
+
 	var html = '<div id="dropdown" class="drop" data-file="'+files+'">';
 	html += '<div id="private">';
-	html += '<select data-placeholder="File Version" id="share_with" class="chzen-select">';
-	html += '<option value=""></option>';
+	html += '<select data-placeholder="File Version" id="found_versions" class="chzen-select">';
+	html += '<option value="">Select version</option>';
 	html += '</select>';
-	html += '<ul id="shared_list"></ul>';
 	html += '</div>';
-	html += '<div id="public">';
-	html += '<input type="button" name="makelink" id="makelink" value="Revert file" />';
-	html += '<input type="button" onclick="window.location=\''+historyUrl+'\'" name="makelink" id="makelink" value="More..." />';
+	html += '<input type="button" value="Revert file" onclick="revertFile()" />';
+	html += '<input type="button" value="More..." onclick="window.location=\''+historyUrl+'\'" name="makelink" id="makelink" />';
 	html += '<br />';
 	html += '<input id="link" style="display:none; width:90%;" />';
-	html += '</div>';
 	
 	if (filename) {
 		$('tr').filterAttr('data-file',filename).addClass('mouseOver');
@@ -39,27 +45,60 @@ function createVersionsDropdown(filename, files) {
 	} else {
 		$(html).appendTo($('thead .share'));
 	}
-// 			$.getJSON(OC.linkTo('files_sharing', 'ajax/userautocomplete.php'), function(users) {
-// 				if (users) {
-// 					$.each(users, function(index, row) {
-// 						$(row).appendTo('#share_with');
-// 					});
-// 					$('#share_with').trigger('liszt:updated');
-// 				}
-// 			});
-// 			$.getJSON(OC.linkTo('files_sharing', 'ajax/getitem.php'), { source: files }, function(users) {
-// 				if (users) {
-// 					$.each(users, function(index, row) {
-// 						if (row.uid_shared_with == 'public') {
-// 							showPublicLink(row.token, '/'+filename);
-// 						} else if (isNaN(index)) {
-// 							addUser(row.uid_shared_with, row.permissions, index.substr(0, index.lastIndexOf('-')));
-// 						} else {
-// 							addUser(row.uid_shared_with, row.permissions, false);
-// 						}
-// 					});
-// 				}
+	
+// 	$.getJSON(OC.linkTo('files_sharing', 'ajax/userautocomplete.php'), function(users) {
+// 		if (users) {
+// 			$.each(users, function(index, row) {
+// 				$(row).appendTo('#share_with');
 // 			});
+// 			$('#share_with').trigger('liszt:updated');
+// 		}
+// 	});
+	$.getJSON(OC.linkTo('files_versions', 'ajax/getVersions.php'), { source: files }, function(versions) {
+		if (versions) {
+			
+			$.each( versions, function(index, row ) {
+					
+					addVersion( row );
+			});
+			
+		}
+		
+	});
+	
+	function revertFile() {
+		
+		$.ajax({
+			type: 'GET',
+			url: OC.linkTo('files_versions', 'ajax/rollbackVersion.php'),
+			dataType: 'json',
+			data: {path: file, revision: 'revision'},
+			async: false,
+			success: function(versions) {
+				if (versions) {
+				}
+			}
+		});	
+		
+	}
+	
+	function addVersion( name ) {
+		
+		var version = '<option>'+name+'</option>';
+		
+// 		} else {
+// 			var checked = ((permissions > 0) ? 'checked="checked"' : 'style="display:none;"');
+// 			var style = ((permissions == 0) ? 'style="display:none;"' : '');
+// 			var user = '<li data-uid_shared_with="'+uid_shared_with+'">';
+// 			user += '<a href="" class="unshare" style="display:none;"><img class="svg" alt="Unshare" src="'+OC.imagePath('core','actions/delete')+'"/></a>';
+// 			user += uid_shared_with;
+// 			user += '<input type="checkbox" name="permissions" id="'+uid_shared_with+'" class="permissions" '+checked+' />';
+// 			user += '<label for="'+uid_shared_with+'" '+style+'>can edit</label>';
+// 			user += '</li>';
+// 		}
+		
+		$(version).appendTo('#found_versions');
+	}
 
