function Contacts_createPortalLoginDetails($entityData)
{
vimport('modules.Settings.CustomerPortal.helpers.CustomerPortalPassword');
$encodePass = vglobal('encode_customer_portal_passwords');
$adb = PearDatabase::getInstance();
$wsId = $entityData->getId();
$parts = explode('x', $wsId);
$entityId = $parts[1];
$email = $entityData->get('email');
if (($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') && $entityData->get('contactstatus') != 'Inactive') {
$sql = "SELECT id, user_name, user_password, isactive FROM vtiger_portalinfo WHERE id=?";
$result = $adb->pquery($sql, array($entityId));
$insert = false;
if ($adb->num_rows($result) == 0) {
$insert = true;
} else {
$dbusername = $adb->query_result($result, 0, 'user_name');
$isactive = $adb->query_result($result, 0, 'isactive');
if ($email == $dbusername && $isactive == 1 && !$entityData->isNew()) {
$update = false;
} else {
if ($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=1 WHERE id=?";
$adb->pquery($sql, array($email, $entityId));
$password = $adb->query_result($result, 0, 'user_password');
$update = true;
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=? WHERE id=?";
$adb->pquery($sql, array($email, 0, $entityId));
$update = false;
}
}
}
if ($insert == true) {
$password = makeRandomPassword();
$truePassword = $password;
if ($encodePass) {
$password = CustomerPortalPassword::encryptPassword($password, $email);
$params = array($entityId, $email, $password, 'C', 1, CustomerPortalPassword::getCryptType(), $truePassword);
$sql = "INSERT INTO vtiger_portalinfo(`id`, `user_name`, `user_password`, `type`, `isactive`, `crypt_type`, `password_sent`) VALUES(" . generateQuestionMarks($params) . ")";
} else {
$params = array($entityId, $email, $password, 'C', 1, $truePassword);
$sql = "INSERT INTO vtiger_portalinfo(`id`, `user_name`, `user_password`, `type`, `isactive`, `password_sent`) VALUES(" . generateQuestionMarks($params) . ")";
}
$adb->pquery($sql, $params);
}
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?,isactive=0 WHERE id=?";
$adb->pquery($sql, array($email, $entityId));
}
}
function Contacts_sendCustomerPortalLoginDetails($entityData)
{
$adb = PearDatabase::getInstance();
$moduleName = $entityData->getModuleName();
$wsId = $entityData->getId();
$parts = explode('x', $wsId);
$entityId = $parts[1];
$email = $entityData->get('email');
if ($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') {
$sql = "SELECT id, user_name, user_password, isactive FROM vtiger_portalinfo WHERE id=?";
$result = $adb->pquery($sql, array($entityId));
$insert = false;
if ($adb->num_rows($result) == 0) {
$insert = true;
} else {
$dbusername = $adb->query_result($result, 0, 'user_name');
$isactive = $adb->query_result($result, 0, 'isactive');
if ($email == $dbusername && $isactive == 1 && !$entityData->isNew()) {
$update = false;
} else {
if ($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=1 WHERE id=?";
$adb->pquery($sql, array($email, $entityId));
$password = $adb->query_result($result, 0, 'user_password');
$update = true;
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=? WHERE id=?";
$adb->pquery($sql, array($email, 0, $entityId));
$update = false;
}
}
}
if ($insert == true) {
$password = makeRandomPassword();
$sql = "INSERT INTO vtiger_portalinfo(id,user_name,user_password,type,isactive) VALUES(?,?,?,?,?)";
$params = array($entityId, $email, $password, 'C', 1);
$adb->pquery($sql, $params);
}
if ($insert == true || $update == true) {
require_once "modules/Emails/mail.php";
global $current_user;
$emailData = Contacts::getPortalEmailContents($entityData, $password, 'LoginDetails');
$subject = $emailData['subject'];
$contents = $emailData['body'];
$mail_status = send_mail('Contacts', $entityData->get('email'), $current_user->user_name, "", $subject, $contents);
}
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?,isactive=0 WHERE id=?";
$adb->pquery($sql, array($email, $entityId));
}
}
function recover_pw($email_address){
if(!$email_address){
include 'lost_pw.php';
echo "You forgot to enter your Email address <strong>Knucklehead</strong><br />";
exit();
}
// quick check to see if record exists
$sql_check = mysql_query("SELECT * FROM users WHERE email_address='$email_address'");
$sql_check_num = mysql_num_rows($sql_check);
if($sql_check_num == 0){
include 'lost_pw.php';
echo "No records found matching your email address<br />";
exit();
}
// Everything looks ok, generate password, update it and send it!
function makeRandomPassword() {
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
$random_password = makeRandomPassword();
$db_password = md5($random_password);
$sql = mysql_query("UPDATE users SET password='******' WHERE email_address='$email_address'");
$subject = "Password reset for mblistings.com";
$message = "A new password has been assigned to you at mblistings.com:
New Password: $random_password
http://www.mblistings.com/members_area/login.php
Once you are logged in you may customize your password in 'Account Settings.'
