protected function invokeHandler()
{
$specific = array();
$size = getimagesize($this->file->getAbsPath());
if ($size !== false) {
$specific['imagesize'] = $size[0] . ' x ' . $size[1] . ' px';
} else {
$specific['imagesize'] = System::getLanguage()->_('Unknown');
}
if (extension_loaded('imagick') && class_exists('Imagick')) {
try {
$i = new Imagick($this->file->getAbsPath());
$specific['format'] = $i->getimageformat();
} catch (Exception $e) {
Log::handleException($e, false);
if ($this->file->ext == "svg") {
Log::sysLog('ImageHandler', '"librsvg" is not installed. Without it Imagick could not handle .svg files!');
}
}
} else {
$specific['format'] = System::getLanguage()->_('Unknown');
}
$this->smarty->assign('specific', $specific);
$this->smarty->display('handler/image.tpl');
}
/**
* Construct
*/
public function __construct()
{
parent::__construct();
$this->JSRMS = new JSRMS();
$this->JSRMS->requireResource('system');
$this->muteExpectedErrors();
$this->setCacheDir(SYSTEM_ROOT . '/classes/smarty/cache/');
$this->setCompileDir(SYSTEM_ROOT . '/classes/smarty/templates_c/');
$this->setTemplateDir(SYSTEM_ROOT . '/view/');
$this->registerObject('Router', Router::getInstance(), array('build'), false);
$this->registerObject('L10N', System::getLanguage(), array('_'), false);
$this->assign('LoggedIn', System::getUser() != NULL);
$this->assign('User', System::getUser());
$this->assign('Navigation', Navigation::$elements);
$this->assign('LangStrings', System::getLanguage()->getAllStrings());
// Configuration
$this->assign('HTTP_BASEDIR', System::getBaseURL());
$this->assign('MOD_REWRITE', MOD_REWRITE);
$this->assign('MAX_UPLOAD_SIZE', Utils::maxUploadSize());
if (System::getSession()->getData('successMsg', '') != '') {
$this->assign('successMsg', System::getSession()->getData('successMsg', ''));
System::getSession()->setData('successMsg', '');
}
if (System::getSession()->getData('errorMsg', '') != '') {
$this->assign('errorMsg', System::getSession()->getData('errorMsg', ''));
System::getSession()->setData('errorMsg', '');
}
if (System::getSession()->getData('infoMsg', '') != '') {
$this->assign('infoMsg', System::getSession()->getData('infoMsg', ''));
System::getSession()->setData('infoMsg', '');
}
}
/**
* Create new request and sends email to user
* @static
* @param string Mail adress
* @throws MailFailureException, UserNotFoundException
*/
public static function createRequest($mail)
{
LostPW::cleanUp();
$user = User::find('email', $mail);
if ($user == NULL) {
throw new UserNotFoundException();
}
// Delete old requests
$sql = System::getDatabase()->prepare('DELETE FROM lostpw WHERE user_ID = :uid');
$sql->execute(array(':uid' => $user->uid));
// Create new request
$hash = LostPW::createHash();
$sql = System::getDatabase()->prepare('INSERT INTO lostpw (user_ID, hash, time) VALUES (:uid, :hash, :time)');
$sql->execute(array(':uid' => $user->uid, ':hash' => $hash, ':time' => time()));
// Send Mail
$content = new Template();
$content->assign('link', Router::getInstance()->build('AuthController', 'lostpw_check', array('hash' => $hash)));
$content->assign('user', $user);
$content->assign('title', System::getLanguage()->_('LostPW'));
// Determine template file
$tpl = 'mails/lostpw.' . LANGUAGE . '.tpl';
foreach ($content->getTemplateDir() as $dir) {
$file = 'mails/lostpw.' . $user->lang . '.tpl';
if (file_exists($dir . $file)) {
$tpl = $file;
break;
}
}
$mail = new Mail(System::getLanguage()->_('LostPW'), $content->fetch($tpl), $user);
$mail->send();
}
function smarty_modifier_lang($string, $param = NULL)
{
if ($param === NULL) {
return System::getLanguage()->_($string);
}
return sprintf(System::getLanguage()->_($string), $param);
}
private function loadFile()
{
if ($this->file != NULL) {
return;
}
$this->file = File::find('alias', $this->getParam('alias', ''));
if ($this->file == NULL) {
System::displayError(System::getLanguage()->_('ErrorFileNotFound'), '404 Not Found');
}
if (System::getUser() != NULL) {
$user_id = System::getUser()->uid;
} else {
$user_id = -1;
}
if ($user_id != $this->file->uid) {
if ($this->file->permission == FilePermissions::PRIVATE_ACCESS) {
System::displayError(System::getLanguage()->_('PermissionDenied'), '403 Forbidden');
exit;
} elseif ($this->file->permission == FilePermissions::RESTRICTED_ACCESS) {
if (is_array(System::getSession()->getData("authenticatedFiles"))) {
if (!in_array($this->file->alias, System::getSession()->getData("authenticatedFiles"))) {
System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file));
exit;
}
} else {
System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file));
exit;
}
}
}
}
/**
* Constructor
* @param string Field name
* @param string Label
* @param boolean Required field?
