source: branches/branch-1_6/password.php @ 1357

Last change on this file since 1357 was 1082, checked in by plg, 19 years ago

new: cleaner URL. Instead of category.php?cat=search&search=123&start=42,
you now have category.php?/search/123/start-42. Functions make_index_url and
make_picture_url build these new URLs. Functions duplicate_picture_url and
duplicate_index_url provide shortcuts to URL creation. The current main page
page is still category.php but this can be modified easily in make_index_url
function. In this first version, no backward compatibility. Calendar
definition in URL must be discussed with rvelices.

improvement: picture.php redesigned. First actions like "set as
representative" or "delete a comment" which all lead to a redirection. Then
the page (the big mess) and includes of new sub pages to manage specific
parts of the page (metadata, user comments, rates).

new: with the cleaner URL comes a new terminology. $pagecat doesn't
exist anymore. $pagesection is among 'categories', 'tags' (TODO),
'list', 'most_seen'... And sub parameters are set : $pagecategory if
$pagesection is "categories". See URL analyse in
include/section_init.inc.php for details.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 6.5 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2006-03-15 22:44:35 +0000 (Wed, 15 Mar 2006) $
10// | last modifier : $Author: plg $
11// | revision      : $Revision: 1082 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28// +-----------------------------------------------------------------------+
29// |                           initialization                              |
30// +-----------------------------------------------------------------------+
31
32define('PHPWG_ROOT_PATH','./');
33include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
34include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
35
36// +-----------------------------------------------------------------------+
37// |                          send a new password                          |
38// +-----------------------------------------------------------------------+
39
40$page['errors'] = array();
41$page['infos'] = array();
42
43if (isset($_POST['submit']))
44{
45  // in case of error, creation of mailto link
46  $query = '
47SELECT '.$conf['user_fields']['email'].'
48  FROM '.USERS_TABLE.'
49  WHERE '.$conf['user_fields']['id'].' = '.$conf['webmaster_id'].'
50;';
51  list($mail_webmaster) = mysql_fetch_array(pwg_query($query));
52
53  $mailto =
54    '<a href="mailto:'.$mail_webmaster.'">'
55    .l10n('Contact webmaster')
56    .'</a>'
57    ;
58
59  if (isset($_POST['no_mail_address']) and $_POST['no_mail_address'] == 1)
60  {
61    array_push($page['infos'], l10n('Email address is missing'));
62    array_push($page['infos'], $mailto);
63  }
64  else if (isset($_POST['mail_address']) and !empty($_POST['mail_address']))
65  {
66    $mail_address = mysql_escape_string($_POST['mail_address']);
67   
68    $query = '
69SELECT '.$conf['user_fields']['id'].' AS id
70     , '.$conf['user_fields']['username'].' AS username
71     , '.$conf['user_fields']['email'].' AS email
72FROM '.USERS_TABLE.' as u
73  INNER JOIN '.USER_INFOS_TABLE.' AS ui
74      ON u.'.$conf['user_fields']['id'].' = ui.user_id
75WHERE '
76  .$conf['user_fields']['email'].' = \''.$mail_address.'\' AND
77  ui.status not in (\'guest\', \'generic\', \'webmaster\')
78;';
79    $result = pwg_query($query);
80
81    if (mysql_num_rows($result) > 0)
82    {
83      $error_on_mail = false;
84      $datas = array();
85     
86      while ($row = mysql_fetch_array($result))
87      {
88        $new_password = generate_key(6);
89
90        $infos =
91          l10n('Username').': '.$row['username']
92          ."\n".l10n('Password').': '.$new_password
93          ;
94
95        if (pwg_mail($row['email'], $mail_webmaster, l10n('password updated'), $infos))
96        {
97          $data =
98            array(
99              $conf['user_fields']['id']
100              => $row['id'],
101             
102              $conf['user_fields']['password']
103              => $conf['pass_convert']($new_password)
104              );
105
106          array_push($datas, $data);
107        }
108        else
109        {
110          $error_on_mail = true;
111        }
112      }
113     
114      if ($error_on_mail)
115      {
116        array_push($page['errors'], l10n('Error sending email'));
117        array_push($page['errors'], $mailto);
118      }
119      else
120      {
121        include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
122        mass_updates(
123          USERS_TABLE,
124          array(
125            'primary' => array($conf['user_fields']['id']),
126            'update' => array($conf['user_fields']['password'])
127          ),
128          $datas
129          );
130
131        array_push($page['infos'], l10n('New password sent by email'));
132      }
133    }
134    else
135    {
136      array_push($page['errors'], l10n('No user matches this email address'));
137      array_push($page['errors'], $mailto);
138    }
139  }
140}
141
142// +-----------------------------------------------------------------------+
143// |                        template initialization                        |
144// +-----------------------------------------------------------------------+
145
146$title = l10n('Forgot your password?');
147$page['body_id'] = 'thePasswordPage';
148include(PHPWG_ROOT_PATH.'include/page_header.php');
149$template->set_filenames(array('password'=>'password.tpl'));
150
151$template->assign_vars(
152  array(
153    'U_HOME' => make_index_url(),
154    )
155  );
156
157// +-----------------------------------------------------------------------+
158// |                        infos & errors display                         |
159// +-----------------------------------------------------------------------+
160
161if (count($page['errors']) != 0)
162{
163  $template->assign_block_vars('errors', array());
164 
165  foreach ($page['errors'] as $error)
166  {
167    $template->assign_block_vars(
168      'errors.error',
169      array(
170        'ERROR' => $error
171        )
172      );
173  }
174}
175
176if (count($page['infos']) != 0)
177{
178  $template->assign_block_vars('infos', array());
179 
180  foreach ($page['infos'] as $info)
181  {
182    $template->assign_block_vars(
183      'infos.info',
184      array(
185        'INFO' => $info
186        )
187      );
188  }
189}
190
191// +-----------------------------------------------------------------------+
192// |                           html code display                           |
193// +-----------------------------------------------------------------------+
194
195$template->parse('password');
196include(PHPWG_ROOT_PATH.'include/page_tail.php');
197
198?>
Note: See TracBrowser for help on using the repository browser.