This is an automated response, please do not reply!";
mail($email_address, $subject, $message, "From: mblistings.com<*****@*****.**>\nX-Mailer: PHP/" . phpversion());
include 'password_sent.htm';
exit();
}
function recupera_senha($email)
{
include "../Conexao/config.php";
if ($email == '') {
echo 2;
die;
}
// Checando se o email informado está cadastrado
$sql_check = $conexao_pdo->prepare("SELECT email, login FROM bd_cadastro WHERE email='{$email}'");
$sql_check->execute();
$sql_check_num = $sql_check->rowCount();
$username = $sql_check->fetch(PDO::FETCH_ASSOC);
if ($sql_check_num == 0) {
echo 3;
die;
}
// Se tudo OK vamos gerar uma nova senha e enviar para o email do usuário!
function makeRandomPassword()
{
include "../Conexao/config.php";
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand((double) microtime() * 1000000);
$i = 0;
$pass = "******";
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
$senha_randomica = makeRandomPassword();
$senha = md5($senha_randomica);
$sql = $conexao_pdo->prepare("UPDATE bd_cadastro SET senha='{$senha}'\n WHERE email ='{$email}'");
$sql->execute();
$user = $username["login"];
$headers = "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=UTF-8\n";
$headers .= "From: My Travel - Webmaster<*****@*****.**>";
$headers .= "Return-Path: guilherme@guisanches.com.br\r\n";
// return-path
$subject = "Sua nova senha em guisanches.com.br";
$message = "Olá, redefinimos sua senha.<br /><br />\n <strong>Usuário</strong>: {$user}<br />\n <strong>Nova Senha</strong>: {$senha_randomica}<br /><br />\n\n <a href='http://www.guisanches.com.br/index.html'>\n\n http://www.guisanches.com.br/index.html\n\n </a><br /><br />\n Obrigado!<br /><br />\n Webmaster<br /><br /><br />\n\n Esta é uma mensagem automática, por favor não responda!";
$envio = mail($email, $subject, $message, $headers);
if ($envio) {
echo 1;
} else {
echo 9;
}
}
function Contacts_createPortalLoginDetails($entityData)
{
$adb = PearDatabase::getInstance();
$moduleName = $entityData->getModuleName();
$wsId = $entityData->getId();
$parts = explode('x', $wsId);
$entityId = $parts[1];
$email = $entityData->get('email');
if (($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') && $entityData->get('contactstatus') != 'Inactive') {
$sql = "SELECT id, user_name, user_password, isactive FROM vtiger_portalinfo WHERE id=?";
$result = $adb->pquery($sql, array($entityId));
$insert = false;
if ($adb->num_rows($result) == 0) {
$insert = true;
} else {
$dbusername = $adb->query_result($result, 0, 'user_name');
$isactive = $adb->query_result($result, 0, 'isactive');
if ($email == $dbusername && $isactive == 1 && !$entityData->isNew()) {
$update = false;
} else {
if ($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=1 WHERE id=?";
$adb->pquery($sql, array($email, $entityId));
$password = $adb->query_result($result, 0, 'user_password');
$update = true;
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=? WHERE id=?";
$adb->pquery($sql, array($email, 0, $entityId));
$update = false;
}
}
}
if ($insert == true) {
$password = makeRandomPassword();
$sql = "INSERT INTO vtiger_portalinfo(id,user_name,user_password,type,isactive) VALUES(?,?,?,?,?)";
$params = array($entityId, $email, $password, 'C', 1);
$adb->pquery($sql, $params);
}
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?,isactive=0 WHERE id=?";
$adb->pquery($sql, array($email, $entityId));
}
}
/** function used to send mail to the customer when he forgot the password and want to retrieve the password
* @param string $mailid - email address of the customer
* return message about the mail sending whether entered mail id is correct or not or is there any problem in mail sending
*/
function send_mail_for_password($mailid)
{
$adb = PearDatabase::getInstance();
$log = vglobal('log');
vimport('modules.Settings.CustomerPortal.helpers.CustomerPortalPassword');
$log->debug("Entering customer portal function send_mail_for_password");
$adb->println("Inside the function send_mail_for_password({$mailid}).");
$sql = "select * from vtiger_portalinfo where user_name = ?;";
$res = $adb->pquery($sql, array($mailid));
if ($adb->num_rows($res) > 0) {
$user_name = $adb->query_result($res, 0, 'user_name');
$isactive = $adb->query_result($res, 0, 'isactive');
$record = $adb->query_result($res, 0, 'id');
// generate new temp password for portal user
$password = makeRandomPassword();
$truePassword = $password;
$password = CustomerPortalPassword::encryptPassword($password, $user_name);
$params = array($password, CustomerPortalPassword::getCryptType(), $truePassword, $record);
$sql = 'UPDATE vtiger_portalinfo SET `user_password` = ?, `crypt_type` = ?, `password_sent` = ? WHERE `id` = ? LIMIT 1;';
$adb->pquery($sql, $params);
$data = array('id' => '104', 'to_email' => $mailid, 'module' => 'Contacts', 'record' => $record, 'user_name' => $user_name, 'password' => $truePassword);
$recordModel = Vtiger_Record_Model::getCleanInstance('OSSMailTemplates');
}
$succes = false;
if ($mailid == '') {
