load('getconf'); $security_config = $app->getconf->get_security_config('permissions'); if($security_config['password_reset_allowed'] != 'yes') die('Password reset function has been disabled.'); // Loading the template $app->uses('tpl'); $app->tpl->newTemplate("form.tpl.htm"); $app->tpl->setInclude('content_tpl', 'templates/password_reset.htm'); $app->tpl_defaults(); include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$_SESSION['s']['language'].'.lng'; $app->tpl->setVar($wb); if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '' && $_POST['username'] != 'admin') { if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error')); if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error')); $username = $_POST['username']; $email = $_POST['email']; $client = $app->db->queryOneRecord("SELECT client.*, sys_user.lost_password_function FROM client,sys_user WHERE client.username = ? AND client.email = ? AND client.client_id = sys_user.client_id", $username, $email); if($client['lost_password_function'] == 0) { $app->tpl->setVar("error", $wb['lost_password_function_disabled_txt']); } else { if($client['client_id'] > 0) { $server_config_array = $app->getconf->get_global_config(); $min_password_length = 8; if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length']; $new_password = $app->auth->get_random_password($min_password_length, true); $new_password_encrypted = $app->auth->crypt_password($new_password); $username = $client['username']; $app->db->query("UPDATE sys_user SET passwort = ? WHERE username = ?", $new_password_encrypted, $username); $app->db->query("UPDATE client SET password = ? WHERE username = ?", $new_password_encrypted, $username); $app->tpl->setVar("message", $wb['pw_reset']); $app->uses('getconf,ispcmail'); $mail_config = $server_config_array['mail']; if($mail_config['smtp_enabled'] == 'y') { $mail_config['use_smtp'] = true; $app->ispcmail->setOptions($mail_config); } $app->ispcmail->setSender($mail_config['admin_mail'], $mail_config['admin_name']); $app->ispcmail->setSubject($wb['pw_reset_mail_title']); $app->ispcmail->setMailText($wb['pw_reset_mail_msg'].$new_password); $app->ispcmail->send(array($client['contact_name'] => $client['email'])); $app->ispcmail->finish(); $app->plugin->raiseEvent('password_reset', true); $app->tpl->setVar("msg", $wb['pw_reset']); } else { $app->tpl->setVar("error", $wb['pw_error']); } } } else { $app->tpl->setVar("msg", $wb['pw_error_noinput']); } $app->tpl_defaults(); $app->tpl->pparse(); ?>