// Key request has been triggered
if (isset($_GET['key']) && !empty($_GET['key'])) {
check_input($_GET['key']);
$template = 'lostpassword_message.tpl';
if (sendpassword($_GET['key'])) {
$tpl->assign(array('TR_MESSAGE' => tr('Your new password has been sent.'), 'TR_LINK' => '<a href="index.php" class="button">' . tr('Login') . '</a>'));
} else {
$tpl->assign(array('TR_MESSAGE' => tr('New password could not be sent.'), 'TR_LINK' => '<a href="index.php" class="button">' . tr('Login') . '</a>'));
}
} elseif (isset($_POST['uname'])) {
check_ipaddr(getipaddr(), 'captcha');
$template = 'lostpassword_message.tpl';
if (!empty($_POST['uname']) && isset($_SESSION['image']) && isset($_POST['capcode'])) {
check_input(trim($_POST['uname']));
check_input($_POST['capcode']);
if ($_SESSION['image'] == $_POST['capcode'] && requestpassword($_POST['uname'])) {
$tpl->assign(array('TR_MESSAGE' => tr('Your password request has been initiated. You will receive an email with instructions to complete the process. This reset request will expire in %s minutes.', $cfg->LOSTPASSWORD_TIMEOUT), 'TR_LINK' => '<a href="index.php" class="button">' . tr('Back') . '</a>'));
} else {
$tpl->assign(array('TR_MESSAGE' => tr('User or security code was incorrect!'), 'TR_LINK' => '<a href="lostpassword.php" class="button">' . tr('Retry') . '</a>'));
}
} else {
$tpl->assign(array('TR_MESSAGE' => tr('Please fill out all required fields!'), 'TR_LINK' => '<a href="lostpassword.php" class="button">' . tr('Retry') . '</a>'));
}
} else {
unblock($cfg->BRUTEFORCE_BLOCK_TIME, 'captcha');
is_ipaddr_blocked(null, 'captcha', true);
$template = 'lostpassword.tpl';
$tpl->assign(array('TR_CAPCODE' => tr('Security code'), 'TR_IMGCAPCODE_DESCRIPTION' => tr('(To avoid abuse, we ask you to write the combination of letters on the above picture into the field "Security code")'), 'TR_IMGCAPCODE' => '<img src="imagecode.php" style="border: none;height: ' . $cfg->LOSTPASSWORD_CAPTCHA_HEIGHT . 'px;width: ' . $cfg->LOSTPASSWORD_CAPTCHA_WIDTH . 'px;" alt="captcha image" />', 'TR_USERNAME' => tr('Username'), 'TR_SEND' => tr('Request password'), 'TR_BACK' => tr('Back')));
}
if ($cfg->DUMP_GUI_DEBUG) {
dump_gui_debug($tpl);
function _userEmailpassword()
{
global $_CONF, $_TABLES, $_USER, $LANG04, $LANG12;
$retval = '';
if ($_CONF['passwordspeedlimit'] == 0) {
$_CONF['passwordspeedlimit'] = 300;
// 5 minutes
}
COM_clearSpeedlimit($_CONF['passwordspeedlimit'], 'password');
$last = COM_checkSpeedlimit('password');
if ($last > 0) {
$retval .= COM_showMessageText(sprintf($LANG04[93], $last, $_CONF['passwordspeedlimit']), $LANG12[26], true, 'error');
$retval .= getpasswordform();
} else {
$username = $_POST['username'];
$email = COM_applyFilter($_POST['email']);
if (empty($username) && !empty($email)) {
$username = DB_getItem($_TABLES['users'], 'username', "email = '" . DB_escapeString($email) . "' AND ((remoteservice IS NULL) OR (remoteservice = ''))");
}
if (!empty($username)) {
$retval .= requestpassword($username, 55);
} else {
echo COM_refresh($_CONF['site_url'] . '/users.php?mode=getpassword');
}
}
return $retval;
}
$_CONF['passwordspeedlimit'] = 300;
// 5 minutes
}
COM_clearSpeedlimit($_CONF['passwordspeedlimit'], 'password');
$last = COM_checkSpeedlimit('password');
if ($last > 0) {
$display .= COM_showMessageText(sprintf($LANG04[93], $last, $_CONF['passwordspeedlimit']), $LANG12[26]);
$display = COM_createHTMLDocument($display, array('pagetitle' => $LANG12[26]));
} else {
$username = COM_applyFilter($_POST['username']);
$email = COM_applyFilter($_POST['email']);
if (empty($username) && !empty($email)) {
$username = DB_getItem($_TABLES['users'], 'username', "email = '{$email}' AND ((remoteservice IS NULL) OR (remoteservice = ''))");
}
if (!empty($username)) {
$display .= requestpassword($username);
} else {
COM_redirect($_CONF['site_url'] . '/users.php?mode=getpassword');
}
}
break;
case 'new':
if ($_CONF['disable_new_user_registration']) {
$display .= COM_showMessageText($LANG04[122], $LANG04[22]);
} else {
// Call custom registration and account record create function
// if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userForm')) {
$display .= CUSTOM_userForm();
} else {
$display .= newuserform();