*/
public function __construct($name, $label, $required = false)
{
$this->type = 'checkbox';
$this->name = $name;
$this->label = $label;
$this->required = $required;
$this->error_msg = System::getLanguage()->_('ErrorPleaseCheck');
}
/**
* Constructor
*
* @param string Name des Formulars
* @param string Formular-Ziel
* @param string Formular-Typ (POST)
*/
public function __construct($name, $action = '', $method = 'post')
{
$this->name = $name;
$this->action = $action;
$this->method = strtolower($method);
$this->submit = new Button(System::getLanguage()->_('Submit'));
$this->submitName = 'submit';
}
public function index()
{
$user = System::getUser();
$form = new Form('form-profile');
$form->setAttribute('data-noajax', 'true');
$form->binding = $user;
$fieldset = new Fieldset(System::getLanguage()->_('General'));
$firstname = new Text('firstname', System::getLanguage()->_('Firstname'));
$firstname->binding = new Databinding('firstname');
$lastname = new Text('lastname', System::getLanguage()->_('Lastname'));
$lastname->binding = new Databinding('lastname');
$email = new Text('email', System::getLanguage()->_('EMail'), true);
$email->binding = new Databinding('email');
$email->blacklist = $this->getListOfMailAdresses($user);
$email->error_msg[4] = System::getLanguage()->_('ErrorMailAdressAlreadyExists');
$language = new Radiobox('lang', System::getLanguage()->_('Language'), L10N::getLanguages());
$language->binding = new Databinding('lang');
$fieldset->addElements($firstname, $lastname, $email, $language);
$form->addElements($fieldset);
$fieldset = new Fieldset(System::getLanguage()->_('Password'));
$password = new Password('password', System::getLanguage()->_('Password'));
$password->minlength = PASSWORD_MIN_LENGTH;
$password->binding = new Databinding('password');
$password2 = new Password('password2', System::getLanguage()->_('ReenterPassword'));
$fieldset->addElements($password, $password2);
$form->addElements($fieldset);
$fieldset = new Fieldset(System::getLanguage()->_('Settings'));
$quota = new Text('quota', System::getLanguage()->_('Quota'));
if ($user->quota > 0) {
$quota->value = System::getLanguage()->_('QuotaAvailabe', Utils::formatBytes($user->getFreeSpace()), Utils::formatBytes($user->quota));
} else {
$quota->value = System::getLanguage()->_('Unlimited');
}
$quota->readonly = true;
$fieldset->addElements($quota);
$form->addElements($fieldset);
if (Utils::getPOST('submit', false) !== false) {
if (!empty($password->value) && $password->value != $password2->value) {
$password2->error = System::getLanguage()->_('ErrorInvalidPasswords');
} else {
if ($form->validate()) {
$form->save();
System::getUser()->save();
System::getSession()->setData('successMsg', System::getLanguage()->_('ProfileUpdated'));
System::forwardToRoute(Router::getInstance()->build('ProfileController', 'index'));
exit;
}
}
} else {
$form->fill();
}
$form->setSubmit(new Button(System::getLanguage()->_('Save'), 'floppy-disk'));
$smarty = new Template();
$smarty->assign('title', System::getLanguage()->_('MyProfile'));
$smarty->assign('heading', System::getLanguage()->_('MyProfile'));
$smarty->assign('form', $form->__toString());
$smarty->display('form.tpl');
}
/**
* Constructor
* @param string Field name
* @param string Label
* @param boolean Required field?
*/
public function __construct($name, $label, $required = false)
{
$this->type = 'textarea';
$this->name = $name;
$this->label = $label;
$this->required = $required;
$this->columns = 30;
$this->rows = 10;
$this->error_msg = System::getLanguage()->_('ErrorEmptyTextfield');
}
/**
* Constructor
* @param string Field name
* @param string Label
* @param boolean Required field?
