$output = webLoginAlert("Error while loading user account. Please contact the Site Administrator");
    }
    return;
}
# process password reminder
if ($isPWDReminder == 1) {
    $email = $_POST['txtwebemail'];
    $webpwdreminder_message = $modx->config['webpwdreminder_message'];
    $emailsubject = $modx->config['emailsubject'];
    $emailsender = $modx->config['emailsender'];
    $site_name = $modx->config['site_name'];
    // lookup account
    $ds = $modx->db->select('wu.*, wua.fullname', $modx->getFullTableName('web_users') . " AS wu INNER JOIN " . $modx->getFullTableName('web_user_attributes') . " AS wua ON wua.internalkey=wu.id", "wua.email='" . $modx->db->escape($email) . "'");
    if ($row = $modx->db->getRow($ds)) {
        $newpwd = webLoginGeneratePassword(8);
        $newpwdkey = webLoginGeneratePassword(8);
        // activation key
        //save new password
        $modx->db->update(array('cachepwd' => "{$newpwd}|{$newpwdkey}"), $modx->getFullTableName('web_users'), "id='{$row['id']}'");
        // built activation url
        $xhtmlUrlSetting = $modx->config['xhtml_urls'];
        $modx->config['xhtml_urls'] = false;
        if ($_SERVER['SERVER_PORT'] != '80') {
            $url = $modx->config['server_protocol'] . '://' . $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT'] . $modx->makeURL($modx->documentIdentifier, '', "webloginmode=actp&wli=" . $row['id'] . "&wlk=" . $newpwdkey);
        } else {
            $url = $modx->config['server_protocol'] . '://' . $_SERVER['SERVER_NAME'] . $modx->makeURL($modx->documentIdentifier, '', "webloginmode=actp&wli=" . $row['id'] . "&wlk=" . $newpwdkey);
        }
        $modx->config['xhtml_urls'] = $xhtmlUrlSetting;
        // replace placeholders and send email
        $message = str_replace("[+uid+]", $row['username'], $webpwdreminder_message);
        $message = str_replace("[+pwd+]", $newpwd, $message);
Ejemplo n.º 2
0
 if (isset($_POST['password'])) {
     // verify password
     if ($_POST['password'] != $_POST['confirmpassword']) {
         $output = webLoginAlert("Password typed is mismatched") . $tpl;
         return;
     }
     // check password
     if (strlen($password) < 6) {
         $output = webLoginAlert("Password is too short!") . $tpl;
         return;
     } elseif ($password == "") {
         $output = webLoginAlert("You didn't specify a password for this user!") . $tpl;
         return;
     }
 } else {
     $password = webLoginGeneratePassword();
 }
 // verify form code
 if ($useCaptcha && $_SESSION['veriword'] != $formcode) {
     $output = webLoginAlert("Incorrect form code. Please enter the correct code displayed by the image.") . $tpl;
     return;
 }
 // create the user account
 $sql = "INSERT INTO " . $modx->getFullTableName("web_users") . " (username, password) \n            VALUES('" . $username . "', md5('" . $password . "'));";
 $rs = $modx->db->query($sql);
 if (!$rs) {
     $output = webLoginAlert("An error occured while attempting to save the user.") . $tpl;
     return;
 }
 // now get the id
 $key = $modx->db->getInsertId();
Ejemplo n.º 3
0
     $output = webLoginAlert("Password typed is mismatched", 1) . $tpl;
     return;
 }
 // generate a new password for this user
 if ($specifiedpassword != "" && $passwordgenmethod == "spec") {
     if (strlen($specifiedpassword) < 6) {
         $output = webLoginAlert("Password is too short!") . $tpl;
         return;
     } else {
         $newpassword = $specifiedpassword;
     }
 } elseif ($specifiedpassword == "" && $passwordgenmethod == "spec") {
     $output = webLoginAlert("You didn't specify a password for this user!") . $tpl;
     return;
 } elseif ($passwordgenmethod == 'g') {
     $newpassword = webLoginGeneratePassword(8);
 } else {
     $output = webLoginAlert("No password generation method specified!") . $tpl;
     return;
 }
 // handle notification
 if ($passwordnotifymethod == 'e') {
     $rt = webLoginSendNewPassword($ds["email"], $ds["username"], $newpassword, $ds["fullname"]);
     if ($rt !== true) {
         // an error occured
         $output = $rt . $tpl;
         return;
     } else {
         $newpassmsg = "A copy of the new password was sent to your email address.";
     }
 } else {