Example #1
0
import_request_variables("PG");
function forgotten_password()
{
    if (!isset($_REQUEST["Benutzername"]) || !isset($_REQUEST["EMail"]) || $_REQUEST["Benutzername"] == 'guest' || empty($_REQUEST["Benutzername"]) || empty($_REQUEST["EMail"]) || !(bool) trim($_REQUEST["Benutzername"]) || !(bool) trim($_REQUEST["EMail"])) {
        return -1;
    }
    if (!USE_PHP_MAILING) {
        return -4;
    }
    $administration = new administration();
    define("USER_NAME", trim($_REQUEST["Benutzername"]));
    define("USER_EMAIL", trim($_REQUEST["EMail"]));
    if (!$administration->getUserIdByUserName(USER_NAME) || USER_EMAIL != $administration->getEmailByUserId($administration->getUserIdByUserName(USER_NAME))) {
        return -2;
    }
    $new_password = $administration->getRandomPassword();
    $sql_update = "UPDATE mb_user SET mb_user_password = \$1, mb_user_digest = \$3 WHERE mb_user_id = \$2";
    $v = array(md5($new_password), $administration->getUserIdByUserName(USER_NAME), md5(USER_NAME . ";" . USER_EMAIL . ":" . REALM . ":" . $new_password));
    $t = array("s", "i");
    if (!db_prep_query($sql_update, $v, $t)) {
        return -3;
    }
    $email_subject = "New GeoPortal.rlp Password";
    $email_body = sprintf("Your new GeoPortal.rlp password is: %s", $new_password);
    if (!$administration->sendEmail(NULL, NULL, USER_EMAIL, USER_NAME, $email_subject, $email_body, $error_msg)) {
        return -4;
    }
    return 1;
}
$success = forgotten_password();
Example #2
0
<?php

// get user defined settings and functions
include_once 'bouncer_params.php';
// start sessions if needed
if (!session_id()) {
    session_start();
}
// set target page for redirects
$target_page = targetpage();
// call function for forgotten password
if (isset($_POST['forgotpass']) && isset($_POST['email'])) {
    if (bouncer_verify_email($_POST['email']) == true) {
        $bouncer_message['error'] = forgotten_password($_POST['email']);
        $attempt_login = 0;
    } else {
        $bouncer_message['error'] = $bouncer_message['wrong_email'];
        $attempt_login = 0;
    }
}
// call function for changed password
if (isset($_POST['changepass'])) {
    $bouncer_message['error'] = change_password();
    $attempt_login = 0;
}
// if a login is attempted we automatically clear the logged_in session
if (isset($_POST['email']) && isset($_POST['pass'])) {
    $_SESSION[WW_SESS]['logged_in'] = 0;
    $attempt_login = 1;
}
if (isset($_COOKIE['ww_c_key']) && isset($_COOKIE['ww_c_user'])) {