commit | author | age
|
da1da4
|
1 |
<?php |
T |
2 |
|
|
3 |
/* |
|
4 |
Copyright (c) 2008, Till Brehm, projektfarm Gmbh |
|
5 |
All rights reserved. |
|
6 |
|
|
7 |
Redistribution and use in source and binary forms, with or without modification, |
|
8 |
are permitted provided that the following conditions are met: |
|
9 |
|
|
10 |
* Redistributions of source code must retain the above copyright notice, |
|
11 |
this list of conditions and the following disclaimer. |
|
12 |
* Redistributions in binary form must reproduce the above copyright notice, |
|
13 |
this list of conditions and the following disclaimer in the documentation |
|
14 |
and/or other materials provided with the distribution. |
|
15 |
* Neither the name of ISPConfig nor the names of its contributors |
|
16 |
may be used to endorse or promote products derived from this software without |
|
17 |
specific prior written permission. |
|
18 |
|
|
19 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND |
|
20 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
21 |
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
|
22 |
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
|
23 |
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|
24 |
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
25 |
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
|
26 |
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
|
27 |
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, |
|
28 |
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
29 |
*/ |
|
30 |
|
7fe908
|
31 |
require_once '../../lib/config.inc.php'; |
MC |
32 |
require_once '../../lib/app.inc.php'; |
da1da4
|
33 |
|
0baace
|
34 |
$app->load('getconf'); |
TB |
35 |
|
|
36 |
$security_config = $app->getconf->get_security_config('permissions'); |
|
37 |
if($security_config['password_reset_allowed'] != 'yes') die('Password reset function has been disabled.'); |
|
38 |
|
da1da4
|
39 |
// Loading the template |
T |
40 |
$app->uses('tpl'); |
|
41 |
$app->tpl->newTemplate("form.tpl.htm"); |
7fe908
|
42 |
$app->tpl->setInclude('content_tpl', 'templates/password_reset.htm'); |
da1da4
|
43 |
|
T |
44 |
$app->tpl_defaults(); |
|
45 |
|
7fe908
|
46 |
include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$_SESSION['s']['language'].'.lng'; |
da1da4
|
47 |
$app->tpl->setVar($wb); |
T |
48 |
|
|
49 |
if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '' && $_POST['username'] != 'admin') { |
7fe908
|
50 |
|
da1da4
|
51 |
if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error')); |
T |
52 |
if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error')); |
7fe908
|
53 |
|
da1da4
|
54 |
$username = $app->db->quote($_POST['username']); |
T |
55 |
$email = $app->db->quote($_POST['email']); |
7fe908
|
56 |
|
da1da4
|
57 |
$client = $app->db->queryOneRecord("SELECT * FROM client WHERE username = '$username' AND email = '$email'"); |
a59498
|
58 |
|
da1da4
|
59 |
if($client['client_id'] > 0) { |
c614f1
|
60 |
$new_password = $app->auth->get_random_password(); |
T |
61 |
$new_password_encrypted = $app->auth->crypt_password($new_password); |
da1da4
|
62 |
$new_password_encrypted = $app->db->quote($new_password_encrypted); |
7fe908
|
63 |
|
da1da4
|
64 |
$username = $app->db->quote($client['username']); |
T |
65 |
$app->db->query("UPDATE sys_user SET passwort = '$new_password_encrypted' WHERE username = '$username'"); |
e8e3da
|
66 |
$app->db->query("UPDATE client SET password = '$new_password_encrypted' WHERE username = '$username'"); |
7fe908
|
67 |
$app->tpl->setVar("message", $wb['pw_reset']); |
MC |
68 |
|
a59498
|
69 |
$app->uses('getconf,ispcmail'); |
M |
70 |
$mail_config = $app->getconf->get_global_config('mail'); |
|
71 |
if($mail_config['smtp_enabled'] == 'y') { |
|
72 |
$mail_config['use_smtp'] = true; |
|
73 |
$app->ispcmail->setOptions($mail_config); |
|
74 |
} |
|
75 |
$app->ispcmail->setSender($mail_config['admin_mail'], $mail_config['admin_name']); |
|
76 |
$app->ispcmail->setSubject($wb['pw_reset_mail_title']); |
|
77 |
$app->ispcmail->setMailText($wb['pw_reset_mail_msg'].$new_password); |
|
78 |
$app->ispcmail->send(array($client['contact_name'] => $client['email'])); |
|
79 |
$app->ispcmail->finish(); |
7fe908
|
80 |
|
MC |
81 |
$app->plugin->raiseEvent('password_reset', true); |
|
82 |
$app->tpl->setVar("msg", $wb['pw_reset']); |
da1da4
|
83 |
} else { |
7fe908
|
84 |
$app->tpl->setVar("error", $wb['pw_error']); |
da1da4
|
85 |
} |
7fe908
|
86 |
|
da1da4
|
87 |
} else { |
7fe908
|
88 |
$app->tpl->setVar("msg", $wb['pw_error_noinput']); |
da1da4
|
89 |
} |
T |
90 |
|
|
91 |
|
|
92 |
$app->tpl_defaults(); |
|
93 |
$app->tpl->pparse(); |
|
94 |
|
|
95 |
|
|
96 |
|
|
97 |
|
|
98 |
|
7fe908
|
99 |
?> |