$masage = 'LBL_NO_MAIL_ADDRESS';
} elseif ($adb->num_rows($res) == 0) {
$masage = 'LBL_EMAIL_ADDRESS_NOT_FOUND';
} elseif ($isactive == 0) {
$masage = 'LBL_LOGIN_REVOKED';
} elseif (!$recordModel->sendMailFromTemplate($data)) {
$masage = 'LBL_MAIL_COULDNOT_SENT';
} else {
$succes = true;
$masage = 'LBL_PASSWORD_HAS_BEEN_SENT';
$params = array(1, $record);
$sql = 'UPDATE vtiger_portalinfo SET `password_sent` = ? WHERE `id` = ? LIMIT 1;';
$adb->pquery($sql, $params);
}
$ret_msg = array('succes' => $succes, 'masage' => $masage);
$adb->println("Exit from send_mail_for_password. {$ret_msg}");
$log->debug("Exiting customer portal function send_mail_for_password");
return $ret_msg;
}
/** function used to authenticate whether the customer has access or not
* @param string $username - customer name for the customer portal
* @param string $password - password for the customer portal
* @param string $login - true or false. If true means function has been called for login process and we have to clear the session if any, false means not called during login and we should not unset the previous sessions
* return array $list - returns array with all the customer details
*/
function authenticate_user($username, $password, $version, $login = '******')
{
global $adb, $log;
$adb->println("Inside customer portal function authenticate_user({$username}, {$password}, {$login}).");
include 'vtigerversion.php';
if (version_compare($version, '5.1.0', '>=') == 0) {
$list[0] = "NOT COMPATIBLE";
return $list;
}
$username = $adb->sql_escape_string($username);
$password = $adb->sql_escape_string($password);
$current_date = date("Y-m-d");
$sql = "select id, user_name, user_password,last_login_time, support_start_date, support_end_date\n\t\t\t\tfrom vtiger_portalinfo\n\t\t\t\t\tinner join vtiger_customerdetails on vtiger_portalinfo.id=vtiger_customerdetails.customerid\n\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_portalinfo.id\n\t\t\t\twhere vtiger_crmentity.deleted=0 and user_name=? and user_password = ?\n\t\t\t\t\tand isactive=1 and vtiger_customerdetails.portal=1\n\t\t\t\t\tand vtiger_customerdetails.support_start_date <= ? and vtiger_customerdetails.support_end_date >= ?";
$result = $adb->pquery($sql, array($username, $password, $current_date, $current_date));
$err[0]['err1'] = "MORE_THAN_ONE_USER";
$err[1]['err1'] = "INVALID_USERNAME_OR_PASSWORD";
$num_rows = $adb->num_rows($result);
if ($num_rows > 1) {
return $err[0];
} elseif ($num_rows <= 0) {
return $err[1];
}
//No user
$customerid = $adb->query_result($result, 0, 'id');
$list[0]['id'] = $customerid;
$list[0]['user_name'] = $adb->query_result($result, 0, 'user_name');
$list[0]['user_password'] = $adb->query_result($result, 0, 'user_password');
$list[0]['last_login_time'] = $adb->query_result($result, 0, 'last_login_time');
$list[0]['support_start_date'] = $adb->query_result($result, 0, 'support_start_date');
$list[0]['support_end_date'] = $adb->query_result($result, 0, 'support_end_date');
//During login process we will pass the value true. Other times (change password) we will pass false
if ($login != 'false') {
$sessionid = makeRandomPassword();
unsetServerSessionId($customerid);
$sql = "insert into vtiger_soapservice values(?,?,?)";
$result = $adb->pquery($sql, array($customerid, 'customer', $sessionid));
$list[0]['sessionid'] = $sessionid;
}
return $list;
}
function LogintoVtigerCRM($user_name, $password, $version)
{
global $log, $adb;
require_once 'modules/Users/Users.php';
include 'vtigerversion.php';
if ($version != $vtiger_current_version) {
return array("VERSION", '00');
}
$return_access = array("FALSES", '00');
$objuser = new Users();
if ($password != "") {
$objuser->column_fields['user_name'] = $user_name;
$objuser->load_user($password);
if ($objuser->is_authenticated()) {
$userid = $objuser->retrieve_user_id($user_name);
$sessionid = makeRandomPassword();
unsetServerSessionId($userid);
$sql = "insert into vtiger_soapservice values(?,?,?)";
$result = $adb->pquery($sql, array($userid, 'FireFox', $sessionid));
$return_access = array("TRUES", $sessionid);
} else {
$return_access = array("FALSES", '00');
}
} else {
//$server->setError("Invalid username and/or password");
$return_access = array("FALSES", '00');
}
$objuser = $objuser;
return $return_access;
}
</b></td>
<td>
<input name="phonenumber" type="text" maxlength="20">
</td>
</tr>
<tr>
<td><b><?php
echo msg('label_example');
?>
</b></td>
<td><b>999 9999999</b></td>
</tr>
<?php
// If mysqlauthentication, then ask for password
if ($GLOBALS["CONFIG"]["authen"] == 'mysql') {
$rand_password = makeRandomPassword();
?>
<tr>
<td><b><?php
echo msg('userpage_password');
?>
</b></td>
<td>
<input name="password" type="text" value="<?php
echo $rand_password;
?>
" class="required" minlength="5" maxlength="10">
</td>
</tr>
<?php
}
*************************************************************************************************
* Migrate from vtiger CRM 6.5 to vtiger CRM 6.4
* Version : 1.0
* Author : JPL TSolucio, S. L.
