/**
* send_remindpass
*
* sends an e-mail to the user with new generated password or
* if errors occurred then saves errors to the $site->fdat['form_error'] array.
* Requires: GET/POST parameter "op2" must be "send", is step 2 after #remind password# form
*
* @package CMS
*
* usage: include_once($class_path."login_html.inc.php");
* send_remindpass(array("site" => $this));
*/
function send_remindpass() {
$args = func_get_arg(0);
$site = &$args['site']; # pointer to site instance
# check if feature is allowed:
if(!$site->CONF['allow_forgot_password']){ return; }
#########################
# STEP 2 => SEND E-MAIL
if($site->fdat['op2'] == 'send') {
##### emaili formaadi kontroll
if (!preg_match("/^[\w\-\&\.\d]+\@[\w\-\&\.\d]+$/", $site->fdat['email'])) {
$op2_status = "error";
$site->fdat['form_error']['email'] = $site->sys_sona(array(sona => "wrong email format", tyyp=>"kasutaja"));
}
#### if no errors
if ($op2_status != "error") {
###### check if user exists
$sql = $site->db->prepare("SELECT user_id, firstname,lastname,username,email,is_readonly FROM users WHERE email LIKE ? ", $site->fdat['email']);
# print $sql;
$sth = new SQL($sql);
$site->debug->msg($sth->debug->get_msgs());
$user = $sth->fetch();
# printr($user);
# exit;
##### exactly 1 user found => OK
if ($sth->rows == 1 && $user['is_readonly']!=1) {
# data sanity: if account info exists => OK
if($user['username']){
######## always GENERATE NEW PASSWORD
$new_pass = genpassword(8); # length 8 char
# then encrypt password
$enc_new_pass = crypt($new_pass, Chr(rand(65,91)).Chr(rand(65,91)));
########## CHANGE password
$sql = $site->db->prepare("UPDATE users SET password=? WHERE user_id=? ", $enc_new_pass, $user['user_id']);
# print $sql;
$sth = new SQL($sql);
########## SEND email
$header = "<br>";
$footer = "<br>____________________________________<br>
".$site->CONF["site_name"]."<br>
".(empty($_SERVER['HTTPS']) ? 'http://' : 'https://').$site->CONF["hostname"].$site->CONF["wwwroot"]."/";
/*
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=".$site->encoding."\r\n";
$headers .= "From: ".$site->CONF["from_email"]."\r\n";
*/
$message .= "
".$site->sys_sona(array(sona => "Name", tyyp=>"Admin")).": ".$user['firstname']." ".$user['lastname']."<br>
".$site->sys_sona(array(sona => "Username", tyyp=>"Admin")).": ".$user['username']."<br>
".$site->sys_sona(array(sona => "Password", tyyp=>"Admin")).": ".$new_pass."<br>
";
$message .= '<br>'.$site->sys_sona(array(sona => "forgotten password: mail body", tyyp=>"kasutaja")).'<br>';
global $class_path;
include_once($class_path.'mail.class.php');
$mail = new email(array(
'subject' => $site->sys_sona(array('sona' => 'unustatud parool: subject', 'tyyp' => 'kasutaja')),
'message' => strip_tags($header.$message.$footer),
'html' => $header.$message.$footer,
'charset' => $site->encoding,
));
$send_status = $mail->send_mail(array(
'to' => $user['email'],
'from' => $site->CONF['from_email'],
));
//$send_status = mail ($user['email'],$site->sys_sona(array(sona => "unustatud parool: subject", tyyp=>"kasutaja")), $header.$message.$footer, $headers);
######## MAIL OK
if ($send_status) {
new Log(array(
'action' => 'send',
'component' => 'Users',
'message' => "Password reminder: e-mail sent to '".$user['email']."'.",
));
$op2_status = "ok";
}
######## MAIL ERROR
else {
new Log(array(
'action' => 'send',
'component' => 'Users',
'type' => 'ERROR',
'message' => "Password reminder error: can't send e-mail to '".$user['email']."'.",
));
$op2_status = "error";
$site->fdat['form_error']['email'] = $site->sys_sona(array(sona => "viga", tyyp=>"kujundus"));
}
} # if account info exists
# if no username found => error
else {
new Log(array(
'action' => 'send',
'component' => 'Users',
'type' => 'ERROR',
'message' => "Password reminder error: user with e-mail '".$site->fdat['email']."' doesn't have username.",
));
$op2_status = "error";
$site->fdat['form_error']['email'] = $site->sys_sona(array(sona => "email not found", tyyp=>"kasutaja"));
}
} # exactly 1 user found
else {
# 0) the User is flagged is_readonly => write log message
if($user['is_readonly']==1){
new Log(array(
'action' => 'send',
'component' => 'Users',
'type' => 'ERROR',
'message' => "Password reminder error: the email '".$site->fdat['email']."' belongs to a is_readonly flagged user, so no password was sent.",
));
}else{
# 1) if more than 1 users found => write log message
if($sth->rows > 1) {
new Log(array(
'action' => 'send',
'component' => 'Users',
