} else { $error_count++; } } } // Add groups if (!empty($add_groups)) { // Convert string of comma-separated group_id's into array $group_ids_arr = explode(',', $add_groups); foreach ($group_ids_arr as $group_id) { if (addUserToGroup($user_id, $group_id)) { $success_count++; } else { $error_count++; } } } // Set primary group (must be done after group membership is set) if ($primary_group_id && $userdetails['primary_group_id'] != $primary_group_id) { if (updateUserPrimaryGroup($user_id, $primary_group_id)) { $success_count++; } else { $error_count++; } } restore_error_handler(); if ($error_count > 0) { apiReturnError($ajax, getReferralPage()); } else { apiReturnSuccess($ajax, getReferralPage()); }
} } $deny = $validate->optionalGetVar('deny'); // Code below should work on this page without any input and redirect the user back to login.php // User has denied this request if (!empty($deny)) { $token = trim($deny); if ($token == "" || !validateLostPasswordToken($token)) { $errors[] = lang("FORGOTPASS_INVALID_TOKEN"); } else { $userdetails = fetchUserAuthByActivationToken($token); if (!flagLostPasswordRequest($userdetails["user_name"], 0)) { $errors[] = lang("SQL_ERROR"); } else { $successes[] = lang("FORGOTPASS_REQUEST_CANNED"); } } } restore_error_handler(); foreach ($errors as $error) { addAlert("danger", $error); } foreach ($successes as $success) { addAlert("success", $success); } // Send to login page if failure if (count($errors) > 0) { apiReturnError($ajax, SITE_ROOT . "login.php"); } else { apiReturnSuccess($ajax, SITE_ROOT . "forgot_password.php"); }
} // Set primary group if (!empty($primary_group_id)) { if (updateUserPrimaryGroup($new_user_id, $primary_group_id)) { // Account creation was successful! addAlert("success", lang("ACCOUNT_PRIMARY_GROUP_SET")); addAlert("success", lang("ACCOUNT_CREATION_COMPLETE", array($user_name))); } else { $error_count++; } } // Otherwise, add default groups and set primary group for new users } else { if (dbAddUserToDefaultGroups($new_user_id)) { if ($require_activation) { // Activation required addAlert("success", lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE2")); } else { // No activation required addAlert("success", lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE1")); } } else { apiReturnError($ajax, $admin == "true" ? ACCOUNT_ROOT : SITE_ROOT); } } } else { apiReturnError($ajax, $admin == "true" ? ACCOUNT_ROOT : SITE_ROOT); } restore_error_handler(); apiReturnSuccess($ajax, $admin == "true" ? ACCOUNT_ROOT : SITE_ROOT);
$password_hash = passwordHashUF($password); if ($password_hash === null) { error_log("Notice: outdated password hash could not be updated because new hashing algorithm is not supported. Are you running PHP >= 5.3.7?"); } else { $loggedInUser->hash_pw = $password_hash; updateUserField($loggedInUser->user_id, 'password', $password_hash); error_log("Notice: outdated password hash has been automatically updated to modern hashing."); } } // Create the user's CSRF token $loggedInUser->csrf_token(true); $_SESSION["userCakeUser"] = $loggedInUser; $successes = array(); $successes[] = "Welcome back, " . $loggedInUser->displayname; } } } } } restore_error_handler(); foreach ($errors as $error) { addAlert("danger", $error); } foreach ($successes as $success) { addAlert("success", $success); } if (count($errors) > 0) { apiReturnError($ajax, SITE_ROOT . "login.php"); } else { apiReturnSuccess($ajax, ACCOUNT_ROOT); }
if (!$mail->newTemplateMsg("resend-activation.txt", $hooks)) { $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR"); } else { if (!$mail->sendMail($userdetails["email"], "Activate your " . $websiteName . " Account")) { $errors[] = lang("MAIL_ERROR"); } else { //Success, user details have been updated in the db now mail this information out. $successes[] = lang("ACCOUNT_NEW_ACTIVATION_SENT"); } } } } } } } } else { $errors[] = lang("NO_DATA"); } restore_error_handler(); foreach ($errors as $error) { addAlert("danger", $error); } foreach ($successes as $success) { addAlert("success", $success); } // Send to home page if failure if (count($errors) > 0) { apiReturnError($ajax, SITE_ROOT . "index.php"); } else { apiReturnSuccess($ajax, SITE_ROOT . "resend_activation.php"); }