/** * Verify the credentials given * @param mysqli $db * @param string $username * @param string $resettoken */ function verifyResetToken($db, $username, $resettoken) { if ($stmt = checkprepare($db, 'SELECT UNIX_TIMESTAMP()-UNIX_TIMESTAMP(`resettime`) AS `age` FROM `users` WHERE `user`=? AND `resettoken`=?')) { checkBindParam($db, $stmt, "ss", $username, $resettoken); checkBindResult($db, $stmt, $age); if (checkExecute($db, $stmt)) { $result = $stmt->fetch(); $stmt->close(); if ($result === True) { return $age < MAX_RESET_VALIDITY; } else { return False; } } $stmt->close(); return False; } }
$host = $_SERVER['HTTP_HOST']; $secure = $host != 'localhost'; if (!$secure) { $host = NULL; } } else { $host = 'darwin.bournemouth.ac.uk'; $secure = TRUE; } // Actually unset the cookie setrawcookie($DARWINCOOKIENAME, '', $cookieexpire, '/', $host, $secure); if (isset($authtoken)) { $db = getAuthDb(); $requestip = $_SERVER["REMOTE_ADDR"]; $stmt = checkPrepare($db, 'DELETE FROM `tokens` WHERE `ip`=? AND `token`=?'); checkBindParam($db, $stmt, "ss", $requestip, $authtoken); checkExecute($db, $stmt); $stmt->close(); $db->commit(); cleanTokens($db); $db->close(); } // Whatever happens set the user for the rest of the page to null. setDarwinUser(NULL); if (isset($_REQUEST['redirect'])) { header('Location: ' . $_REQUEST['redirect']); exit; // Finished } else { if ($htmloutput) { showSuccessScreen();
$db->close(); handleError("Only one reset attempt allowed per " . MIN_RESET_DELAY . "seconds"); } $db->autocommit(FALSE); $fp = fopen('/dev/urandom', 'rb'); if ($fp !== FALSE) { $token = bin2hex(fread($fp, 10)); // 20 characters fclose($fp); } else { $db->close(); handleError("urandom not available"); $token = bin2hex(mt_rand()); } $stmt = checkPrepare($db, "UPDATE `users` SET `resettoken`=?, `resettime`=NOW() WHERE `user`=?"); checkBindParam($db, $stmt, "ss", $token, $user); checkExecute($db, $stmt); if ($stmt->affected_rows != 1) { $stmt->close(); $db->rollback(); $db->close(); handleError("Updating reset token affected " . $stmt->affected_rows . " rows"); exit; } else { $db->commit(); } $db->close(); $reseturl = 'https://darwin.bournemouth.ac.uk/accounts/chpasswd?user='******'&resettoken=' . $token; $mailbody = "<html><head><title>Darwin account password reset</title></head><body>\n" . '<p>Please visit <a href="' . $reseturl . '">' . $reseturl . "</a> to reset your password.</p>\n" . '<p>This token will be valid for 30 minutes. If you didn' . "'t initiate the reset,\n you can safely ignore this message</p>\n</body></html>"; if (mail($user . "@bournemouth.ac.uk", 'Darwin account password reset', $mailbody, "From: Darwin Automated Admin<*****@*****.**>\nContent-Type: text/html; charset=utf8")) { // if(mail(getDarwinEmail(), 'Darwin account password reset', $mailbody, "From: Darwin Automated Admin<*****@*****.**>\nContent-Type: text/html; charset=utf8")) {