function fu_add_new_user($fu = false) { //echo "wtf?"; require_once '../../../wp-includes/registration.php'; global $blog_id; $email = sanitize_email($fu['email']); //$current_site = get_current_site(); $pass = $fu['password']; $user_id = email_exists($email); //echo "hi"; if (!$user_id) { $password = $pass ? $pass : generate_random_password(); $user_id = wpmu_create_user($fu['username'], $password, $email); if (false == $user_id) { //echo "uh oh"; wp_die(__('There was an error creating the user')); } else { //echo "sending mail"; wp_new_user_notification($user_id, $password); } if (get_user_option('primary_blog', $user_id) == $blog_id) { update_user_option($user_id, 'primary_blog', $blog_id, true); } } $redirect = $fu['referer'] ? $fu['referer'] : get_bloginfo('url'); wp_redirect($redirect); }
function addStudentCredentials($leerling) { $leerling["role"] = 1; // is leerling $leerling["account_activated"] = 0; //account is nog niet geactiveerd, dit wordt pas gedaan als gebruiker eerste keer inlogt. $leerling["generated_password"] = generate_random_password(); $leerling["wachtwoord"] = password_hash($leerling["generated_password"], PASSWORD_BCRYPT); $leerling["email_code"] = md5($leerling["voornaam"] + microtime()); return $leerling; }
function process_reset_password_form() { $errors = array(); $Email = $_POST['email']; $randomPassword = generate_random_password(8); $Link = ''; global $Link; $md5RandomPassword = md5($randomPassword); $Query = 'UPDATE ' . USER . ' SET password="******" WHERE eMail="' . $Email . '"'; $Result = mysql_query($Query, $Link) or die("sp_clubs (Line " . __LINE__ . "): " . mysql_errno() . ": " . mysql_error()); if ($Result) { send_reset_password_email($Email, $randomPassword); } else { $errors[] = 'Unable to reset password.'; } return $errors; }
// voor als een docent bewerkt wordt $gebruiker_id = filter_var(trim($_POST['gebruiker_id']), FILTER_SANITIZE_STRING); $voornaam = filter_var(trim($_POST['voornaam']), FILTER_SANITIZE_STRING); $achternaam = filter_var(trim($_POST['achternaam']), FILTER_SANITIZE_STRING); $tussenvoegsel = filter_var($_POST['tussenvoegsel'], FILTER_SANITIZE_STRING); //tussenvoegsel mag spatie bevatten $docent_afkorting = filter_var(trim($_POST['afkorting']), FILTER_SANITIZE_STRING); $emailadres = filter_var(trim($_POST['emailadres']), FILTER_VALIDATE_EMAIL); if (!$emailadres) { $_SESSION['message'] = 'Voer een geldig e-mailadres in.'; } else { $role = 2; // is leraar $account_activated = 0; //account is nog niet geactiveerd, dit wordt pas gedaan als gebruiker eerste keer inlogt. $generated_password = generate_random_password(); $wachtwoord = password_hash($generated_password, PASSWORD_BCRYPT); $email_code = md5($voornaam + microtime()); //returned $generated_password $gegevens = ["gebruiker_id" => $gebruiker_id, "voornaam" => $voornaam, "tussenvoegsel" => $tussenvoegsel, "achternaam" => $achternaam, "emailadres" => $emailadres, "docent_afkorting" => $docent_afkorting]; //gegevens updaten: updateTeacher($gegevens["gebruiker_id"], $gegevens["voornaam"], $gegevens["tussenvoegsel"], $gegevens["achternaam"], $gegevens["emailadres"], $gegevens["docent_afkorting"]); } } } include ROOT_PATH . "includes/templates/header.php"; ?> <div class="wrapper"> <?php include ROOT_PATH . "includes/templates/sidebar-admin.php"; ?>
//**************** LEERLING TOEVOEGEN ******************// if (isset($_POST['submit_add_leerling'])) { //binnenkomende array ombouwen unset($_POST['submit_add_leerling']); $gegevens = rebuildArray($_POST); if (!checkArrayForEmptyValues($gegevens)) { $_SESSION['message'] = "Je moet alle gegevens invullen!"; } else { $gegevens = addLeerlingFilter($gegevens); foreach ($gegevens as $values => $keys) { $gegevens[$values]["klas"] = $klas; $gegevens[$values]["role"] = 1; // is leerling $gegevens[$values]["account_activated"] = 0; //account is nog niet geactiveerd, dit wordt pas gedaan als gebruiker eerste keer inlogt. $gegevens[$values]["generated_password"] = generate_random_password(); $gegevens[$values]["wachtwoord"] = password_hash($gegevens[$values]["generated_password"], PASSWORD_BCRYPT); $gegevens[$values]["email_code"] = md5($gegevens[$values]["voornaam"] + microtime()); } //checken of email en student_id uniek zijn foreach ($gegevens as $leerling_gegevens) { if ($leerling_gegevens['emailadres'] === FALSE) { $false_email = [$leerling_gegevens['emailadres']]; } else { if (checkIfUserExists($leerling_gegevens['emailadres'], $leerling_gegevens['leerling_id']) === FALSE) { //email adres niet in gebruik, dus gebruiker kan worden toegevoegd. // gegevens inserten addStudent($leerling_gegevens, $leerling_gegevens["emailadres"], $leerling_gegevens["leerling_id"], $leerling_gegevens["klas"]); } else { //email adres in gebruik gebruiker wordt op de hoogte gesteld dat dit email adres bezet is. $_SESSION['message'] = "Email adres " . $leerling_gegevens['emailadres'] . " is al in gebruik";