* @param string Allowed input
* @param int Max length
* @param int Min length
*/
public function __construct($name, $label, $required = false, $valid = '*', $maxlength = false, $minlength = false)
{
$this->type = 'text';
$this->name = $name;
$this->label = $label;
$this->required = $required;
$this->valid = $valid;
$this->maxlength = $maxlength;
$this->minlength = $minlength;
$this->error_msg = array(0 => System::getLanguage()->_('ErrorInvalidLengthMax'), 1 => System::getLanguage()->_('ErrorInvalidLengthMin'), 2 => System::getLanguage()->_('ErrorEmptyTextfield'), 3 => System::getLanguage()->_('ErrorInvalidNumber'), 4 => System::getLanguage()->_('ErrorInvalidInput'));
}
/**
* Formats a given timestamp to a localised date format
* @static
* @param int Timestamp
* @return string Formatted date
*/
public static function format($timestamp)
{
$day = date(System::getLanguage()->_('DateFormat'), $timestamp);
$time = date(System::getLanguage()->_('TimeFormat'), $timestamp);
if ($timestamp >= strtotime('yesterday')) {
$day = System::getLanguage()->_('Yesterday');
}
if ($timestamp >= strtotime('today') && $timestamp < strtotime('tomorrow')) {
$day = System::getLanguage()->_('Today');
}
return $day . ' ' . $time;
}
protected function invokeHandler()
{
$error = array();
if (Utils::isLocalhostServer()) {
$error[] = System::getLanguage()->_('NoLocalhost');
}
if ($this->file->permission != FilePermissions::PUBLIC_ACCESS) {
$error[] = System::getLanguage()->_('OnlyPublicFiles');
}
$router = Router::getInstance();
$link = $router->build('DownloadController', 'raw', $this->file);
$link = "http://view.officeapps.live.com/op/view.aspx?src=" . urlencode($link);
$this->smarty->assign('error', join('<br>', $error));
$this->smarty->assign('link', $link);
$this->smarty->display('handler/office.tpl');
}
/**
* Constructor
* @param string Field name
* @param string Label
* @param string[]|string[][] Options
*/
public function __construct($name, $label, $options = array(), $select_text = '')
{
$this->name = $name;
$this->label = $label;
$this->select_text = $select_text;
$this->required = false;
$this->type = 'select';
$this->error_msg = array(0 => System::getLanguage()->_('ErrorChooseOption'), 1 => System::getLanguage()->_('ErrorInvalidOption'));
if (!empty($select_text)) {
$this->required = true;
}
if (is_array($options) && count($options) > 0) {
$this->options = $options;
return true;
} else {
return false;
}
}
public function php()
{
parent::checkAuthentification();
parent::checkIfAdmin();
$entries = LogEntry::find('log', 'php');
if ($entries == NULL) {
$entries = array();
} else {
if ($entries instanceof LogEntry) {
$entries = array($entries);
}
}
usort($entries, array('LogEntry', 'compare'));
$smarty = new Template();
$smarty->assign('entries', $entries);
$smarty->assign('title', System::getLanguage()->_('Log'));
$smarty->assign('heading', System::getLanguage()->_('PHPEntries'));
$smarty->assign('showPHPEntries', true);
$smarty->display('log/log.tpl');
}
public static function getAll()
{
return array(FilePermissions::PUBLIC_ACCESS => System::getLanguage()->_('PermissionPublic'), FilePermissions::RESTRICTED_ACCESS => System::getLanguage()->_('PermissionProtected'), FilePermissions::PRIVATE_ACCESS => System::getLanguage()->_('PermissionPrivate'));
}
/**
* Handle uncaught exceptions
*/
public static function handleException()
{
try {
if (System::getLanguage() == NULL) {
throw new Exception();
}
$msg = System::getLanguage()->_('UnknownError');
} catch (Exception $e) {
$msg = 'An unknown error occured.';
}
self::displayError($msg);
}
/**
* Checks if user is an admin
* if not - HTTP 403 is shown
*/
public final function checkIfAdmin()
{
if (System::getUser() == NULL || !System::getUser()->isAdmin) {
System::displayError(System::getLanguage()->_('PermissionDenied'), '403 Forbidden');
}
}
public function download()
{
$file_alias = $this->getRequestParam('file_alias', NULL);
$file_id = $this->getRequestParam('file_id', NULL);
$fileObj = NULL;
