function forgotten_password() { if (!isset($_REQUEST["Benutzername"]) || !isset($_REQUEST["EMail"]) || $_REQUEST["Benutzername"] == 'guest' || empty($_REQUEST["Benutzername"]) || empty($_REQUEST["EMail"]) || !(bool) trim($_REQUEST["Benutzername"]) || !(bool) trim($_REQUEST["EMail"])) { return -1; } if (!USE_PHP_MAILING) { return -4; } $administration = new administration(); define("USER_NAME", trim($_REQUEST["Benutzername"])); define("USER_EMAIL", trim($_REQUEST["EMail"])); if (!$administration->getUserIdByUserName(USER_NAME) || USER_EMAIL != $administration->getEmailByUserId($administration->getUserIdByUserName(USER_NAME))) { return -2; } $new_password = $administration->getRandomPassword(); $sql_update = "UPDATE mb_user SET mb_user_password = \$1, mb_user_digest = \$3 WHERE mb_user_id = \$2"; $v = array(md5($new_password), $administration->getUserIdByUserName(USER_NAME), md5(USER_NAME . ";" . USER_EMAIL . ":" . REALM . ":" . $new_password)); $t = array("s", "i"); if (!db_prep_query($sql_update, $v, $t)) { return -3; } $email_subject = "New GeoPortal.rlp Password"; $email_body = sprintf("Your new GeoPortal.rlp password is: %s", $new_password); if (!$administration->sendEmail(NULL, NULL, USER_EMAIL, USER_NAME, $email_subject, $email_body, $error_msg)) { return -4; } return 1; }
if (db_numrows($res) == 0 and !$registerAsGuest) { $userAlreadyExists = 0; /// pr�fen auf email und richtigkeit if ($adm->isValidEmail($mb_user_email)) { $emailValid = 1; /////INSERT if (!isset($mb_user_postal_code) || $mb_user_postal_code == '') { $mb_user_postal_code = 0; } $sql = "INSERT INTO mb_user (mb_user_name,mb_user_password,mb_user_digest,mb_user_owner,mb_user_description,mb_user_email,mb_user_phone,mb_user_department,mb_user_organisation_name,mb_user_position_name,mb_user_city,mb_user_postal_code, mb_user_textsize, mb_user_glossar) VALUES (\$1, \$2,\$13, '1', \$3, \$4, \$5, \$6, \$7, \$8, \$9, \$10,\$11,\$12)"; $v = array($mb_user_name, md5($mb_user_password), $mb_user_description, $mb_user_email, $mb_user_phone, $mb_user_department, $mb_user_organisation_name, $mb_user_position_name, $mb_user_city, $mb_user_postal_code, 'textsize1', 'ja', md5($mb_user_name . ";" . $mb_user_email . ":" . REALM . ":" . $mb_user_password)); $t = array('s', 's', 's', 's', 's', 's', 's', 's', 's', 'i', 's', 's', 's'); $res = db_prep_query($sql, $v, $t); $sql = "SELECT mb_group_id FROM mb_group WHERE mb_group_name = 'guest' LIMIT 1"; $res = db_prep_query($sql, array(), array()); $row = db_fetch_array($res); $group_id = $row['mb_group_id']; $sql = "INSERT INTO mb_user_mb_group (fkey_mb_user_id, fkey_mb_group_id) VALUES (\$1, \$2)"; $v = array($adm->getUserIdByUserName($mb_user_name), $group_id); $t = array('i', 'i'); $res = db_prep_query($sql, $v, $t); //Mailversand $mailBody = $mailBody1 . " " . $mb_user_password . " " . $mailBody2; #echo $mailBody."<br>"; $success = $adm->sendEmail(MAILADMIN, MAILADMINNAME, $mb_user_email, $mb_user_name, 'Ihre Registrierung', $mailBody, $error_msg); } else { $emailValid = 0; } } else { $userAlreadyExists = 1; }
</head> <body> <?php if (!USE_PHP_MAILING) { echo "<script language='javascript'>"; echo "alert('PHP mailing is currently disabled. Please adjust the settings in mapbender.conf.');"; echo "window.close();"; echo "</script>"; } else { $logged_user_name = Mapbender::session()->get("mb_user_name"); $logged_user_id = Mapbender::session()->get("mb_user_id"); $admin = new administration(); $upd = false; if ($_POST["sendnew"]) { if ($_POST["username"] && $_POST["email"]) { $id = $admin->getUserIdByUserName($_POST["username"]); $mailAddressMatch = $admin->getEmailByUserId($id) == $_POST["email"] && $_POST["email"] != ''; $user_id = $id; if ($user_id && $mailAddressMatch) { $upd = true; } else { echo "Either your username could not be found or you have registered another or no mail address.<br><br>"; } } else { echo "Please fill in your username and mail address.<br><br>"; } } /*handle INSERT and DELETE************************************************************************************/ if ($upd) { $sql_password = $admin->getRandomPassword(); $mailToAddr = $admin->getEmailByUserId($user_id);