'type' => 'ERROR',
'message' => "Password reminder error: more than 1 user found with e-mail '".$site->fdat['email']."'.",
));
}
# 2) if no users found => write log message and give error message
else {
new Log(array(
'action' => 'send',
'component' => 'Users',
'type' => 'ERROR',
'message' => "Password reminder error: no user found with e-mail '".$site->fdat['email']."'.",
));
}
}
$op2_status = "error";
$site->fdat['form_error']['email'] = $site->sys_sona(array(sona => "email not found", tyyp=>"kasutaja"));
} # how many users found
} # email is ok
} # op2
# / STEP 2 => SEND
#########################
return $site->fdat['form_error'];
}
$sth = new SQL($sql);
$sql1 = $site->db->prepare("SELECT * FROM users WHERE FIND_IN_SET(email,?)", $tomail);
$sth1 = new SQL($sql1);
$test = $sth->rows + $sth1->rows;
if (!$test) {
$errors[] = "Error! Receiver e-mail in mail form has been changed by unauthorized persons.";
}
if (sizeof($errors) == 0) {
# -------------------
# Send email message
# -------------------
#print "<pre>$output</pre>";
$output = "The following information was submitted by " . $_SERVER["REMOTE_ADDR"] . "\nfrom " . $_SERVER["HTTP_REFERER"] . "\non " . date("d.m.Y T") . "\n\n" . $output;
include_once $class_path . 'mail.class.php';
$mail = new email(array('subject' => $subject ? $subject : $site->CONF['subject'], 'message' => $output, 'charset' => $site->encoding));
$send_status = $mail->send_mail(array('to' => $tomail, 'from' => $site->CONF['from_email']));
//$send_status = mail($tomail, ($subject ? $subject : $site->CONF["subject"]), $output, "From: ".$site->CONF[from_email]."\nContent-Type: text/plain; charset=".$site->encoding);
# kui mail OK
if ($send_status) {
header("Location: " . (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $site->CONF[hostname] . $site->CONF[wwwroot] . ($site->in_editor ? "/editor" : "") . "/" . $ok_url);
# kirjuta error logi
} else {
new Log(array('component' => 'Feedback forms', 'type' => 'ERROR', 'message' => "Error occurred during sending form feedback e-mail: " . $send_status . " (From: " . htmlspecialchars($site->CONF[from_email]) . " To: " . htmlspecialchars($tomail) . ")"));
$errors[] = "Error occurred during sending form feedback e-mail!";
}
}
if (sizeof($errors)) {
# -------------------
# Error handling
# -------------------
# $http_headers_out{'Location'} = "$bad_url\&errors=".join("",@errors)."\n\n" unless $fdat{debug};
function send_mailinglist_message($header, $body, $footer, $encoding, $subject, $to, $from)
{
global $site;
//printr(func_get_args());
if ($site->CONF["maillist_format"]) {
# strip HTML tags for plain text message
$message = $header . $body . $footer;
$message = str_replace("<br>", "\n", $message);
$message = strip_tags($message);
}
if ($site->CONF["maillist_format"] != 1) {
$html = $header . $body . $footer;
$html = str_replace("\n", "<br>", $html);
$html_h = "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n";
$html_h .= "<html>\n";
$html_h .= "<head>\n";
$html_h .= " <meta content=\"text/html;" . $encoding . "\" http-equiv=\"Content-Type\">\n";
$html_h .= " <title></title>\n";
$html_h .= "</head>\n";
$html_h .= "<body>\n";
$html_f = "\n</body>\n";
$html_f .= "</html>";
$html = $html_h . $html . $html_f;
}
$email = new email(array('subject' => $subject, 'message' => wordwrap($message, 70), 'charset' => $encoding, 'html' => $html));
return $email->send_mail(array('to' => $to, 'from' => $from));
}
if (empty($name)) {
$messageStack->add(ERROR_NAME_EMPTY);
$error = true;
}
if ($error) {
break;
}
$email_subject = $subject . ' ' . EMAIL_SUBJECT;
if (tep_validate_email($email)) {
// Help Desk
$department_query = $g_db->query("select email_address, name from " . TABLE_HELPDESK_DEPARTMENTS . " where department_id = '" . (int) $_POST['department_id'] . "' and front='1'");
if ($g_db->num_rows($department_query)) {
$department = $g_db->fetch_array($department_query);
require_once DIR_FS_CLASSES . 'email.php';
$mailer = new email();
$result = $mailer->send_mail($department['name'], $department['email_address'], $email_subject, $_POST['enquiry'], $_POST['name'], $_POST['email'], '');
if (!$result) {
$messageStack->add_session(ERROR_SEND_MAIL);
} else {
$messageStack->add_session(SUCCESS_ENQUIRY_SENT, 'success');
}
tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
break;
} else {
$error = true;
$messageStack->add(ERROR_EMAIL_ADDRESS);
}
} else {
$error = true;
$messageStack->add(ERROR_EMAIL_ADDRESS);
}