*************************************************************************************************/
ExecuteQuery("ALTER TABLE vtiger_portalinfo DROP cryptmode");
// regenerate portal users password
$portalinfo_hasmore = true;
do {
$result = $adb->pquery('SELECT id FROM vtiger_portalinfo limit 1000', array());
$portalinfo_hasmore = false;
// assume we are done.
while ($row = $adb->fetch_array($result)) {
$portalinfo_hasmore = true;
// we found at least one so there could be more.
$enc_password = makeRandomPassword();
$adb->pquery('UPDATE vtiger_portalinfo SET user_password=? WHERE id=?', array($enc_password, $row['id']));
}
} while ($portalinfo_hasmore);
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Administration&action=index&parenttab=Settings' where name='LBL_USERS'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=listroles&parenttab=Settings' where name='LBL_ROLES'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=ListProfiles&parenttab=Settings' where name='LBL_PROFILES'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=listgroups&parenttab=Settings' where name='USERGROUPLIST'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=OrgSharingDetailView&parenttab=Settings' where name='LBL_SHARING_ACCESS'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=DefaultFieldPermissions&parenttab=Settings' where name='LBL_FIELDS_ACCESS'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=ListLoginHistory&parenttab=Settings' where name='LBL_LOGIN_HISTORY_DETAILS'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=ModuleManager&parenttab=Settings' where name='VTLIB_LBL_MODULE_MANAGER'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=PickList&action=PickList&parenttab=Settings' where name='LBL_PICKLIST_EDITOR'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=PickList&action=PickListDependencySetup&parenttab=Settings' where name='LBL_PICKLIST_DEPENDENCY_SETUP'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=listnotificationschedulers&parenttab=Settings' where name='NOTIFICATIONSCHEDULERS'");
ExecuteQuery("update vtiger_settings_field set linkto='index.php?module=Settings&action=listinventorynotifications&parenttab=Settings' where name='INVENTORYNOTIFICATION'");
forma randômica*/
function makeRandomPassword()
{
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand((double) microtime() * 1000000);
$i = 0;
$pass = 1;
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
$senha_randomica = makeRandomPassword();
// $senhaR = md5($senha);
// Inserindo os dados no banco de dados
$info = htmlspecialchars($info);
try {
$sql = $conexao_pdo->prepare("INSERT INTO bd_cadastro\n (nome, sobrenome, login, email, senha, idade, info, data_ultimo_login, ativo, desativado)\n\n VALUES\n ('{$nome}', '{$sobrenome}', '{$usuario}', '{$email}', '{$senha}', '{$idade}', '{$info}', now(),'0', '0')");
$sql->execute();
} catch (PDOException $e) {
echo 'Error: ' . $e->getMessage();
}
if (!$sql) {
echo "Ocorreu um erro ao criar sua conta, entre em contato.";
} else {
$usuario_id = $conexao_pdo->lastInsertId();
// Enviar um email ao usuário para confirmação e ativar o cadastro!