if ($file_alias != NULL) {
$fileObj = File::find('alias', $file_alias);
} else {
if ($file_id != NULL) {
$fileObj = File::find('_id', $file_id);
}
}
if ($fileObj != NULL) {
$fileObj->download(true, false);
} else {
System::displayError(System::getLanguage()->_('ErrorFileNotFound'), '404 Not Found');
}
}
public function permissions()
{
try {
$file = File::find('alias', $this->getParam('alias', ''));
} catch (FileNotFoundException $e) {
System::displayError(System::getLanguage()->_('ErrorFileNotFound'), '404 Not Found');
}
$form = new Form('form-permissions', '');
$fieldset = new Fieldset(System::getLanguage()->_('PermissionSetting'));
$permission = new Select('permission', System::getLanguage()->_('Permission'), FilePermissions::getAll());
$permission->selected_value = $file->permission;
$password = new Password('password', System::getLanguage()->_('Password'));
$fieldset->addElements($permission, $password);
$form->addElements($fieldset);
if (Utils::getPOST('submit', false) !== false) {
if ($form->validate()) {
if ($permission->selected_value == 2 && empty($password->value)) {
$password->error = System::getLanguage()->_('InvalidPassword');
} else {
$file->permission->setPermission($permission->selected_value, $password->value);
System::forwardToRoute(Router::getInstance()->build('DownloadController', 'download', $file));
exit;
}
}
}
$form->addButton(new Button(System::getLanguage()->_('Cancel'), 'icon icon-cancel', Router::getInstance()->build('DownloadController', 'download', $file)));
$smarty = new Template();
$smarty->assign('title', System::getLanguage()->_('PermissionSetting'));
$smarty->assign('form', $form->__toString());
$smarty->display('form.tpl');
}
public function index()
{
// Get files
$sql = System::getDatabase()->query('SELECT u._id, u.username, u.firstname, u.lastname, IFNULL(SUM(f.size), 0) AS totalUserSize FROM users u LEFT JOIN files f ON u._id = f.user_ID GROUP BY u._id');
$used_space = 0;
$num_users = 0;
while ($user = $sql->fetch(PDO::FETCH_OBJ)) {
$used_space += $user->totalUserSize;
$obj = new Object();
$obj->username = $user->username;
$obj->firstname = $user->firstname;
$obj->lastname = $user->lastname;
$obj->used = $user->totalUserSize;
$users[] = $obj;
$num_users++;
}
$sql = System::getDatabase()->query('SELECT count(*) AS num_files from files');
$num_files = $sql->fetch(PDO::FETCH_OBJ);
$num_files = $num_files->num_files;
if ($num_users == 0) {
$files_per_user = 0;
} else {
$files_per_user = round($num_files / $num_users, 1);
}
// Newest User
$newUsers = User::find('*', NULL, array('orderby' => '_id', 'sort' => 'DESC'));
if (!is_array($newUsers)) {
$newUsers = array($newUsers);
}
// MIME statistics
$sql = System::getDatabase()->query('SELECT COUNT(*) AS num, mime FROM files GROUP BY mime ORDER BY num DESC LIMIT 6');
$mimes = array();
while ($mime = $sql->fetch(PDO::FETCH_OBJ)) {
$mimes[] = $mime;
}
// Quota
$available_space = disk_free_space(SYSTEM_ROOT . FILE_STORAGE_DIR);
// Version
$version = file_get_contents(SYSTEM_ROOT . '/VERSION');
$phpversion = phpversion();
$res = System::getDatabase()->query('SELECT VERSION() AS mysql_version');
$row = $res->fetch(PDO::FETCH_ASSOC);
if (!isset($row['mysql_version'])) {
$mysqlversion = System::getLanguage()->_('Unknown');
} else {
$mysqlversion = $row['mysql_version'];
}
// Extensions
$imagick = extension_loaded('imagick') && class_exists('Imagick');
$rar = extension_loaded('rar') && class_exists('RarArchive');
$maxpost = Utils::parseInteger(ini_get('post_max_size'));
$maxupload = Utils::parseInteger(ini_get('upload_max_filesize'));
$smarty = new Template();
$smarty->assign('title', System::getLanguage()->_('Admin'));
$smarty->assign('heading', System::getLanguage()->_('Admin'));
$smarty->assign('num_users', $num_users);
$smarty->assign('num_files', $num_files);
$smarty->assign('newUsers', $newUsers);
$smarty->assign('userByQutoa', $users);
$smarty->assign('mimes', $mimes);
$smarty->assign('filesPerUser', $files_per_user);
$smarty->assign('usedSpace', $used_space);
