Context Navigation

source: trunk/password.php @ 2297

Last change on this file since 2297 was 2297, checked in by plg, 16 years ago
Modification: new header on PHP files, PhpWebGallery renamed Piwigo.
Property svn:eol-style set to `LF` Property svn:keywords set to `Author Date Id Revision`
File size: 7.8 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23	// +-----------------------------------------------------------------------+
24	// \| PhpWebGallery - a PHP based picture gallery \|
25	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
26	// \| Copyright (C) 2003-2008 PhpWebGallery Team - http://phpwebgallery.net \|
27	// +-----------------------------------------------------------------------+
28	// \| file : $Id: password.php 2297 2008-04-04 22:57:23Z plg $
29	// \| last update : $Date: 2008-04-04 22:57:23 +0000 (Fri, 04 Apr 2008) $
30	// \| last modifier : $Author: plg $
31	// \| revision : $Revision: 2297 $
32	// +-----------------------------------------------------------------------+
33	// \| This program is free software; you can redistribute it and/or modify \|
34	// \| it under the terms of the GNU General Public License as published by \|
35	// \| the Free Software Foundation \|
36	// \| \|
37	// \| This program is distributed in the hope that it will be useful, but \|
38	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
39	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
40	// \| General Public License for more details. \|
41	// \| \|
42	// \| You should have received a copy of the GNU General Public License \|
43	// \| along with this program; if not, write to the Free Software \|
44	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
45	// \| USA. \|
46	// +-----------------------------------------------------------------------+
47
48	// +-----------------------------------------------------------------------+
49	// \| initialization \|
50	// +-----------------------------------------------------------------------+
51
52	define('PHPWG_ROOT_PATH','./');
53	include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
54	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
55
56	// +-----------------------------------------------------------------------+
57	// \| Check Access and exit when user status is not ok \|
58	// +-----------------------------------------------------------------------+
59	check_status(ACCESS_NONE);
60
61	// +-----------------------------------------------------------------------+
62	// \| send a new password \|
63	// +-----------------------------------------------------------------------+
64
65	$page['errors'] = array();
66	$page['infos'] = array();
67
68	if (isset($_POST['submit']))
69	{
70	$mailto =
71	'<a href="mailto:'.get_webmaster_mail_address().'">'
72	.l10n('Contact webmaster')
73	.'</a>'
74	;
75
76	if (isset($_POST['no_mail_address']) and $_POST['no_mail_address'] == 1)
77	{
78	array_push($page['infos'], l10n('Email address is missing'));
79	array_push($page['infos'], $mailto);
80	}
81	else if (isset($_POST['mail_address']) and !empty($_POST['mail_address']))
82	{
83	$mail_address = mysql_escape_string($_POST['mail_address']);
84
85	$query = '
86	SELECT '.$conf['user_fields']['id'].' AS id
87	, '.$conf['user_fields']['username'].' AS username
88	, '.$conf['user_fields']['email'].' AS email
89	FROM '.USERS_TABLE.' as u
90	INNER JOIN '.USER_INFOS_TABLE.' AS ui
91	ON u.'.$conf['user_fields']['id'].' = ui.user_id
92	WHERE '
93	.$conf['user_fields']['email'].' = \''.$mail_address.'\' AND
94	(
95	ui.status = \'normal\' OR
96	(ui.status in (\'admin\', \'webmaster\') AND ui.adviser = \'true\')
97	)
98	;';
99	$result = pwg_query($query);
100
101	if (mysql_num_rows($result) > 0)
102	{
103	$error_on_mail = false;
104	$datas = array();
105
106	while ($row = mysql_fetch_array($result))
107	{
108	$new_password = generate_key(6);
109
110	$infos =
111	l10n('Username').': '.$row['username']
112	."\n".l10n('Password').': '.$new_password
113	;
114
115	if (pwg_mail($row['email'],
116	array('subject' => l10n('password updated'), 'content' => $infos)))
117	{
118	$data =
119	array(
120	$conf['user_fields']['id']
121	=> $row['id'],
122
123	$conf['user_fields']['password']
124	=> $conf['pass_convert']($new_password)
125	);
126
127	array_push($datas, $data);
128	}
129	else
130	{
131	$error_on_mail = true;
132	}
133	}
134
135	if ($error_on_mail)
136	{
137	array_push($page['errors'], l10n('Error sending email'));
138	array_push($page['errors'], $mailto);
139	}
140	else
141	{
142	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
143	mass_updates(
144	USERS_TABLE,
145	array(
146	'primary' => array($conf['user_fields']['id']),
147	'update' => array($conf['user_fields']['password'])
148	),
149	$datas
150	);
151
152	array_push($page['infos'], l10n('New password sent by email'));
153	}
154	}
155	else
156	{
157	array_push($page['errors'], l10n('No user matches this email address'));
158	array_push($page['errors'], l10n('Administrator, webmaster and special user cannot use this method'));
159	array_push($page['errors'], $mailto);
160	}
161	}
162	}
163
164	// +-----------------------------------------------------------------------+
165	// \| template initialization \|
166	// +-----------------------------------------------------------------------+
167
168	$title = l10n('Forgot your password?');
169	$page['body_id'] = 'thePasswordPage';
170
171	$template->set_filenames(array('password'=>'password.tpl'));
172	$template->assign( array(
173	'F_ACTION'=> get_root_url().'password.php'
174	)
175	);
176	// +-----------------------------------------------------------------------+
177	// \| infos & errors display \|
178	// +-----------------------------------------------------------------------+
179	$template->assign('errors', $page['errors']);
180	$template->assign('infos', $page['infos']);
181
182	// +-----------------------------------------------------------------------+
183	// \| html code display \|
184	// +-----------------------------------------------------------------------+
185	include(PHPWG_ROOT_PATH.'include/page_header.php');
186	$template->pparse('password');
187	include(PHPWG_ROOT_PATH.'include/page_tail.php');
188
189	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: