// Key request has been triggered if (isset($_GET['key']) && !empty($_GET['key'])) { check_input($_GET['key']); $template = 'lostpassword_message.tpl'; if (sendpassword($_GET['key'])) { $tpl->assign(array('TR_MESSAGE' => tr('Your new password has been sent.'), 'TR_LINK' => '<a href="index.php" class="button">' . tr('Login') . '</a>')); } else { $tpl->assign(array('TR_MESSAGE' => tr('New password could not be sent.'), 'TR_LINK' => '<a href="index.php" class="button">' . tr('Login') . '</a>')); } } elseif (isset($_POST['uname'])) { check_ipaddr(getipaddr(), 'captcha'); $template = 'lostpassword_message.tpl'; if (!empty($_POST['uname']) && isset($_SESSION['image']) && isset($_POST['capcode'])) { check_input(trim($_POST['uname'])); check_input($_POST['capcode']); if ($_SESSION['image'] == $_POST['capcode'] && requestpassword($_POST['uname'])) { $tpl->assign(array('TR_MESSAGE' => tr('Your password request has been initiated. You will receive an email with instructions to complete the process. This reset request will expire in %s minutes.', $cfg->LOSTPASSWORD_TIMEOUT), 'TR_LINK' => '<a href="index.php" class="button">' . tr('Back') . '</a>')); } else { $tpl->assign(array('TR_MESSAGE' => tr('User or security code was incorrect!'), 'TR_LINK' => '<a href="lostpassword.php" class="button">' . tr('Retry') . '</a>')); } } else { $tpl->assign(array('TR_MESSAGE' => tr('Please fill out all required fields!'), 'TR_LINK' => '<a href="lostpassword.php" class="button">' . tr('Retry') . '</a>')); } } else { unblock($cfg->BRUTEFORCE_BLOCK_TIME, 'captcha'); is_ipaddr_blocked(null, 'captcha', true); $template = 'lostpassword.tpl'; $tpl->assign(array('TR_CAPCODE' => tr('Security code'), 'TR_IMGCAPCODE_DESCRIPTION' => tr('(To avoid abuse, we ask you to write the combination of letters on the above picture into the field "Security code")'), 'TR_IMGCAPCODE' => '<img src="imagecode.php" style="border: none;height: ' . $cfg->LOSTPASSWORD_CAPTCHA_HEIGHT . 'px;width: ' . $cfg->LOSTPASSWORD_CAPTCHA_WIDTH . 'px;" alt="captcha image" />', 'TR_USERNAME' => tr('Username'), 'TR_SEND' => tr('Request password'), 'TR_BACK' => tr('Back'))); } if ($cfg->DUMP_GUI_DEBUG) { dump_gui_debug($tpl);
function _userEmailpassword() { global $_CONF, $_TABLES, $_USER, $LANG04, $LANG12; $retval = ''; if ($_CONF['passwordspeedlimit'] == 0) { $_CONF['passwordspeedlimit'] = 300; // 5 minutes } COM_clearSpeedlimit($_CONF['passwordspeedlimit'], 'password'); $last = COM_checkSpeedlimit('password'); if ($last > 0) { $retval .= COM_showMessageText(sprintf($LANG04[93], $last, $_CONF['passwordspeedlimit']), $LANG12[26], true, 'error'); $retval .= getpasswordform(); } else { $username = $_POST['username']; $email = COM_applyFilter($_POST['email']); if (empty($username) && !empty($email)) { $username = DB_getItem($_TABLES['users'], 'username', "email = '" . DB_escapeString($email) . "' AND ((remoteservice IS NULL) OR (remoteservice = ''))"); } if (!empty($username)) { $retval .= requestpassword($username, 55); } else { echo COM_refresh($_CONF['site_url'] . '/users.php?mode=getpassword'); } } return $retval; }
$_CONF['passwordspeedlimit'] = 300; // 5 minutes } COM_clearSpeedlimit($_CONF['passwordspeedlimit'], 'password'); $last = COM_checkSpeedlimit('password'); if ($last > 0) { $display .= COM_showMessageText(sprintf($LANG04[93], $last, $_CONF['passwordspeedlimit']), $LANG12[26]); $display = COM_createHTMLDocument($display, array('pagetitle' => $LANG12[26])); } else { $username = COM_applyFilter($_POST['username']); $email = COM_applyFilter($_POST['email']); if (empty($username) && !empty($email)) { $username = DB_getItem($_TABLES['users'], 'username', "email = '{$email}' AND ((remoteservice IS NULL) OR (remoteservice = ''))"); } if (!empty($username)) { $display .= requestpassword($username); } else { COM_redirect($_CONF['site_url'] . '/users.php?mode=getpassword'); } } break; case 'new': if ($_CONF['disable_new_user_registration']) { $display .= COM_showMessageText($LANG04[122], $LANG04[22]); } else { // Call custom registration and account record create function // if enabled and exists if ($_CONF['custom_registration'] && function_exists('CUSTOM_userForm')) { $display .= CUSTOM_userForm(); } else { $display .= newuserform();