source: branches/1.6/password.php @ 26010

Last change on this file since 26010 was 1530, checked in by rub, 18 years ago

Resolved Issue ID 0000507:

o format of email
o max_execution_time equal to 0
o -f with only adress mail
o use of standard function get_webmaster_mail_address

2 news $conf parameters.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 6.2 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2006-08-09 22:05:29 +0000 (Wed, 09 Aug 2006) $
10// | last modifier : $Author: rub $
11// | revision      : $Revision: 1530 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28// +-----------------------------------------------------------------------+
29// |                           initialization                              |
30// +-----------------------------------------------------------------------+
31
32define('PHPWG_ROOT_PATH','./');
33include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
34include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
35
36// +-----------------------------------------------------------------------+
37// |                          send a new password                          |
38// +-----------------------------------------------------------------------+
39
40$page['errors'] = array();
41$page['infos'] = array();
42
43if (isset($_POST['submit']))
44{
45  $mailto =
46    '<a href="mailto:'.get_webmaster_mail_address().'">'
47    .l10n('Contact webmaster')
48    .'</a>'
49    ;
50
51  if (isset($_POST['no_mail_address']) and $_POST['no_mail_address'] == 1)
52  {
53    array_push($page['infos'], l10n('Email address is missing'));
54    array_push($page['infos'], $mailto);
55  }
56  else if (isset($_POST['mail_address']) and !empty($_POST['mail_address']))
57  {
58    $mail_address = mysql_escape_string($_POST['mail_address']);
59   
60    $query = '
61SELECT '.$conf['user_fields']['id'].' AS id
62     , '.$conf['user_fields']['username'].' AS username
63     , '.$conf['user_fields']['email'].' AS email
64FROM '.USERS_TABLE.' as u
65  INNER JOIN '.USER_INFOS_TABLE.' AS ui
66      ON u.'.$conf['user_fields']['id'].' = ui.user_id
67WHERE '
68  .$conf['user_fields']['email'].' = \''.$mail_address.'\' AND
69  ui.status not in (\'guest\', \'generic\', \'webmaster\')
70;';
71    $result = pwg_query($query);
72
73    if (mysql_num_rows($result) > 0)
74    {
75      $error_on_mail = false;
76      $datas = array();
77     
78      while ($row = mysql_fetch_array($result))
79      {
80        $new_password = generate_key(6);
81
82        $infos =
83          l10n('Username').': '.$row['username']
84          ."\n".l10n('Password').': '.$new_password
85          ;
86
87        if (pwg_mail($row['email'], '', l10n('password updated'), $infos))
88        {
89          $data =
90            array(
91              $conf['user_fields']['id']
92              => $row['id'],
93             
94              $conf['user_fields']['password']
95              => $conf['pass_convert']($new_password)
96              );
97
98          array_push($datas, $data);
99        }
100        else
101        {
102          $error_on_mail = true;
103        }
104      }
105     
106      if ($error_on_mail)
107      {
108        array_push($page['errors'], l10n('Error sending email'));
109        array_push($page['errors'], $mailto);
110      }
111      else
112      {
113        include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
114        mass_updates(
115          USERS_TABLE,
116          array(
117            'primary' => array($conf['user_fields']['id']),
118            'update' => array($conf['user_fields']['password'])
119          ),
120          $datas
121          );
122
123        array_push($page['infos'], l10n('New password sent by email'));
124      }
125    }
126    else
127    {
128      array_push($page['errors'], l10n('No user matches this email address'));
129      array_push($page['errors'], $mailto);
130    }
131  }
132}
133
134// +-----------------------------------------------------------------------+
135// |                        template initialization                        |
136// +-----------------------------------------------------------------------+
137
138$title = l10n('Forgot your password?');
139$page['body_id'] = 'thePasswordPage';
140include(PHPWG_ROOT_PATH.'include/page_header.php');
141$template->set_filenames(array('password'=>'password.tpl'));
142
143$template->assign_vars(
144  array(
145    'U_HOME' => make_index_url(),
146    )
147  );
148
149// +-----------------------------------------------------------------------+
150// |                        infos & errors display                         |
151// +-----------------------------------------------------------------------+
152
153if (count($page['errors']) != 0)
154{
155  $template->assign_block_vars('errors', array());
156 
157  foreach ($page['errors'] as $error)
158  {
159    $template->assign_block_vars(
160      'errors.error',
161      array(
162        'ERROR' => $error
163        )
164      );
165  }
166}
167
168if (count($page['infos']) != 0)
169{
170  $template->assign_block_vars('infos', array());
171 
172  foreach ($page['infos'] as $info)
173  {
174    $template->assign_block_vars(
175      'infos.info',
176      array(
177        'INFO' => $info
178        )
179      );
180  }
181}
182
183// +-----------------------------------------------------------------------+
184// |                           html code display                           |
185// +-----------------------------------------------------------------------+
186
187$template->parse('password');
188include(PHPWG_ROOT_PATH.'include/page_tail.php');
189
190?>
Note: See TracBrowser for help on using the repository browser.