$headers = "MIME-Version: 1.0\n";
if (!isset($_POST['id_adh'])) {
header('location: ajouter_contribution.php?id_adh=' . $adherent['id_adh']);
} elseif (!isset($_POST['del_photo']) && count($error_detected) == 0) {
header('location: voir_adherent.php?id_adh=' . $adherent['id_adh']);
}
}
} else {
if ($adherent["id_adh"] == "") {
// initialiser la structure adhérent à vide (nouvelle fiche)
$adherent["id_statut"] = "4";
$adherent["titre_adh"] = "1";
$adherent["date_crea_adh"] = date("d/m/Y");
//annoying
//$adherent["url_adh"] = "http://";
$adherent["url_adh"] = "";
$adherent["mdp_adh"] = makeRandomPassword(7);
$adherent["pref_lang"] = PREF_LANG;
$adherent["activite_adh"] = "1";
} else {
// initialize adherent structure with database values
$sql = "SELECT * " . "FROM " . PREFIX_DB . "adherents " . "WHERE id_adh=" . $adherent["id_adh"];
$result =& $DB->Execute($sql);
if ($result->EOF) {
header("location: index.php");
} else {
#annoying
// url_adh is a specific case
//if ($result->fields['url_adh']=='')
// $result->fields['url_adh'] = 'http://';
// plain info
$adherent = $result->fields;
function sendCustomerPortalLoginDetails($module)
{
global $adb, $log, $PORTAL_URL, $mod_strings;
$email = $this->column_fields['email'];
if ($this->column_fields['portal'] == 'on' || $this->column_fields['portal'] == '1') {
$sql = "SELECT id, user_name, user_password, isactive FROM vtiger_portalinfo WHERE id=?";
$result = $adb->pquery($sql, array($this->id));
$insert = false;
if ($adb->num_rows($result) == 0) {
$insert = true;
} else {
$dbusername = $adb->query_result($result, 0, 'user_name');
$isactive = $adb->query_result($result, 0, 'isactive');
if ($email == $dbusername && $isactive == 1 && $this->mode == 'edit') {
$update = false;
} else {
if ($this->column_fields['portal'] == 'on' || $this->column_fields['portal'] == '1') {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=1 WHERE id=?";
$adb->pquery($sql, array($email, $this->id));
$password = $adb->query_result($result, 0, 'user_password');
$update = true;
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=? WHERE id=?";
$adb->pquery($sql, array($email, 0, $this->id));
$update = false;
}
}
}
if ($insert == true) {
$password = makeRandomPassword();
$sql = "INSERT INTO vtiger_portalinfo(id,user_name,user_password,type,isactive) VALUES(?,?,?,?,?)";
$params = array($this->id, $email, $password, 'C', 1);
$adb->pquery($sql, $params);
}
require_once "modules/Emails/mail.php";
global $current_user;
$data_array = array();
$data_array['first_name'] = $this->column_fields['firstname'];
$data_array['last_name'] = $this->column_fields['lastname'];
$data_array['email'] = $this->column_fields['email'];
$data_array['portal_url'] = '<a href="' . $PORTAL_URL . '" style="font-family:Arial, Helvetica, sans-serif;font-size:12px; font-weight:bolder;text-decoration:none;color: #4242FD;">' . $mod_strings['Please Login Here'] . '</a>';
$contents = getmail_contents_portalUser($data_array, $password);
$subject = $mod_strings['Customer Portal Login Details'];
$log->info("Customer Portal Information Updated in database and details are going to send => '" . $_REQUEST['email'] . "'");
if ($insert == true || $update == true) {
$mail_status = send_mail('Contacts', $this->column_fields['email'], $current_user->user_name, "", $subject, $contents);
}
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?,isactive=0 WHERE id=?";
$adb->pquery($sql, array($email, $this->id));
}
}
<table class="content-table" cellspacing="0" cellpadding="0">
<tr>
<td class="content-head"><center><img src="images/contenthoofd_wachtwoord.gif" width="86" height="30" /></center></td>
</tr>
<tr>
<td class="content-tekst">
<h1><img src="images/knop_groot.gif" width="10" height="10" style="padding-right: 10px;" />Wachtwoord vergeten</h1>
<?php
if (isset($_POST['pw_vergeten'])) {
echo '<h6>';
$result = mysql_query("SELECT voornaam,email FROM leerlingen WHERE voornaam = '" . $naam . "' AND email = '" . $email . "'") or die(mysql_error());
$row = mysql_fetch_array($result);
if ($email != '' && $row['email'] == $email && $naam != '' && $naam == $row['voornaam']) {
echo "<p>goed ingevuld.</p>";
$pw = makeRandomPassword();
$message = $pw;
echo $pw;
mail($row['email'], 'Nieuw wachtwoord', $message);
$query = "UPDATE leerlingen SET wachtwoord = '" . md5($pw) . "' WHERE email = '" . $email . "' AND voornaam = '" . $naam . "'";
mysql_query($query) or die(mysql_error());
} else {
echo "De gegevens werden niet goed ingevuld!<br />";
echo "Keer <a href=\"javascript:history.go(-1);\">hier</a> terug naar de vorige pagina.";
}
echo '</h6>';
} else {
?>
<form name="pw_vergeten" action="<?php
echo $_SERVER['PHP_SELF'] . '?page=pw_vergeten';
function Contacts_sendCustomerPortalLoginDetails($entityData)
{
$adb = PearDatabase::getInstance();
$moduleName = $entityData->getModuleName();
$wsId = $entityData->getId();
$parts = explode('x', $wsId);
$entityId = $parts[1];
$entityDelta = new VTEntityDelta();
$portalChanged = $entityDelta->hasChanged($moduleName, $entityId, 'portal');
$email = $entityData->get('email');
