parent
78adc25c8d
commit
cf8251f25f
@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
function forgot_password(){
|
||||
|
||||
$email = filter_var($_POST["Email"], FILTER_SANITIZE_EMAIL);
|
||||
|
||||
$target_id = WebUsers::getIdFromEmail($email);
|
||||
if ($target_id == "FALSE"){
|
||||
//the email address doesn't exist.
|
||||
$result['prevEmail'] = $email;
|
||||
$result['EMAIL_ERROR'] = 'TRUE';
|
||||
$result['no_visible_elements'] = 'TRUE';
|
||||
helpers :: loadtemplate( 'forgot_password', $result);
|
||||
exit;
|
||||
}
|
||||
$webUser = new WebUsers($target_id);
|
||||
$target_username = $webUser->getUsername();
|
||||
$target_hashedPass = $webUser->getHashedPass();
|
||||
$hashed_key = hash('sha512',$target_hashedPass);
|
||||
|
||||
if ( isset( $_COOKIE['Language'] ) ) {
|
||||
$lang = $_COOKIE['Language'];
|
||||
}else{
|
||||
global $DEFAULT_LANGUAGE;
|
||||
$lang = $DEFAULT_LANGUAGE;
|
||||
}
|
||||
|
||||
global $AMS_TRANS;
|
||||
$variables = parse_ini_file( $AMS_TRANS . '/' . $lang . '.ini', true );
|
||||
$mailText = array();
|
||||
foreach ( $variables['email'] as $key => $value ){
|
||||
$mailText[$key] = $value;
|
||||
}
|
||||
|
||||
//create the reset url
|
||||
global $WEBPATH;
|
||||
$resetURL = $WEBPATH . "?page=reset_password&user=". $target_username . "&email=" . $email . "&key=" . $hashed_key;
|
||||
//set email stuff
|
||||
$recipient = $email;
|
||||
$subject = $mailText['email_subject_forgot_password'];
|
||||
$body = $mailText['email_body_forgot_password_header'] . $resetURL . $mailText['email_body_forgot_password_footer'];
|
||||
Mail_Handler::send_mail($recipient, $subject, $body, NULL);
|
||||
$result['EMAIL_SUCCESS'] = 'TRUE';
|
||||
$result['prevEmail'] = $email;
|
||||
$result['no_visible_elements'] = 'TRUE';
|
||||
helpers :: loadtemplate( 'forgot_password', $result);
|
||||
exit;
|
||||
|
||||
|
||||
}
|
@ -0,0 +1,44 @@
|
||||
<?php
|
||||
|
||||
function reset_password(){
|
||||
//filter all data
|
||||
$email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
|
||||
$user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
|
||||
$key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
|
||||
|
||||
$password = filter_var($_POST['NewPass'], FILTER_SANITIZE_STRING);
|
||||
$confirmpass = filter_var($_POST['ConfirmNewPass'], FILTER_SANITIZE_STRING);
|
||||
|
||||
$target_id = WebUsers::getId($user);
|
||||
$webUser = new WebUsers($target_id);
|
||||
if( (WebUsers::getIdFromEmail($email) == $target_id) && (hash('sha512',$webUser->getHashedPass()) == $key) ){
|
||||
$params = Array( 'user' => $user, 'CurrentPass' => "dummy", 'NewPass' => $password, 'ConfirmNewPass' => $confirmpass, 'adminChangesOther' => true);
|
||||
$result = $webUser->check_change_password($params);
|
||||
if ($result == "success"){
|
||||
$result = array();
|
||||
$status = WebUsers::setPassword($user, $password);
|
||||
if($status == 'ok'){
|
||||
$result['SUCCESS_PASS'] = "OK";
|
||||
}else if($status == 'shardoffline'){
|
||||
$result['SUCCESS_PASS'] = "SHARDOFF";
|
||||
}
|
||||
$result['no_visible_elements'] = 'TRUE';
|
||||
helpers :: loadtemplate( 'reset_success', $result);
|
||||
exit;
|
||||
}
|
||||
$GETString = "";
|
||||
foreach($_GET as $key => $value){
|
||||
$GETString = $GETString . $key . '=' . $value . "&";
|
||||
}
|
||||
if($GETString != ""){
|
||||
$GETString = '?'.$GETString;
|
||||
}
|
||||
$result['getstring'] = $GETString;
|
||||
$result['prevNewPass'] = $password;
|
||||
$result['prevConfirmNewPass'] = $confirmpass;
|
||||
$result['no_visible_elements'] = 'TRUE';
|
||||
helpers :: loadtemplate( 'reset_password', $result);
|
||||
exit;
|
||||
|
||||
}
|
||||
}
|
@ -0,0 +1,8 @@
|
||||
<?php
|
||||
/**
|
||||
* This function is beign used to send to reset the password.
|
||||
* @author Daan Janssens, mentored by Matthew Lagoe
|
||||
*/
|
||||
function forgot_password(){
|
||||
|
||||
}
|
@ -0,0 +1,31 @@
|
||||
<?php
|
||||
|
||||
function reset_password(){
|
||||
$email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
|
||||
$user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
|
||||
$key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
|
||||
|
||||
$target_id = WebUsers::getId($user);
|
||||
$webUser = new WebUsers($target_id);
|
||||
|
||||
if( (WebUsers::getIdFromEmail($email) == $target_id) && (hash('sha512',$webUser->getHashedPass()) == $key) ){
|
||||
//you are allowed on the page!
|
||||
|
||||
$GETString = "";
|
||||
foreach($_GET as $key => $value){
|
||||
$GETString = $GETString . $key . '=' . $value . "&";
|
||||
}
|
||||
if($GETString != ""){
|
||||
$GETString = '?'.$GETString;
|
||||
}
|
||||
$pageElements['getstring'] = $GETString;
|
||||
|
||||
return $pageElements;
|
||||
|
||||
}else{
|
||||
global $WEBPATH;
|
||||
$_SESSION['error_code'] = "403";
|
||||
header("Location: ".$WEBPATH."?page=error");
|
||||
exit;
|
||||
}
|
||||
}
|
Binary file not shown.
@ -0,0 +1,70 @@
|
||||
{extends file="layout.tpl"}
|
||||
{block name=content}
|
||||
|
||||
<div class="row-fluid">
|
||||
<div class="span12 center login-header">
|
||||
<img src="img/mainlogo.png"/>
|
||||
</div><!--/span-->
|
||||
</div><!--/row-->
|
||||
|
||||
<div class="row-fluid">
|
||||
<div class="well span5 center login-box">
|
||||
|
||||
<form id="signup" class="form-vertical" method="post" action="index.php{$getstring}">
|
||||
<legend>{$title}</legend>
|
||||
|
||||
<div class="control-group {if isset($NEWPASSWORD_ERROR) and $NEWPASSWORD_ERROR eq "TRUE"}error{else if
|
||||
isset($newpass_error_message) and $newpass_error_message eq "success"}success{else}{/if}">
|
||||
<label class="control-label">New Password</label>
|
||||
<div class="controls">
|
||||
<div class="input-prepend">
|
||||
<span class="add-on" style="margin-left:5px;"><i class="icon-tag"></i></span>
|
||||
<input type="password" class="input-xlarge" id="NewPass" name="NewPass" placeholder="Your new password" {if isset($prevNewPass)}value="{$prevNewPass}"{/if}>
|
||||
{if isset($NEWPASSWORD_ERROR) and $NEWPASSWORD_ERROR eq "TRUE"}<br/><span class="help-inline">{$newpass_error_message}</span>{/if}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group {if isset($CNEWPASSWORD_ERROR) and $CNEWPASSWORD_ERROR eq "TRUE"}error{else if
|
||||
isset($confirmnewpass_error_message) and $confirmnewpass_error_message eq "success"}success{else}{/if}">
|
||||
<label class="control-label">Confirm New Password</label>
|
||||
<div class="controls">
|
||||
<div class="input-prepend">
|
||||
<span class="add-on" style="margin-left:5px;"><i class="icon-tags"></i></span>
|
||||
<input type="password" class="input-xlarge" id="ConfirmNewPass" name="ConfirmNewPass" placeholder="Re-enter the new password" {if isset($prevConfirmNewPass)}value="{$prevConfirmNewPass}"{/if}>
|
||||
{if isset($CNEWPASSWORD_ERROR) and $CNEWPASSWORD_ERROR eq "TRUE"}<br/><span class="help-inline">{$confirmnewpass_error_message}</span>{/if}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "OK"}
|
||||
<div class="alert alert-success">
|
||||
The password has been changed!
|
||||
</div>
|
||||
{/if}
|
||||
|
||||
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "SHARDOFF"}
|
||||
<div class="alert alert-warning">
|
||||
The password has been changed, though the shard seems offline, it may take some time to see the change on the shard.
|
||||
</div>
|
||||
{/if}
|
||||
|
||||
<input type="hidden" name="function" value="reset_password">
|
||||
<div class="control-group">
|
||||
<label class="control-label"></label>
|
||||
<div class="controls">
|
||||
<button type="submit" class="btn btn-large btn-primary" >Reset the password!</button>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</form>
|
||||
|
||||
|
||||
</div><!--/span-->
|
||||
</div><!--/row-->
|
||||
{/block}
|
||||
|
||||
|
@ -0,0 +1,47 @@
|
||||
{extends file="layout.tpl"}
|
||||
{block name=content}
|
||||
|
||||
<div class="row-fluid">
|
||||
<div class="span12 center login-header">
|
||||
<img src="img/mainlogo.png"/>
|
||||
</div><!--/span-->
|
||||
</div><!--/row-->
|
||||
|
||||
<div class="row-fluid">
|
||||
<div class="well span5 center login-box">
|
||||
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "OK"}
|
||||
<div class="alert alert-success">
|
||||
The password has been changed!
|
||||
</div>
|
||||
{/if}
|
||||
|
||||
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "SHARDOFF"}
|
||||
<div class="alert alert-warning">
|
||||
The password has been changed, though the shard seems offline, it may take some time to see the change on the shard.
|
||||
</div>
|
||||
{/if}
|
||||
|
||||
<div class="alert alert-info">
|
||||
<strong>{$reset_success_title}</strong>
|
||||
<p>{$reset_success_timer}<span id="seconds">5</span></p>
|
||||
<p><a href="index.php">{$login_text}</a></p>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
var seconds = 5;
|
||||
setInterval(
|
||||
function(){
|
||||
if (seconds <= 1) {
|
||||
window.location = 'index.php';
|
||||
}
|
||||
else {
|
||||
document.getElementById('seconds').innerHTML = --seconds;
|
||||
}
|
||||
},
|
||||
1000
|
||||
);
|
||||
</script>
|
||||
</div><!--/span-->
|
||||
</div>
|
||||
{/block}
|
||||
|
Loading…
Reference in New Issue