source: trunk/password.php @ 2529

Last change on this file since 2529 was 2325, checked in by rub, 17 years ago

Resolved issue 0000823: Enhance upload functionalities

First commit, others will be follow.
Not hesitate to change my translations.

Add upload configuration tabsheet (move and add configuration)
Change and add define for access level
Can show upload link every time
Can restrict access upload.class.php
Can choice category on upload page
Add upload class not use for the moment
Review quickly and temporary style of upload.tpl

  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 6.2 KB
RevLine 
[866]1<?php
2// +-----------------------------------------------------------------------+
[2297]3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
[866]23
24// +-----------------------------------------------------------------------+
25// |                           initialization                              |
26// +-----------------------------------------------------------------------+
27
28define('PHPWG_ROOT_PATH','./');
29include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
[1018]30include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
[866]31
32// +-----------------------------------------------------------------------+
[1851]33// | Check Access and exit when user status is not ok                      |
34// +-----------------------------------------------------------------------+
[2325]35check_status(ACCESS_FREE);
[1851]36
37// +-----------------------------------------------------------------------+
[866]38// |                          send a new password                          |
39// +-----------------------------------------------------------------------+
40
41$page['errors'] = array();
42$page['infos'] = array();
43
44if (isset($_POST['submit']))
45{
46  $mailto =
[1531]47    '<a href="mailto:'.get_webmaster_mail_address().'">'
[866]48    .l10n('Contact webmaster')
49    .'</a>'
50    ;
51
52  if (isset($_POST['no_mail_address']) and $_POST['no_mail_address'] == 1)
53  {
54    array_push($page['infos'], l10n('Email address is missing'));
55    array_push($page['infos'], $mailto);
56  }
57  else if (isset($_POST['mail_address']) and !empty($_POST['mail_address']))
58  {
59    $mail_address = mysql_escape_string($_POST['mail_address']);
60   
61    $query = '
62SELECT '.$conf['user_fields']['id'].' AS id
63     , '.$conf['user_fields']['username'].' AS username
64     , '.$conf['user_fields']['email'].' AS email
[1070]65FROM '.USERS_TABLE.' as u
66  INNER JOIN '.USER_INFOS_TABLE.' AS ui
67      ON u.'.$conf['user_fields']['id'].' = ui.user_id
68WHERE '
69  .$conf['user_fields']['email'].' = \''.$mail_address.'\' AND
[1951]70  (
71    ui.status = \'normal\' OR
72    (ui.status in (\'admin\', \'webmaster\') AND ui.adviser = \'true\')
73  )
[866]74;';
75    $result = pwg_query($query);
76
77    if (mysql_num_rows($result) > 0)
78    {
79      $error_on_mail = false;
80      $datas = array();
81     
82      while ($row = mysql_fetch_array($result))
83      {
84        $new_password = generate_key(6);
85
86        $infos =
87          l10n('Username').': '.$row['username']
88          ."\n".l10n('Password').': '.$new_password
89          ;
90
[1809]91        if (pwg_mail($row['email'],
92              array('subject' => l10n('password updated'), 'content' => $infos)))
[866]93        {
94          $data =
95            array(
96              $conf['user_fields']['id']
97              => $row['id'],
98             
99              $conf['user_fields']['password']
100              => $conf['pass_convert']($new_password)
101              );
102
103          array_push($datas, $data);
104        }
105        else
106        {
107          $error_on_mail = true;
108        }
109      }
110     
111      if ($error_on_mail)
112      {
113        array_push($page['errors'], l10n('Error sending email'));
114        array_push($page['errors'], $mailto);
115      }
116      else
117      {
118        include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
119        mass_updates(
120          USERS_TABLE,
121          array(
122            'primary' => array($conf['user_fields']['id']),
123            'update' => array($conf['user_fields']['password'])
124          ),
125          $datas
126          );
127
128        array_push($page['infos'], l10n('New password sent by email'));
129      }
130    }
131    else
132    {
133      array_push($page['errors'], l10n('No user matches this email address'));
[1947]134      array_push($page['errors'], l10n('Administrator, webmaster and special user cannot use this method'));
[866]135      array_push($page['errors'], $mailto);
136    }
137  }
138}
139
140// +-----------------------------------------------------------------------+
141// |                        template initialization                        |
142// +-----------------------------------------------------------------------+
143
144$title = l10n('Forgot your password?');
145$page['body_id'] = 'thePasswordPage';
[2223]146
[866]147$template->set_filenames(array('password'=>'password.tpl'));
[2223]148$template->assign( array(
149    'F_ACTION'=> get_root_url().'password.php'
[866]150    )
151  );
152// +-----------------------------------------------------------------------+
153// |                        infos & errors display                         |
154// +-----------------------------------------------------------------------+
[2223]155$template->assign('errors', $page['errors']);
156$template->assign('infos', $page['infos']);
[866]157
158// +-----------------------------------------------------------------------+
159// |                           html code display                           |
160// +-----------------------------------------------------------------------+
[2223]161include(PHPWG_ROOT_PATH.'include/page_header.php');
162$template->pparse('password');
[866]163include(PHPWG_ROOT_PATH.'include/page_tail.php');
164
[1903]165?>
Note: See TracBrowser for help on using the repository browser.