function forgotten_password()
{
if (!isset($_REQUEST["Benutzername"]) || !isset($_REQUEST["EMail"]) || $_REQUEST["Benutzername"] == 'guest' || empty($_REQUEST["Benutzername"]) || empty($_REQUEST["EMail"]) || !(bool) trim($_REQUEST["Benutzername"]) || !(bool) trim($_REQUEST["EMail"])) {
return -1;
}
if (!USE_PHP_MAILING) {
return -4;
}
$administration = new administration();
define("USER_NAME", trim($_REQUEST["Benutzername"]));
define("USER_EMAIL", trim($_REQUEST["EMail"]));
if (!$administration->getUserIdByUserName(USER_NAME) || USER_EMAIL != $administration->getEmailByUserId($administration->getUserIdByUserName(USER_NAME))) {
return -2;
}
$new_password = $administration->getRandomPassword();
$sql_update = "UPDATE mb_user SET mb_user_password = \$1, mb_user_digest = \$3 WHERE mb_user_id = \$2";
$v = array(md5($new_password), $administration->getUserIdByUserName(USER_NAME), md5(USER_NAME . ";" . USER_EMAIL . ":" . REALM . ":" . $new_password));
$t = array("s", "i");
if (!db_prep_query($sql_update, $v, $t)) {
return -3;
}
$email_subject = "New GeoPortal.rlp Password";
$email_body = sprintf("Your new GeoPortal.rlp password is: %s", $new_password);
if (!$administration->sendEmail(NULL, NULL, USER_EMAIL, USER_NAME, $email_subject, $email_body, $error_msg)) {
return -4;
}
return 1;
}
if (db_numrows($res) == 0 and !$registerAsGuest) {
$userAlreadyExists = 0;
/// pr�fen auf email und richtigkeit
if ($adm->isValidEmail($mb_user_email)) {
$emailValid = 1;
/////INSERT
if (!isset($mb_user_postal_code) || $mb_user_postal_code == '') {
$mb_user_postal_code = 0;
}
$sql = "INSERT INTO mb_user (mb_user_name,mb_user_password,mb_user_digest,mb_user_owner,mb_user_description,mb_user_email,mb_user_phone,mb_user_department,mb_user_organisation_name,mb_user_position_name,mb_user_city,mb_user_postal_code, mb_user_textsize, mb_user_glossar) VALUES (\$1, \$2,\$13, '1', \$3, \$4, \$5, \$6, \$7, \$8, \$9, \$10,\$11,\$12)";
$v = array($mb_user_name, md5($mb_user_password), $mb_user_description, $mb_user_email, $mb_user_phone, $mb_user_department, $mb_user_organisation_name, $mb_user_position_name, $mb_user_city, $mb_user_postal_code, 'textsize1', 'ja', md5($mb_user_name . ";" . $mb_user_email . ":" . REALM . ":" . $mb_user_password));
$t = array('s', 's', 's', 's', 's', 's', 's', 's', 's', 'i', 's', 's', 's');
$res = db_prep_query($sql, $v, $t);
$sql = "SELECT mb_group_id FROM mb_group WHERE mb_group_name = 'guest' LIMIT 1";
$res = db_prep_query($sql, array(), array());
$row = db_fetch_array($res);
$group_id = $row['mb_group_id'];
$sql = "INSERT INTO mb_user_mb_group (fkey_mb_user_id, fkey_mb_group_id) VALUES (\$1, \$2)";
$v = array($adm->getUserIdByUserName($mb_user_name), $group_id);
$t = array('i', 'i');
$res = db_prep_query($sql, $v, $t);
//Mailversand
$mailBody = $mailBody1 . " " . $mb_user_password . " " . $mailBody2;
#echo $mailBody."<br>";
$success = $adm->sendEmail(MAILADMIN, MAILADMINNAME, $mb_user_email, $mb_user_name, 'Ihre Registrierung', $mailBody, $error_msg);
} else {
$emailValid = 0;
}
} else {
$userAlreadyExists = 1;
}
</head>
<body>
<?php
if (!USE_PHP_MAILING) {
echo "<script language='javascript'>";
echo "alert('PHP mailing is currently disabled. Please adjust the settings in mapbender.conf.');";
echo "window.close();";
echo "</script>";
} else {
$logged_user_name = Mapbender::session()->get("mb_user_name");
$logged_user_id = Mapbender::session()->get("mb_user_id");
$admin = new administration();
$upd = false;
if ($_POST["sendnew"]) {
if ($_POST["username"] && $_POST["email"]) {
$id = $admin->getUserIdByUserName($_POST["username"]);
$mailAddressMatch = $admin->getEmailByUserId($id) == $_POST["email"] && $_POST["email"] != '';
$user_id = $id;
if ($user_id && $mailAddressMatch) {
$upd = true;
} else {
echo "Either your username could not be found or you have registered another or no mail address.<br><br>";
}
} else {
echo "Please fill in your username and mail address.<br><br>";
}
}
/*handle INSERT and DELETE************************************************************************************/
if ($upd) {
$sql_password = $admin->getRandomPassword();
$mailToAddr = $admin->getEmailByUserId($user_id);