if ($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') {
$sql = "SELECT id, user_name, user_password, isactive FROM vtiger_portalinfo WHERE id=?";
$result = $adb->pquery($sql, array($entityId));
$insert = false;
if ($adb->num_rows($result) == 0) {
$insert = true;
} else {
$dbusername = $adb->query_result($result, 0, 'user_name');
$isactive = $adb->query_result($result, 0, 'isactive');
if ($email == $dbusername && $isactive == 1 && !$entityData->isNew()) {
$update = false;
} else {
if ($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=? WHERE id=?";
$adb->pquery($sql, array($email, 1, $entityId));
$update = true;
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=? WHERE id=?";
$adb->pquery($sql, array($email, 0, $entityId));
$update = false;
}
}
}
$password = makeRandomPassword();
$md5_password = md5($password);
if ($insert == true) {
$sql = "INSERT INTO vtiger_portalinfo(id,user_name,user_password,type,isactive) VALUES(?,?,?,?,?)";
$params = array($entityId, $email, $md5_password, 'C', 1);
$adb->pquery($sql, $params);
}
if ($update == true && $portalChanged == true) {
$sql = "UPDATE vtiger_portalinfo SET user_password=? WHERE id=?";
$params = array($md5_password, $entityId);
$adb->pquery($sql, $params);
}
if (($insert == true || ($update = true && $portalChanged == true)) && $entityData->get('emailoptout') == 0) {
global $current_user, $HELPDESK_SUPPORT_EMAIL_ID, $HELPDESK_SUPPORT_NAME;
require_once "modules/Emails/mail.php";
$emailData = Contacts::getPortalEmailContents($entityData, $password, 'LoginDetails');
$subject = $emailData['subject'];
if (empty($subject)) {
$subject = 'Customer Portal Login Details';
}
$contents = $emailData['body'];
$contents = decode_html(getMergedDescription($contents, $entityId, 'Contacts'));
if (empty($contents)) {
require_once 'config.inc.php';
global $PORTAL_URL;
$contents = 'LoginDetails';
$contents .= "<br><br> User ID : " . $entityData->get('email');
$contents .= "<br> Password: "******"' . $PORTAL_URL . '" style="font-family:Arial, Helvetica, sans-serif;font-size:13px;">' . vtranslate('click here', $moduleName) . '</a>';
$contents .= "<br>" . $portalURL;
}
$subject = decode_html(getMergedDescription($subject, $entityId, 'Contacts'));
send_mail('Contacts', $entityData->get('email'), $HELPDESK_SUPPORT_NAME, $HELPDESK_SUPPORT_EMAIL_ID, $subject, $contents, '', '', '', '', '', true);
}
} else {
$sql = "UPDATE vtiger_portalinfo SET user_name=?,isactive=0 WHERE id=?";
$adb->pquery($sql, array($email, $entityId));
}
}
$active = $adb->query_result($check_available, 0, 'isactive');
$update = false;
if ($active != '' && $active == 1) {
$sql = "update vtiger_portalinfo set user_name=?,isactive=? where id=?";
$adb->pquery($sql, array($fieldvalue, $active, $crmid));
$email = $fieldvalue;
$result = $adb->pquery("select user_password from vtiger_portalinfo where id=?", array($modObj->id));
$password = $adb->query_result($result, 0, 'user_password');
$update = true;
}
}
if ($fieldname == "portal") {
if ($email != '') {
$confirm = $adb->query_result($check_available, 0, 'isactive');
if ($confirm == '' && $fieldvalue == 1) {
$password = makeRandomPassword();
$sql = "insert into vtiger_portalinfo (id,user_name,user_password,type,isactive) values(?,?,?,?,?)";
$params = array($modObj->id, $email, $password, 'C', 1);
$adb->pquery($sql, $params);
$insert = true;
} elseif ($confirm == 0 && $fieldvalue == 1) {
$sql = "update vtiger_portalinfo set user_name=?, isactive=1 where id=?";
$params = array($email, $modObj->id);
$adb->pquery($sql, $params);
$result = $adb->pquery("select user_password from vtiger_portalinfo where id=?", array($modObj->id));
$password = $adb->query_result($result, 0, 'user_password');
$update = true;
} elseif ($confirm == 1 && $fieldvalue == 0) {
$sql = "update vtiger_portalinfo set isactive=0 where id=?";
$adb->pquery($sql, array($modObj->id));
}
function create_session($user_name, $password, $version)
{
global $log, $adb;
require_once 'modules/Users/Users.php';
include 'config/version.php';
/* Make 5.0.4 plugins compatible with 5.1.0 */
if (version_compare($version, '5.0.4', '>=') === 1) {
return array("VERSION", '00');
}
$return_access = array("FALSES", '00');
$objuser = new Users();
if ($password != "") {
$objuser->column_fields['user_name'] = $user_name;
$objuser->load_user($password);
if ($objuser->is_authenticated()) {
$userid = $objuser->retrieve_user_id($user_name);
$sessionid = makeRandomPassword();
unsetServerSessionId($userid);
$sql = "insert into vtiger_soapservice values(?,?,?)";
$result = $adb->pquery($sql, array($userid, 'Office', $sessionid));
$return_access = array("TRUE", $sessionid);
} else {
$return_access = array("FALSE", '00');
}
} else {
//$server->setError("Invalid username and/or password");
$return_access = array("LOGIN", '00');
}
$objuser = $objuser;
return $return_access;
}
function custom_mail($email_adh, $mail_subject, $mail_text, $content_type = "text/plain")
{
// codes retour :
// 0 - error mail()
// 1 - mail sent
// 2 - mail desactived in preferences
// 3 - bad configuration ?