$smarty->assign('availableSpace', $available_space);
$smarty->assign('version', $version);
$smarty->assign('phpversion', $phpversion);
$smarty->assign('mysqlversion', $mysqlversion);
$smarty->assign('maxpost', $maxpost);
$smarty->assign('maxupload', $maxupload);
$smarty->assign('imagick', $imagick);
$smarty->assign('rar', $rar);
$smarty->requireResource('admin');
$smarty->display('admin/index.tpl');
}
public function __construct($message, $code = 0, $previous = NULL)
{
parent::__construct(System::getLanguage()->_($message), $code, $previous);
}
protected function renderElement()
{
$html = array();
if (empty($this->uploaded_file)) {
$attr = array('name' => $this->name, 'id' => $this->getDOMId(), 'class' => 'form-control');
$html[] = ' <input type="file" ' . $this->serialiseAttributes($attr) . '/>';
} else {
$hidden = new Hidden($this->name, $this->label);
$hidden->setValue($this->uploaded_file . '||' . $this->filename);
$html[] = $hidden->render();
$html[] = ' <label>' . $this->label . '</label>';
$html[] = ' <p class="form-control-static">';
$html[] = ' ' . System::getLanguage()->_('MessageFileAlreadySelected');
$html[] = ' </p>';
}
return implode("\n", $html);
}
public function delete()
{
$user = User::find('_id', $this->getParam('uid', 0));
if ($user == NULL) {
System::displayError(System::getLanguage()->_('ErrorUserNotFound'), '404 Not Found');
} else {
if ($user->uid == System::getUser()->uid) {
System::displayError(System::getLanguage()->_('ErrorCannotDeleteYourself'), '403 Forbidden');
}
}
$form = new Form('form-user', Router::getInstance()->build('UsersController', 'delete', $user));
$fieldset = new Fieldset(System::getLanguage()->_('Confirm'));
$checkbox = new Checkbox('confirm', System::getLanguage()->_('ConfirmDeleteUser'), true);
$p = new Paragraph(System::getLanguage()->_('ConfirmDeleteUserInfo'));
$fieldset->addElements($checkbox, $p);
$form->addElements($fieldset);
$form->setSubmit(new Button(System::getLanguage()->_('Confirm'), 'icon icon-delete'));
$form->addButton(new Button(System::getLanguage()->_('Cancel'), 'icon icon-cancel', Router::getInstance()->build('UsersController', 'index')));
if (Utils::getPOST('submit', false) !== false) {
if ($form->validate()) {
$user->delete();
System::forwardToRoute(Router::getInstance()->build('UsersController', 'index'));
exit;
}
}
$smarty = new Template();
$smarty->assign('title', System::getLanguage()->_('DeleteUser'));
$smarty->assign('heading', System::getLanguage()->_('DeleteUser'));
$smarty->assign('form', $form);
$smarty->display('form.tpl');
}
public function upload()
{
$form = new Form('form-upload', Router::getInstance()->build('UploadController', 'upload'));
$form->setAttribute('data-noajax', 'true');
$form->setEnctype();
$fieldset = new Fieldset(System::getLanguage()->_('General'));
$folderInput = new Select('folder', System::getLanguage()->_('ChooseFolder'), Folder::getAll());
$folderInput->selected_value = Utils::getGET('parent', NULL);
$fieldset->addElements($folderInput);
$form->addElements($fieldset);
$fieldset = new Fieldset(System::getLanguage()->_('FileUpload'));
$fileInput = new FileUpload('file', System::getLanguage()->_('ChooseFile'), false);
$fieldset->addElements($fileInput);
$form->addElements($fieldset);
if (DOWNLOAD_VIA_SERVER) {
$fieldset = new Fieldset(System::getLanguage()->_('UploadFromURL'));
$url = new Text('url', System::getLanguage()->_('EnterURL'), false);
$name = new Text('name', System::getLanguage()->_('Name'), false);
$name->setValue(System::getLanguage()->_('DownloadedFile'));
$fieldset->addElements($url, $name);
$form->addElements($fieldset);
}
$fieldset = new Fieldset(System::getLanguage()->_('PermissionSetting'));
$permissionInput = new Select('permissions', System::getLanguage()->_('Permission'), FilePermissions::getAll());
$permissionInput->selected_value = DEFAULT_FILE_PERMISSION;
$password = new Password('password', System::getLanguage()->_('Password'), false);
$fieldset->addElements($permissionInput, $password);