 	$('#dropdown').show('blind');
 	$('#share_with').chosen();
diff --git a/apps/files_versions/templates/history.php b/apps/files_versions/templates/history.php
index d33d2b0f68..92a3eb9c07 100644
--- a/apps/files_versions/templates/history.php
+++ b/apps/files_versions/templates/history.php
@@ -10,8 +10,12 @@
 
 	        echo('<strong>Versions of '.$_['path']).'</strong><br>';
 	        echo('<p><em>You can click on the revert button to revert to the specific verson.</em></p><br />');
-	        foreach ($_['versions'] as $v){
-			echo(' '.OC_Util::formatDate($v).' <a href="history.php?path='.urlencode($_['path']).'&revert='.$v.'" class="button">Revert</a><br /><br />');
+	        foreach ( $_['versions'] as $v ){
+	        
+			echo ' ';
+			echo OC_Util::formatDate( $v );
+			echo ' <a href="history.php?path='.urlencode( $_['path'] ).'&revert='. $v .'" class="button">Revert</a><br /><br />';
+			
 		}
 
 	}
diff --git a/core/lostpassword/index.php b/core/lostpassword/index.php
index b6cdd601d6..2b87a1eb11 100644
--- a/core/lostpassword/index.php
+++ b/core/lostpassword/index.php
@@ -9,13 +9,14 @@
 $RUNTIME_NOAPPS = TRUE; //no apps
 require_once('../../lib/base.php');
 
+
 // Someone lost their password:
 if (isset($_POST['user'])) {
 	if (OC_User::userExists($_POST['user'])) {
 		$token = sha1($_POST['user'].md5(uniqid(rand(), true)));
 		OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
 		$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
-		if (!empty($email)) {
+		if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) {
 			$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php').'?user='.$_POST['user'].'&token='.$token;
 			$tmpl = new OC_Template('core/lostpassword', 'email');
 			$tmpl->assign('link', $link);
@@ -23,14 +24,20 @@ if (isset($_POST['user'])) {
 			$l = OC_L10N::get('core');
 			$from = 'lostpassword-noreply@' . $_SERVER['HTTP_HOST'];
 			$r=mail($email, $l->t('Owncloud password reset'), $msg, 'From:' . $from);
-//if($r==false) echo('error'); else echo('works!!!!!!!');
-			OC_MAIL::send($email,$_POST['user'],$l->t('Owncloud password reset'),$msg,$from,'ownCloud');
+			OC_MAIL::send($email,$_POST['user'],$l->t('ownCloud password reset'),$msg,$from,'ownCloud');
+			echo('sent');
 
 		}
-		OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true));
+		$sectoken=rand(1000000,9999999);
+		$_SESSION['sectoken']=$sectoken;
+		OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true, 'sectoken' => $sectoken));
 	} else {
-		OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false));
+		$sectoken=rand(1000000,9999999);
+		$_SESSION['sectoken']=$sectoken;
+		OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false, 'sectoken' => $sectoken));
 	}
 } else {
-	OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false));
+	$sectoken=rand(1000000,9999999);
+	$_SESSION['sectoken']=$sectoken;
+	OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false, 'sectoken' => $sectoken));
 }
diff --git a/core/lostpassword/templates/lostpassword.php b/core/lostpassword/templates/lostpassword.php
index 4b871963b8..754eabdad6 100644
--- a/core/lostpassword/templates/lostpassword.php
+++ b/core/lostpassword/templates/lostpassword.php
@@ -10,6 +10,7 @@
 			<p class="infield">
 				<label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label>
 				<input type="text" name="user" id="user" value="" autocomplete="off" required autofocus />
+				<input type="hidden" name="sectoken" id="sectoken" value="<?php echo($_['sectoken']); ?>"  />
 			</p>
 			<input type="submit" id="submit" value="<?php echo $l->t('Request reset'); ?>" />
 		<?php endif; ?>