// 4 - SMTP unreacheable
// 5 - breaking attempt
$result = 0;
//sanityze headers
$params = array($email_adh, $mail_subject, $content_type);
foreach ($params as $param) {
if (!sanityze_mail_headers($param)) {
return 5;
break;
}
}
// Headers :
// Add a Reply-To field in the mail headers.
// Fix bug #6654.
if (PREF_EMAIL_REPLY_TO) {
$reply_to = PREF_EMAIL_REPLY_TO;
} else {
$reply_to = PREF_EMAIL;
}
$headers = array("From: " . PREF_EMAIL_NOM . " <" . PREF_EMAIL . ">", "Message-ID: <" . makeRandomPassword(16) . "-galette@" . $_SERVER['SERVER_NAME'] . ">", "Reply-To: <" . $reply_to . ">", "X-Sender: <" . PREF_EMAIL . ">", "Return-Path: <" . PREF_EMAIL . ">", "Errors-To: <" . PREF_EMAIL . ">", "X-Mailer: Galette-" . GALETTE_VERSION, "X-Priority: 3", "Content-Type: {$content_type}; charset=iso-8859-15");
switch (PREF_MAIL_METHOD) {
case 0:
$result = 2;
break;
case 1:
$mail_headers = "";
foreach ($headers as $oneheader) {
$mail_headers .= $oneheader . "\r\n";
}
//-f .PREF_EMAIL is to set Return-Path
//if (!mail($email_adh,$mail_subject,$mail_text, $mail_headers,"-f ".PREF_EMAIL))
//set Return-Path
//seems to does not work
ini_set('sendmail_from', PREF_EMAIL);
if (!mail($email_adh, $mail_subject, $mail_text, $mail_headers)) {
$result = 0;
} else {
$result = 1;
}
break;
case 2:
// $toArray format --> array("Name1" => "address1", "Name2" => "address2", ...)
//set Return-Path
ini_set('sendmail_from', PREF_EMAIL);
$errno = "";
$errstr = "";
if (!($connect = fsockopen(PREF_MAIL_SMTP, 25, $errno, $errstr, 30))) {
$result = 4;
} else {
$rcv = fgets($connect, 1024);
fputs($connect, "HELO {$_SERVER['SERVER_NAME']}\r\n");
$rcv = fgets($connect, 1024);
fputs($connect, "MAIL FROM:" . PREF_EMAIL . "\r\n");
$rcv = fgets($connect, 1024);
fputs($connect, "RCPT TO:" . $email_adh . "\r\n");
$rcv = fgets($connect, 1024);
fputs($connect, "DATA\r\n");
$rcv = fgets($connect, 1024);
foreach ($headers as $oneheader) {
fputs($connect, $oneheader . "\r\n");
}
fputs($connect, stripslashes("Subject: " . $mail_subject) . "\r\n");
fputs($connect, "\r\n");
fputs($connect, stripslashes($mail_text) . " \r\n");
fputs($connect, ".\r\n");
$rcv = fgets($connect, 1024);
fputs($connect, "RSET\r\n");
$rcv = fgets($connect, 1024);
fputs($connect, "QUIT\r\n");
$rcv = fgets($connect, 1024);
fclose($connect);
$result = 1;
}
break;
default:
$result = 3;
}
return $result;
}
$result =& $DB->Execute($query);
$login_adh = $result->fields[0];
}
$email_adh = isEmail($login_adh);
//send the password
if ($email_adh != "") {
$query = "SELECT id_adh from " . PREFIX_DB . "adherents where login_adh=" . txt_sqls($login_adh);
$result =& $DB->Execute($query);
if ($result->EOF) {
$warning_detected = _T("There is no password for user :"******" \"" . $login_adh . "\"";
//TODO need to clean die here
} else {
$id_adh = $result->fields[0];
}
//make temp password
$tmp_passwd = makeRandomPassword(7);
$hash = md5($tmp_passwd);
//delete old tmp_passwd
$query = "DELETE FROM " . PREFIX_DB . "tmppasswds";
$query .= " WHERE id_adh = {$id_adh} ";
if (!$DB->Execute($query)) {
$warning_detected = _T("delete failed");
}
//insert temp passwd in database
$query = "INSERT INTO " . PREFIX_DB . "tmppasswds";
$query .= " (id_adh, tmp_passwd, date_crea_tmp_passwd)";
$query .= " VALUES({$id_adh}, '{$hash}', " . $DB->DBTimeStamp(time()) . ")";
if (!$DB->Execute($query)) {
$warning_detected = _T("There was a database error when inserting data");
}
//$warning_detected = $DB->ErrorMsg();
function exec_ogp_module()
{
global $db, $view, $settings;
$view->setCharset(get_lang('lang_charset'));
$errorCount = 0;
if (isset($errors)) {
unset($errors);
}
$moduleLink = "index.php?m=lostpwd";
$lang_switch = (isset($_GET['lang']) and $_GET['lang'] != "") ? '&lang=' . $_GET['lang'] : "";
echo '<h2>' . get_lang("recover") . '</h2>';
// We either need to show the form or process the email address input
if (!isset($_GET['user_id']) and !isset($_GET['ch_pass_uid'])) {
if (isset($_POST['email_address'])) {
/* Start of Process User Input */
$email_address = trim($_POST['email_address']);
if (empty($email_address)) {
$errorCount++;
$errors[] = get_lang('incomplete');
}
if (!stristr($email_address, "@") or !stristr($email_address, ".")) {
$errorCount++;
$errors[] = get_lang('errormail');
}
if ($errorCount == 0) {
// Check to see if email address is in the database
$user_info = $db->getUserByEmail($email_address);
if (empty($user_info)) {
$errorCount++;
$errors[] = get_lang('errormail');
}
// Still no errors?
