source: trunk/password.php @ 9618

Last change on this file since 9618 was 9169, checked in by plg, 14 years ago

feature 2187 added: new trigger to enhance/modify lost password email.

  • Property svn:eol-style set to LF
File size: 6.2 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24// +-----------------------------------------------------------------------+
25// |                           initialization                              |
26// +-----------------------------------------------------------------------+
27
28define('PHPWG_ROOT_PATH','./');
29include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
30include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
31
32// +-----------------------------------------------------------------------+
33// | Check Access and exit when user status is not ok                      |
34// +-----------------------------------------------------------------------+
35check_status(ACCESS_FREE);
36
37// +-----------------------------------------------------------------------+
38// |                          send a new password                          |
39// +-----------------------------------------------------------------------+
40
41$page['errors'] = array();
42$page['infos'] = array();
43
44if (isset($_POST['submit']))
45{
46  $mailto =
47    '<a href="mailto:'.get_webmaster_mail_address().'">'
48    .l10n('Contact webmaster')
49    .'</a>'
50    ;
51
52  if (isset($_POST['no_mail_address']) and $_POST['no_mail_address'] == 1)
53  {
54    array_push($page['infos'], l10n('Email address is missing. Please specify an email address.'));
55    array_push($page['infos'], $mailto);
56  }
57  else if (isset($_POST['mail_address']) and !empty($_POST['mail_address']))
58  {
59    $mail_address = pwg_db_real_escape_string($_POST['mail_address']);
60   
61    $query = '
62SELECT '.$conf['user_fields']['id'].' AS id
63     , '.$conf['user_fields']['username'].' AS username
64     , '.$conf['user_fields']['email'].' AS email
65FROM '.USERS_TABLE.' as u
66  INNER JOIN '.USER_INFOS_TABLE.' AS ui
67      ON u.'.$conf['user_fields']['id'].' = ui.user_id
68WHERE '.$conf['user_fields']['email'].' = \''.$mail_address.'\'
69  AND ui.status = \'normal\'
70;';
71    $result = pwg_query($query);
72
73    if (pwg_db_num_rows($result) > 0)
74    {
75      $error_on_mail = false;
76      $datas = array();
77     
78      while ($row = pwg_db_fetch_assoc($result))
79      {
80        $new_password = generate_key(6);
81
82        $infos =
83          l10n('Username').': '.stripslashes($row['username'])
84          ."\n".l10n('Password').': '.$new_password
85          ;
86
87        $infos = trigger_event('render_lost_password_mail_content', $infos);
88
89        if (pwg_mail($row['email'],
90              array('subject' => l10n('password updated'), 'content' => $infos)))
91        {
92          $data =
93            array(
94              $conf['user_fields']['id']
95              => $row['id'],
96             
97              $conf['user_fields']['password']
98              => $conf['pass_convert']($new_password)
99              );
100
101          array_push($datas, $data);
102        }
103        else
104        {
105          $error_on_mail = true;
106        }
107      }
108     
109      if ($error_on_mail)
110      {
111        array_push($page['errors'], l10n('Error sending email'));
112        array_push($page['errors'], $mailto);
113      }
114      else
115      {
116        include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
117        mass_updates(
118          USERS_TABLE,
119          array(
120            'primary' => array($conf['user_fields']['id']),
121            'update' => array($conf['user_fields']['password'])
122          ),
123          $datas
124          );
125
126        array_push($page['infos'], l10n('New password sent by email'));
127      }
128    }
129    else
130    {
131      array_push($page['errors'], l10n('No classic user matches this email address'));
132      array_push($page['errors'], l10n('Administrator, webmaster and special user cannot use this method'));
133      array_push($page['errors'], $mailto);
134    }
135  }
136}
137
138// +-----------------------------------------------------------------------+
139// |                        template initialization                        |
140// +-----------------------------------------------------------------------+
141
142$title = l10n('Forgot your password?');
143$page['body_id'] = 'thePasswordPage';
144
145$template->set_filenames(array('password'=>'password.tpl'));
146$template->assign( array(
147    'F_ACTION'=> get_root_url().'password.php'
148    )
149  );
150// +-----------------------------------------------------------------------+
151// |                        infos & errors display                         |
152// +-----------------------------------------------------------------------+
153$template->assign('errors', $page['errors']);
154$template->assign('infos', $page['infos']);
155
156// +-----------------------------------------------------------------------+
157// |                           html code display                           |
158// +-----------------------------------------------------------------------+
159include(PHPWG_ROOT_PATH.'include/page_header.php');
160$template->pparse('password');
161include(PHPWG_ROOT_PATH.'include/page_tail.php');
162
163?>
Note: See TracBrowser for help on using the repository browser.