/**
* Emails password to a user
*
* This will email the given user their password.
*
* @param string $username Username for which to get and email password
* @param string $passwd Unencrypted password (optional)
* @param int $msg Message number of message to show when done
* @return string Optionally returns the HTML for the default form if the user info can't be found
*
*/
function emailpassword($username, $passwd = '', $msg = 0)
{
global $_CONF, $_TABLES, $LANG04;
$retval = '';
$username = DB_escapeString($username);
// don't retrieve any remote users!
$result = DB_query("SELECT uid,email,status FROM {$_TABLES['users']} WHERE username = '******' AND (account_type & " . LOCAL_USER . ")");
$nrows = DB_numRows($result);
if ($nrows == 1) {
$A = DB_fetchArray($result);
if ($_CONF['usersubmission'] == 1 && $A['status'] == USER_ACCOUNT_AWAITING_APPROVAL) {
echo COM_refresh($_CONF['site_url'] . '/index.php?msg=48');
}
$mailresult = USER_createAndSendPassword($username, $A['email'], $A['uid'], $passwd);
if ($mailresult == false) {
echo COM_refresh("{$_CONF['site_url']}/index.php?msg=85");
} else {
if ($msg) {
echo COM_refresh("{$_CONF['site_url']}/index.php?msg={$msg}");
} else {
if ($_CONF['registration_type'] == 1) {
echo COM_refresh("{$_CONF['site_url']}/index.php?msg=3");
} else {
echo COM_refresh("{$_CONF['site_url']}/index.php?msg=1");
}
}
}
} else {
$retval = defaultform('');
}
return $retval;
}
/**
* User request for a new password - send email with a link and request id
*
* @param username string name of user who requested the new password
* @return string form or meta redirect
*/
function requestpassword($username)
{
global $_CONF, $_TABLES, $LANG04;
$retval = '';
// no remote users!
$result = DB_query("SELECT uid,email,passwd,status FROM {$_TABLES['users']} WHERE username = '******' AND ((remoteservice IS NULL) OR (remoteservice=''))");
$nrows = DB_numRows($result);
if ($nrows == 1) {
$A = DB_fetchArray($result);
if ($_CONF['usersubmission'] == 1 && $A['status'] == USER_ACCOUNT_AWAITING_APPROVAL) {
COM_redirect($_CONF['site_url'] . '/index.php?msg=48');
}
$reqid = substr(md5(uniqid(rand(), 1)), 1, 16);
DB_change($_TABLES['users'], 'pwrequestid', "{$reqid}", 'uid', $A['uid']);
$mailtext = sprintf($LANG04[88], $username);
$mailtext .= $_CONF['site_url'] . '/users.php?mode=newpwd&uid=' . $A['uid'] . '&rid=' . $reqid . "\n\n";
$mailtext .= $LANG04[89];
$mailtext .= "{$_CONF['site_name']}\n";
$mailtext .= "{$_CONF['site_url']}\n";
$subject = $_CONF['site_name'] . ': ' . $LANG04[16];
if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) {
$mailfrom = $_CONF['noreply_mail'];
$mailtext .= LB . LB . $LANG04[159];
} else {
$mailfrom = $_CONF['site_mail'];
}
if (COM_mail($A['email'], $subject, $mailtext, $mailfrom)) {
$msg = 55;
// message sent
} else {
$msg = 85;
// problem sending the email
}
$redirect = $_CONF['site_url'] . "/index.php?msg={$msg}";
COM_updateSpeedlimit('password');
COM_redirect($redirect);
} else {
$retval = COM_createHTMLDocument(defaultform($LANG04[17]), array('pagetitle' => $LANG04[17]));
}
return $retval;
}