$form->addElements($fieldset);
if (Utils::getPOST('submit', false) != false) {
if ($permissionInput->selected_value == 2 && empty($password->value)) {
$password->error = System::getLanguage()->_('ErrorEmptyTextfield');
} else {
if ($form->validate() && (!empty($url->value) || !empty($fileInput->uploaded_file))) {
// Specify input control for error display
$err = empty($url->value) ? $fileInput : $url;
try {
$folder = Folder::find('_id', $folderInput->selected_value);
$file = new File();
$file->folder = $folder;
$file->permission = $permissionInput->selected_value;
$file->password = $password->value;
if (empty($url->value)) {
$file->filename = $fileInput->filename;
$file->upload($fileInput->uploaded_file);
} else {
$file->filename = $name->value;
$file->remote($url->value);
}
$file->save();
System::forwardToRoute(Router::getInstance()->build('BrowserController', 'show', $folder));
exit;
} catch (UploadException $e) {
$fileInput->filename = '';
$fileInput->uploaded_file = '';
$err->error = $e->getMessage();
if ($e->getCode() != 0) {
$err->error .= ' Code: ' . $e->getCode();
}
} catch (QuotaExceededException $e) {
$err->error = System::getLanguage()->_('ErrorQuotaExceeded');
} catch (Exception $e) {
$fileInput->filename = '';
$fileInput->uploaded_file = '';
$err->error = System::getLanguage()->_('ErrorWhileUpload') . ' ' . $e->getMessage();
}
}
}
}
$form->setSubmit(new Button(System::getLanguage()->_('Upload'), 'open'));
if ($folderInput->selected_value == 0) {
$form->addButton(new Button(System::getLanguage()->_('Cancel'), '', Router::getInstance()->build('BrowserController', 'index')));
} else {
$form->addButton(new Button(System::getLanguage()->_('Cancel'), '', Router::getInstance()->build('BrowserController', 'show', new Folder($folderInput->selected_value))));
}
$smarty = new Template();
$smarty->assign('title', System::getLanguage()->_('Upload'));
$smarty->assign('heading', System::getLanguage()->_('FileUpload'));
$smarty->assign('form', $form->__toString());
$smarty->assign('BODY_CLASS', 'preventreload');
$smarty->requireResource('upload');
$smarty->display('form.tpl');
}
/**
* Determines controller and action
*/
public function run()
{
$uri = $this->getCurrentURI();
$route = NULL;
$params = array();
// Try to match a pattern
foreach ($this->routes as $r) {
// Case 1: no params => pattern == uri
if ($r->getPattern() == $uri) {
$route = $r;
break;
}
// Case 2: params - let's go
$result = Router::matchRoute($r, $uri);
if ($result !== false && is_array($result)) {
$params = $result;
$route = $r;
// Don't break here: maybe there is a
// route that matches better :D
}
}
if ($route != NULL) {
$this->runController($route, $params);
} else {
System::displayError(System::getLanguage()->_('ErrorRouteNotFound'), '404 Not Found');
}
}
public function lostpw_check()
{
$hash = $this->getParam('hash', '');
if (!LostPW::hashExists($hash)) {
System::getSession()->setData('errorMsg', System::getLanguage()->_('HashNotFound'));
System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index'));
}
$password = Utils::getPOST('password', '');
$password2 = Utils::getPOST('password2', '');
$errorMsg = '';
if (Utils::getPOST('submit', false) != false) {
if (strlen($password) < PASSWORD_MIN_LENGTH) {
$errorMsg = sprintf(System::getLanguage()->_('PasswordMinLength'), PASSWORD_MIN_LENGTH);
} else {
if ($password != $password2) {
$errorMsg = System::getLanguage()->_('ErrorInvalidPasswords');
} else {
LostPW::resetPassword($hash, $password);
System::getSession()->setData('successMsg', System::getLanguage()->_('LostPWSuccess'));
System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index'));
}
}
}
$smarty = new Template();
$smarty->assign('title', System::getLanguage()->_('LostPW'));
$smarty->assign('successMsg', '');
$smarty->assign('form_url', Router::getInstance()->build('AuthController', 'lostpw_check', array('hash' => $hash)));
$smarty->assign('errorMsg', $errorMsg);
$smarty->requireResource('auth');
$smarty->display('auth/lostpw.newpw.tpl');
}