Example #1
0
 /**
  * @group IL_Init
  */
 public function testPasswordAssisstanceSession()
 {
     global $ilUser;
     include_once "./include/inc.pwassist_session_handler.php";
     $result = "";
     // write session
     db_pwassist_session_write("12345", 60, $ilUser->getId());
     // find
     $res = db_pwassist_session_find($ilUser->getId());
     if ($res["pwassist_id"] == "12345") {
         $result .= "find-";
     }
     // read
     $res = db_pwassist_session_read("12345");
     if ($res["user_id"] == $ilUser->getId()) {
         $result .= "read-";
     }
     // destroy
     db_pwassist_session_destroy("12345");
     $res = db_pwassist_session_read("12345");
     if (!$res) {
         $result .= "destroy-";
     }
     db_pwassist_session_gc();
     $this->assertEquals("find-read-destroy-", $result);
 }
 /** Creates (or reuses) a password assistance session, and sends a password
  * assistance mail to the specified user.
  * 
  * Note: To prevent DOS attacks, a new session is created only, if no session
  * exists, or if the existing session has been expired.
  *
  * The password assistance mail contains an URL, which points to this script
  * and contains the following URL parameters:
  * client_id
  * key
  *
  * @param usrObj An instance of class.ilObjUserObject.php.
  */
 function sendPasswordAssistanceMail($userObj)
 {
     global $lng, $ilias;
     include_once "Services/Mail/classes/class.ilMailbox.php";
     include_once "Services/Mail/classes/class.ilMimeMail.php";
     require_once "include/inc.pwassist_session_handler.php";
     // Check if we need to create a new session
     $pwassist_session = db_pwassist_session_find($userObj->getId());
     if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time() || true) {
         // Create a new session id
         // #9700 - this didn't do anything before?!
         // db_set_save_handler();
         session_start();
         $pwassist_session["pwassist_id"] = db_pwassist_create_id();
         session_destroy();
         db_pwassist_session_write($pwassist_session["pwassist_id"], 3600, $userObj->getId());
     }
     $protocol = isset($_SERVER['HTTPS']) ? "https://" : "http://";
     // Compose the mail
     $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
     // XXX - Werner Randelshofer - Insert code here to dynamically get the
     //      the delimiter. For URL's that are sent by e-mail to a user,
     //      it is best to use semicolons as parameter delimiter
     $delimiter = "&";
     $pwassist_url = $protocol . $_SERVER['HTTP_HOST'] . str_replace("ilias.php", "pwassist.php", $_SERVER['PHP_SELF']) . "?client_id=" . $ilias->getClientId() . $delimiter . "lang=" . $lng->getLangKey() . $delimiter . "key=" . $pwassist_session["pwassist_id"];
     $alternative_pwassist_url = $protocol . $_SERVER['HTTP_HOST'] . str_replace("ilias.php", "pwassist.php", $_SERVER['PHP_SELF']) . "?client_id=" . $ilias->getClientId() . $delimiter . "lang=" . $lng->getLangKey() . $delimiter . "key=" . $pwassist_session["pwassist_id"];
     $contact_address = $ilias->getSetting("admin_email");
     //echo "<br>-".htmlentities($pwassist_url)."-";
     $mm = new ilMimeMail();
     $mm->Subject($lng->txt("pwassist_mail_subject"));
     $mm->From($contact_address);
     $mm->To($userObj->getEmail());
     $mm->Body(str_replace(array("\\n", "\\t"), array("\n", "\t"), sprintf($lng->txt("pwassist_mail_body"), $pwassist_url, $server_url, $_SERVER['REMOTE_ADDR'], $userObj->getLogin(), 'mailto:' . $contact_address, $alternative_pwassist_url)));
     $mm->Send();
 }
 /**
  * Creates (or reuses) a password assistance session, and sends a password
  * assistance mail to the specified user.
  * Note: To prevent DOS attacks, a new session is created only, if no session
  * exists, or if the existing session has been expired.
  * The password assistance mail contains an URL, which points to this script
  * and contains the following URL parameters:
  * client_id
  * key
  * @param $userObj ilObjUser
  */
 public function sendPasswordAssistanceMail(ilObjUser $userObj)
 {
     require_once 'Services/Mail/classes/class.ilMailbox.php';
     require_once 'Services/Mail/classes/class.ilMimeMail.php';
     require_once 'include/inc.pwassist_session_handler.php';
     // Check if we need to create a new session
     $pwassist_session = db_pwassist_session_find($userObj->getId());
     if (count($pwassist_session) == 0 || $pwassist_session['expires'] < time() || true) {
         // Create a new session id
         // #9700 - this didn't do anything before?!
         // db_set_save_handler();
         session_start();
         $pwassist_session['pwassist_id'] = db_pwassist_create_id();
         session_destroy();
         db_pwassist_session_write($pwassist_session['pwassist_id'], 3600, $userObj->getId());
     }
     $protocol = $this->https->isDetected() ? 'https://' : 'http://';
     // Compose the mail
     $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
     // XXX - Werner Randelshofer - Insert code here to dynamically get the
     //      the delimiter. For URL's that are sent by e-mail to a user,
     //      it is best to use semicolons as parameter delimiter
     $delimiter = '&';
     $pwassist_url = $protocol . $_SERVER['HTTP_HOST'] . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF']) . '?client_id=' . $this->ilias->getClientId() . $delimiter . 'lang=' . $this->lng->getLangKey() . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
     $alternative_pwassist_url = $protocol . $_SERVER['HTTP_HOST'] . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF']) . '?client_id=' . $this->ilias->getClientId() . $delimiter . 'lang=' . $this->lng->getLangKey() . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
     $contact_address = $this->settings->get('admin_email');
     $mm = new ilMimeMail();
     $mm->Subject($this->lng->txt('pwassist_mail_subject'));
     $mm->From($contact_address);
     $mm->To($userObj->getEmail());
     $mm->Body(str_replace(array("\\n", "\\t"), array("\n", "\t"), sprintf($this->lng->txt('pwassist_mail_body'), $pwassist_url, $server_url, $_SERVER['REMOTE_ADDR'], $userObj->getLogin(), 'mailto:' . $contact_address, $alternative_pwassist_url)));
     $mm->Send();
 }