/** * Performs the resend user password action. * * @access public * @since 3.0 * */ function resend_password_action() { global $_POST, $SANITIZER, $CONFIG; $str_error = ''; // init if (isset($_POST["un"])) { $un = trim($_POST["un"]); $un = $SANITIZER->sanitize($un); } else { $un = ""; } if (isset($_POST["email"])) { $email = trim($_POST["email"]); $email = $SANITIZER->sanitize($email); } else { $email = ""; } /** Send email instructions about how to reset the password **/ if (isset($_POST["cmd_resend_password"])) { if (trim($un) == "" || trim($email) == "") { $str_error .= JText::_('Required field cannot be left blank.') . '<BR />'; } if (!ZEmail::check($email)) { $str_error .= JText::_('Email should look like an email address.') . '<BR />'; } $email_address_owner_found = false; if (empty($str_error)) { $sql = "\n\t\t\t\t\t\t\t\tSELECT u.id, u.un, u.firstname, u.lastname\n\t\t\t\t\t\t\t\tFROM users AS u\n\t\t\t\t\t\t\t\tWHERE u.un = '{$un}'\n\t\t\t\t\t\t\t\tAND u.email = '{$email}'\n\t\t\t\t\t\t\t\tLIMIT 0, 1\n\t\t\t\t\t\t\t "; $result = mysql_query($sql); if ($result) { $record_count = MySQL_NUM_ROWS($result); if ($record_count == 1) { $u_id = mysql_result($result, 0, "u.id"); // at least one user using the supplied email address was found $u_username = mysql_result($result, 0, "u.un"); $u_firstname = mysql_result($result, 0, "u.firstname"); $u_lastname = mysql_result($result, 0, "u.lastname"); $u_fullname = $u_firstname . " " . $u_lastname; $email_address_owner_found = true; } } if ($email_address_owner_found) { /** Send instructions here **/ /** Encrypt email address **/ $strongCipher = new Cipher_blowfish(); $strongCipher->setKey(@$CONFIG->secret); $activation = $strongCipher->zf_encrypt(date("Y-m-d H:i:s") . "_" . $u_id); /** Send email with password reset instructions **/ $name = JText::_('ZIME Service'); //senders name $sender = "*****@*****.**"; //senders e-mail adress $recipient = $email; //recipient $subject = JText::_('Reset your ZIME Password'); //subject $mail_body = JText::__('email_pw_reset_instructions.txt'); $mail_body = str_replace("[USER]", $u_fullname . " ({$u_username})", $mail_body); $mail_body = str_replace("[URL]", "{$CONFIG->basedir_rewrite}validate.php?option=reset&activation={$activation}", $mail_body); $header = "From: " . $name . " <" . $sender . ">\r\n"; //optional headerfields ini_set('sendmail_from', $sender); //Suggested by "Some Guy" mail($recipient, $subject, $mail_body, $header); //mail command :) } else { $str_error .= JText::_('Email address was not found.') . '<BR />'; } } } return $str_error; }
/** * Performs the email address integrity test. * * @access public * @param string $email The email address * @since 3.0 * */ function test_integrity_email($email) { $email_validation_required = true; $str_error = ""; // init /** is email address blank? **/ if (@$email == "") { $str_error .= JText::_("Email cannot be left blank.") . '<br />'; return $str_error; } /** check email address syntax **/ if (!ZEmail::check($email)) { $str_error .= JText::_('Email should look like an email address.') . '<BR />'; return $str_error; } $email_exists = false; /** look in database for existing username **/ if (!$email_exists) { $sql = "\n\t\t\t\t\t\t\tSELECT u.email\n\t\t\t\t\t\t\tFROM users AS u\n\t\t\t\t\t\t\tWHERE u.email = '{$email}'\n\t\t\t\t\t\t\tLIMIT 0, 1\n\t\t\t\t\t\t "; //echo $sql; $result = mysql_query($sql); $record_count = 0; if ($result) { $record_count = MySQL_NUM_ROWS($result); } if ($record_count == 1) { $email_exists = true; } } if ($email_exists) { $str_error .= JText::_('Email has already been taken.') . '<br />'; } return $str_error; }