View::$vars->message_type = 'error'; } } /*********************** Handle forgot login form ***********************/ if (isset($_POST['submitted_forgot'])) { View::$vars->forgot_submit = TRUE; // validate email $string = '/^[a-z0-9][a-z0-9\\._-]+@[a-z0-9][a-z0-9\\.-]+[a-z0-9]{2,4}$/i'; if (!empty($_POST['email']) && !ctype_space($_POST['email']) && preg_match($string, $_POST['email'])) { $data = array('email' => $_POST['email']); $user_id = User::Exist($data); if ($user_id) { $user = new User($user_id); $new_password = $user->ResetPassword(); View::$vars->message = Language::GetText('success_login_sent'); View::$vars->message_type = 'success'; View::$vars->forgot_submit = NULL; $replacements = array('sitename' => $config->sitename, 'username' => $user->username, 'password' => $new_password); $mail = new Mail(); $mail->LoadTemplate('forgot_password', $replacements); $mail->Send($user->email); Plugin::Trigger('login.password_reset'); } else { View::$vars->message = Language::GetText('error_no_users_email'); View::$vars->message_type = 'error'; } } else { View::$vars->message = Language::GetText('error_email'); View::$vars->message_type = 'error';
if (isset($_POST["func"])) { if ($_POST["func"] == "GetModules" && isset($_POST["system"])) { global $m; $m->GetModules($_POST["system"]); } elseif ($_POST["func"] == "CreateModule") { Page::CreatePage($_POST["value"]); } elseif ($_POST["func"] == "EditPage") { Page::EditPage($_POST["value"]); } elseif ($_POST["func"] == "PrintAll") { global $m; $m->PrintAll(); } elseif ($_POST["func"] == "EditSystemPage") { Page::EditSystemPage($_POST["value"]); } elseif ($_POST["func"] == "RemovePage") { Page::RemovePage($_POST["value"]); } elseif ($_POST["func"] == "UserAuth") { User::Authorize($_POST["value"]); } elseif ($_POST["func"] == "ResetPassword") { User::ResetPassword($_POST["value"]); } elseif ($_POST["func"] == "ChangePass") { User::ChangePassword($_POST["oldPass"], $_POST["newPass"]); } elseif ($_POST["func"] == "PhotoUpload") { PhotoUpload($_POST["value"]); } elseif ($_POST["func"] == "PrintPDF") { Page::PrintPDF($_POST["value"]); } } if (isset($_GET["page"])) { $page = Page::GetPageByModuleName($_GET["page"], true); echo $page["content"]; }
$data = json_decode($app->request->getBody(), true); $email = $data['email']; $captcha = $data['captcha']; if (!$email || !filter_var($email, FILTER_VALIDATE_EMAIL)) { throw new Exception("No valid email address was supplied", 400); } elseif (!$captcha) { throw new Exception("Captcha was not provided", 400); } else { // Validate Captcha $recaptcha = new \ReCaptcha\ReCaptcha(GOOGLE_RECAPTCHA_PRIVATE_KEY); $verify = $recaptcha->verify($captcha, $app->request->getIp()); if (!$verify->isSuccess()) { throw new Exception("Humanity not confirmed", 400); } // Update user password if ($password = User::ResetPassword($email)) { $message = "Your password has been reset by your request:\n\n" . $password . "\n\nDon't lose it this time!"; if (!Mail::send($email, 'Forgetful user', "Password reset", $message)) { throw new Exception("Error sending email", 500); } $app->render_json(["message" => 'ok']); } else { throw new Exception("Something went wrong!", 500); } } }); /* Get the current authenticated user info **********************************************************************************************************************/ $app->get('/me', function () use($app) { $token = $app->request->headers->get('Token'); if ($user = User::GetByToken($token)) {