View::$vars->message_type = 'error';
}
}
/***********************
Handle forgot login form
***********************/
if (isset($_POST['submitted_forgot'])) {
View::$vars->forgot_submit = TRUE;
// validate email
$string = '/^[a-z0-9][a-z0-9\\._-]+@[a-z0-9][a-z0-9\\.-]+[a-z0-9]{2,4}$/i';
if (!empty($_POST['email']) && !ctype_space($_POST['email']) && preg_match($string, $_POST['email'])) {
$data = array('email' => $_POST['email']);
$user_id = User::Exist($data);
if ($user_id) {
$user = new User($user_id);
$new_password = $user->ResetPassword();
View::$vars->message = Language::GetText('success_login_sent');
View::$vars->message_type = 'success';
View::$vars->forgot_submit = NULL;
$replacements = array('sitename' => $config->sitename, 'username' => $user->username, 'password' => $new_password);
$mail = new Mail();
$mail->LoadTemplate('forgot_password', $replacements);
$mail->Send($user->email);
Plugin::Trigger('login.password_reset');
} else {
View::$vars->message = Language::GetText('error_no_users_email');
View::$vars->message_type = 'error';
}
} else {
View::$vars->message = Language::GetText('error_email');
View::$vars->message_type = 'error';
if (isset($_POST["func"])) {
if ($_POST["func"] == "GetModules" && isset($_POST["system"])) {
global $m;
$m->GetModules($_POST["system"]);
} elseif ($_POST["func"] == "CreateModule") {
Page::CreatePage($_POST["value"]);
} elseif ($_POST["func"] == "EditPage") {
Page::EditPage($_POST["value"]);
} elseif ($_POST["func"] == "PrintAll") {
global $m;
$m->PrintAll();
} elseif ($_POST["func"] == "EditSystemPage") {
Page::EditSystemPage($_POST["value"]);
} elseif ($_POST["func"] == "RemovePage") {
Page::RemovePage($_POST["value"]);
} elseif ($_POST["func"] == "UserAuth") {
User::Authorize($_POST["value"]);
} elseif ($_POST["func"] == "ResetPassword") {
User::ResetPassword($_POST["value"]);
} elseif ($_POST["func"] == "ChangePass") {
User::ChangePassword($_POST["oldPass"], $_POST["newPass"]);
} elseif ($_POST["func"] == "PhotoUpload") {
PhotoUpload($_POST["value"]);
} elseif ($_POST["func"] == "PrintPDF") {
Page::PrintPDF($_POST["value"]);
}
}
if (isset($_GET["page"])) {
$page = Page::GetPageByModuleName($_GET["page"], true);
echo $page["content"];
}
$data = json_decode($app->request->getBody(), true);
$email = $data['email'];
$captcha = $data['captcha'];
if (!$email || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
throw new Exception("No valid email address was supplied", 400);
} elseif (!$captcha) {
throw new Exception("Captcha was not provided", 400);
} else {
// Validate Captcha
$recaptcha = new \ReCaptcha\ReCaptcha(GOOGLE_RECAPTCHA_PRIVATE_KEY);
$verify = $recaptcha->verify($captcha, $app->request->getIp());
if (!$verify->isSuccess()) {
throw new Exception("Humanity not confirmed", 400);
}
// Update user password
if ($password = User::ResetPassword($email)) {
$message = "Your password has been reset by your request:\n\n" . $password . "\n\nDon't lose it this time!";
if (!Mail::send($email, 'Forgetful user', "Password reset", $message)) {
throw new Exception("Error sending email", 500);
}
$app->render_json(["message" => 'ok']);
} else {
throw new Exception("Something went wrong!", 500);
}
}
});
/* Get the current authenticated user info
**********************************************************************************************************************/
$app->get('/me', function () use($app) {
$token = $app->request->headers->get('Token');
if ($user = User::GetByToken($token)) {
