ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
ftimme
2012-11-14 aa78fde6a92f66b84d626e114d8b54a5fb6ece0c 
 interface/web/login/password_reset.php


@@ -43,29 +43,45 @@




if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '' && $_POST['username'] != 'admin') {


   


   if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error'));


   if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error'));


	


   $username = $app->db->quote($_POST['username']);


   $email = $app->db->quote($_POST['email']);


   


   $client = $app->db->queryOneRecord("SELECT * FROM client WHERE username = '$username' && email = '$email'");


	


   $client = $app->db->queryOneRecord("SELECT * FROM client WHERE username = '$username' AND email = '$email'");




   if($client['client_id'] > 0) {


      $new_password = md5 (uniqid (rand()));


      $new_password = $app->db->quote($new_password);


      $new_password = $app->auth->get_random_password();


      $new_password_encrypted = $app->auth->crypt_password($new_password);


      $new_password_encrypted = $app->db->quote($new_password_encrypted);


		


      $username = $app->db->quote($client['username']);


      $app->db->query("UPDATE sys_user SET passwort = md5('$new_password') WHERE username = '$username'");


      $app->db->query("UPDATE client SET ´password´ = md5('$new_password') WHERE username = '$username'");


      $app->db->query("UPDATE sys_user SET passwort = '$new_password_encrypted' WHERE username = '$username'");


      $app->db->query("UPDATE client SET password = '$new_password_encrypted' WHERE username = '$username'");


      $app->tpl->setVar("message",$wb['pw_reset']);


      


      mail($client['email'],$wb['pw_reset_mail_title'],$wb['pw_reset_mail_msg'].$new_password);


      $app->uses('getconf,ispcmail');


      $mail_config = $app->getconf->get_global_config('mail');


      if($mail_config['smtp_enabled'] == 'y') {


         $mail_config['use_smtp'] = true;


         $app->ispcmail->setOptions($mail_config);


      }


      $app->ispcmail->setSender($mail_config['admin_mail'], $mail_config['admin_name']);


      $app->ispcmail->setSubject($wb['pw_reset_mail_title']);


      $app->ispcmail->setMailText($wb['pw_reset_mail_msg'].$new_password);


      $app->ispcmail->send(array($client['contact_name'] => $client['email']));


      $app->ispcmail->finish();


      


      $app->plugin->raiseEvent('password_reset',true);


      $app->tpl->setVar("msg",$wb['pw_reset']);


   } else {


      $app->tpl->setVar("message",$wb['pw_error']);


      $app->tpl->setVar("error",$wb['pw_error']);


   }


   


} else {


   $app->tpl->setVar("message",$wb['pw_error_noinput']);


   $app->tpl->setVar("msg",$wb['pw_error_noinput']);


}








$app->tpl_defaults();