From 73813a4bd2c3d3fcefecbd73416e8bb27273225f Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Fri, 24 Jan 2014 11:36:39 -0500
Subject: [PATCH] Merged domains, vhost subdomains and vhost aliasdomains into vhost domains
---
interface/web/login/password_reset.php | 68 +++++++++++++++++----------------
1 files changed, 35 insertions(+), 33 deletions(-)
diff --git a/interface/web/login/password_reset.php b/interface/web/login/password_reset.php
index 5c23cc4..e29b163 100644
--- a/interface/web/login/password_reset.php
+++ b/interface/web/login/password_reset.php
@@ -28,58 +28,60 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
// Loading the template
$app->uses('tpl');
$app->tpl->newTemplate("form.tpl.htm");
-$app->tpl->setInclude('content_tpl','templates/password_reset.htm');
+$app->tpl->setInclude('content_tpl', 'templates/password_reset.htm');
$app->tpl_defaults();
-include(ISPC_ROOT_PATH.'/web/login/lib/lang/'.$_SESSION['s']['language'].'.lng');
+include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$_SESSION['s']['language'].'.lng';
$app->tpl->setVar($wb);
if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '' && $_POST['username'] != 'admin') {
-
+
if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error'));
if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error'));
-
+
$username = $app->db->quote($_POST['username']);
$email = $app->db->quote($_POST['email']);
-
+
$client = $app->db->queryOneRecord("SELECT * FROM client WHERE username = '$username' AND email = '$email'");
-
+
if($client['client_id'] > 0) {
- $new_password = md5 (uniqid (rand()));
- $salt="$1$";
- $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
- for ($n=0;$n<8;$n++) {
- //$salt.=chr(mt_rand(64,126));
- $salt.=$base64_alphabet[mt_rand(0,63)];
- }
- $salt.="$";
- $new_password_encrypted = crypt($new_password,$salt);
+ $new_password = $app->auth->get_random_password();
+ $new_password_encrypted = $app->auth->crypt_password($new_password);
$new_password_encrypted = $app->db->quote($new_password_encrypted);
-
+
$username = $app->db->quote($client['username']);
$app->db->query("UPDATE sys_user SET passwort = '$new_password_encrypted' WHERE username = '$username'");
- $app->db->query("UPDATE client SET �password� = '$new_password_encrypted' WHERE username = '$username'");
- $app->tpl->setVar("message",$wb['pw_reset']);
-
- mail($client['email'],$wb['pw_reset_mail_title'],$wb['pw_reset_mail_msg'].$new_password);
-
- $app->plugin->raiseEvent('password_reset',true);
-
- } else {
- $app->tpl->setVar("message",$wb['pw_error']);
- }
-
-} else {
- $app->tpl->setVar("message",$wb['pw_error_noinput']);
-}
+ $app->db->query("UPDATE client SET password = '$new_password_encrypted' WHERE username = '$username'");
+ $app->tpl->setVar("message", $wb['pw_reset']);
+ $app->uses('getconf,ispcmail');
+ $mail_config = $app->getconf->get_global_config('mail');
+ if($mail_config['smtp_enabled'] == 'y') {
+ $mail_config['use_smtp'] = true;
+ $app->ispcmail->setOptions($mail_config);
+ }
+ $app->ispcmail->setSender($mail_config['admin_mail'], $mail_config['admin_name']);
+ $app->ispcmail->setSubject($wb['pw_reset_mail_title']);
+ $app->ispcmail->setMailText($wb['pw_reset_mail_msg'].$new_password);
+ $app->ispcmail->send(array($client['contact_name'] => $client['email']));
+ $app->ispcmail->finish();
+
+ $app->plugin->raiseEvent('password_reset', true);
+ $app->tpl->setVar("msg", $wb['pw_reset']);
+ } else {
+ $app->tpl->setVar("error", $wb['pw_error']);
+ }
+
+} else {
+ $app->tpl->setVar("msg", $wb['pw_error_noinput']);
+}
$app->tpl_defaults();
@@ -89,4 +91,4 @@
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1