ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
Florian Schaal
2015-12-20 dedf5feaa2cf3072e90ac2bf2ef3885facd2e1a6 
 interface/web/login/password_reset.php


@@ -1,7 +1,7 @@


<?php




/*


Copyright (c) 2008, Till Brehm, projektfarm Gmbh


Copyright (c) 2008 - 2015, Till Brehm, ISPConfig UG


All rights reserved.




Redistribution and use in source and binary forms, with or without modification,


@@ -38,39 +38,49 @@




// Loading the template


$app->uses('tpl');


$app->tpl->newTemplate("form.tpl.htm");


$app->tpl->newTemplate('main_login.tpl.htm');


$app->tpl->setInclude('content_tpl', 'templates/password_reset.htm');




$app->tpl_defaults();




include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$_SESSION['s']['language'].'.lng';


$app->tpl->setVar($wb);


$continue = true;




if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '' && $_POST['username'] != 'admin') {




   if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error'));


   if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error'));


   if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) {


      $app->tpl->setVar("error", $wb['user_regex_error']);


      $continue = false;


   }


   if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) {


      $app->tpl->setVar("error", $wb['email_error']);


      $continue = false;


   }




   $username = $app->db->quote($_POST['username']);


   $email = $app->db->quote($_POST['email']);


   $username = $_POST['username'];


   $email = $_POST['email'];




   $client = $app->db->queryOneRecord("SELECT client.*, sys_user.lost_password_function FROM client,sys_user WHERE client.username = ? AND client.email = ? AND client.client_id = sys_user.client_id", $username, $email);




   if($client['lost_password_function'] == 0) {


      $app->tpl->setVar("error", $wb['lost_password_function_disabled_txt']);


   } else {


   } elseif ($continue) {


      if($client['client_id'] > 0) {


         $new_password = $app->auth->get_random_password();


         $server_config_array = $app->getconf->get_global_config();


         $min_password_length = 8;


         if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length'];


			


         $new_password = $app->auth->get_random_password($min_password_length, true);


         $new_password_encrypted = $app->auth->crypt_password($new_password);


         $new_password_encrypted = $app->db->quote($new_password_encrypted);




         $username = $app->db->quote($client['username']);


         $app->db->query("UPDATE sys_user SET passwort = '$new_password_encrypted' WHERE username = '$username'");


         $app->db->query("UPDATE client SET password = '$new_password_encrypted' WHERE username = '$username'");


         $username = $client['username'];


         $app->db->query("UPDATE sys_user SET passwort = ? WHERE username = ?", $new_password_encrypted, $username);


         $app->db->query("UPDATE client SET password = ? WHERE username = ?", $new_password_encrypted, $username);


         $app->tpl->setVar("message", $wb['pw_reset']);




         $app->uses('getconf,ispcmail');


         $mail_config = $app->getconf->get_global_config('mail');


         $mail_config = $server_config_array['mail'];


         if($mail_config['smtp_enabled'] == 'y') {


            $mail_config['use_smtp'] = true;


            $app->ispcmail->setOptions($mail_config);


@@ -88,9 +98,26 @@


      }


   }


} else {


   $app->tpl->setVar("msg", $wb['pw_error_noinput']);


   if(isset($_POST) && count($_POST) > 0) $app->tpl->setVar("msg", $wb['pw_error_noinput']);


}




$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default');




// Logo


$logo = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = 1");


if($logo['custom_logo'] != ''){


   $base64_logo_txt = $logo['custom_logo'];


} else {


   $base64_logo_txt = $logo['default_logo'];


}


$tmp_base64 = explode(',', $base64_logo_txt, 2);


$logo_dimensions = $app->functions->getimagesizefromstring(base64_decode($tmp_base64[1]));


$app->tpl->setVar('base64_logo_width', $logo_dimensions[0].'px');


$app->tpl->setVar('base64_logo_height', $logo_dimensions[1].'px');


$app->tpl->setVar('base64_logo_txt', $base64_logo_txt);




// Title


$app->tpl->setVar('company_name', $sys_config['company_name']. ' :: ');




$app->tpl_defaults();


$app->tpl->pparse();