if ($errorCount == 0) {
$user_id = $user_info['user_id'];
$ch_pass_uid = $user_info['users_passwd'];
$subject = get_lang('confirm_change_subject');
$s = isset($_SERVER['HTTPS']) ? "s" : "";
$recover_link = '<a href="http' . $s . '://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "&user_id=" . $user_id . '&ch_pass_uid=' . $ch_pass_uid . '" >http' . $s . '://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "&user_id=" . $user_id . '&ch_pass_uid=' . $ch_pass_uid . '</a>';
$message = get_lang_f('confirm_change_password_message', $recover_link);
if (mymail($email_address, $subject, $message, $settings) == TRUE) {
echo "<p>" . get_lang('confirm_send') . "</p>";
} else {
echo "<p>" . get_lang('mail_failed') . "</p>";
}
unset($_POST['email_address']);
}
}
} else {
// Show form
$showForm = 1;
}
// Any errors? If so, show the form
if ($errorCount > 0) {
$showForm = 1;
}
if (isset($showForm) and $showForm == 1) {
echo '<table style="width:200px" align="center" >
<tr>
<td colspan=2 >';
// Print errors if there are any
if (isset($errors) && is_array($errors)) {
foreach ($errors as $error) {
echo '<p style="color: red;">' . $error . '</p>';
}
}
echo '<form method="post" action="?m=lostpwd' . $lang_switch . '">
<label for="email_address">' . get_lang("email") . '</label>
</td>
</tr>
<tr>
<td>
<input type="text" title="' . get_lang("enter_email") . '" name="email_address" size="30" value="';
if (isset($email_address)) {
echo $email_address;
}
echo '"/>
</td>
</tr>
<tr>
<td style="text-align:right;">
<input type="submit" value="' . get_lang("submit") . '" class="submit-button"/>
</form>
</td>
</tr>
<tr>
<td style="text-align:left;">
<form method="post" action="index.php' . str_replace("&", "?", $lang_switch) . '" style="margin-top:-28px;">
<input type="submit" value="<< ' . get_lang("back") . '" class="submit-button"/>
</form>
</td>
</tr></table>';
}
} else {
if (isset($_GET['user_id']) and isset($_GET['ch_pass_uid'])) {
$user_id = trim($_GET['user_id']);
$ch_pass_uid = trim($_GET['ch_pass_uid']);
$user_info = $db->getUserById($user_id);
if (empty($user_info)) {
print_failure(get_lang('errormail'));
echo "<p><a href='" . $moduleLink . "'><< " . get_lang('back') . "</a></p>";
return;
}
$email_address = $user_info['users_email'];
$random_password = makeRandomPassword();
$db_password = md5($random_password);
$old_pass_md5_hash = $user_info['users_passwd'];
if ($old_pass_md5_hash != $ch_pass_uid) {
print_failure("Failed to update password for user.");
echo "<p><a href='" . $moduleLink . "'><< " . get_lang('back') . "</a></p>";
return;
}
$random_password = makeRandomPassword();
$db_password = md5($random_password);
if ($db->updateUsersPassword($user_id, $db_password) === FALSE) {
print_failure("Failed to update password for user.");
echo "<p><a href='" . $moduleLink . "'><< " . get_lang('back') . "</a></p>";
return;
}
$subject = get_lang('subject');
$message = get_lang_f('password_message', $random_password);
if (mymail($email_address, $subject, $message, $settings) == TRUE) {
echo "<p>" . get_lang('send') . "</p>";
} else {
echo "<p>" . get_lang('mail_failed') . "</p>";
}
echo "<p>" . get_lang('click') . " <a href='index.php'>" . get_lang('here') . "</a> " . get_lang('to_login') . "</p>";
} else {
print_failure("Security alert.");
}
}
}