function wpmu_activate_signup($key) { global $wpdb; $signup = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->signups} WHERE activation_key = %s", $key)); if (empty($signup)) { return new WP_Error('invalid_key', __('Invalid activation key.')); } if ($signup->active) { return new WP_Error('already_active', __('The blog is already active.'), $signup); } $meta = unserialize($signup->meta); $user_login = $wpdb->escape($signup->user_login); $user_email = $wpdb->escape($signup->user_email); wpmu_validate_user_signup($user_login, $user_email); $password = generate_random_password(); $user_id = username_exists($user_login); if (!$user_id) { $user_id = wpmu_create_user($user_login, $password, $user_email); } else { $user_already_exists = true; } if (!$user_id) { return new WP_Error('create_user', __('Could not create user'), $signup); } $now = current_time('mysql', true); if (empty($signup->domain)) { $wpdb->update($wpdb->signups, array('active' => 1, 'activated' => $now), array('activation_key' => $key)); if (isset($user_already_exists)) { return new WP_Error('user_already_exists', __('That username is already activated.'), $signup); } wpmu_welcome_user_notification($user_id, $password, $meta); if (get_site_option('dashboard_blog') == false) { add_user_to_blog('1', $user_id, get_site_option('default_user_role', 'subscriber')); } else { add_user_to_blog(get_site_option('dashboard_blog'), $user_id, get_site_option('default_user_role', 'subscriber')); } add_new_user_to_blog($user_id, $user_email, $meta); do_action('wpmu_activate_user', $user_id, $password, $meta); return array('user_id' => $user_id, 'password' => $password, 'meta' => $meta); } wpmu_validate_blog_signup($signup->domain, $signup->title); $blog_id = wpmu_create_blog($signup->domain, $signup->path, $signup->title, $user_id, $meta, $wpdb->siteid); // TODO: What to do if we create a user but cannot create a blog? if (is_wp_error($blog_id)) { // If blog is taken, that means a previous attempt to activate this blog failed in between creating the blog and // setting the activation flag. Let's just set the active flag and instruct the user to reset their password. if ('blog_taken' == $blog_id->get_error_code()) { $blog_id->add_data($signup); $wpdb->update($wpdb->signups, array('active' => 1, 'activated' => $now), array('activation_key' => $key)); } return $blog_id; } $wpdb->update($wpdb->signups, array('active' => 1, 'activated' => $now), array('activation_key' => $key)); wpmu_welcome_notification($blog_id, $user_id, $password, $signup->title, $meta); do_action('wpmu_activate_blog', $blog_id, $user_id, $password, $signup->title, $meta); return array('blog_id' => $blog_id, 'user_id' => $user_id, 'password' => $password, 'title' => $signup->title, 'meta' => $meta); }
/** * Reset password * * @param array $data * @return mixed|boolean */ function reset_password($data = array()) { if ($data) { $sql = "\n SELECT\n id,\n first_name\n FROM {$this->_db}\n WHERE email = " . $this->db->escape($data['email']) . "\n AND status = '1'\n AND deleted = '0'\n LIMIT 1\n "; $query = $this->db->query($sql); if ($query->num_rows()) { // get user info $user = $query->row_array(); // create new random password $user_data['new_password'] = generate_random_password(); $user_data['first_name'] = $user['first_name']; // create new salt and stored password $salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), TRUE)); $password = hash('sha512', $user_data['new_password'] . $salt); $sql = "\n UPDATE {$this->_db} SET\n password = "******",\n salt = " . $this->db->escape($salt) . "\n WHERE id = " . $this->db->escape($user['id']) . "\n "; $this->db->query($sql); if ($this->db->affected_rows()) { return $user_data; } } } return FALSE; }
/** * Reset Password * For resetting our password we are generating a random password, * updating our database user entry with the random password and * emailing the random password to the user. * @param string $user_name Username typed by the user. * @return integer The function result code (for error handling) **/ function reset_password($user_name) { $mysql_query = ""; $query_result = SUCCESS_NO_ERROR; $random_password = generate_random_password(8); // connect to our database // connect to our database $database_connection = mysql_db_connect(); if ($database_connection == FALSE) { return RESET_PWD_DB_CANT_CONNECT; } // update db password, this query always return "true" // e.g. query ok, rows changes 0. So we will check later on. $mysql_query = "update users set user_password=sha1('" . $random_password . "') \n where user_name='" . $user_name . "'"; $query_result = $database_connection->query($mysql_query); if ($query_result == FALSE) { return RESET_PWD_DB_CANT_UPDATE; } // gather respective user e-mail $mysql_query = "select user_email from users where user_name='" . $user_name . "'"; $query_result = $database_connection->query($mysql_query); if ($query_result == FALSE) { return RESET_PWD_DB_EMPTY_EMAIL; } elseif ($query_result->num_rows <= 0) { return RESET_PWD_DB_INVALID_USER; } else { $row = $query_result->fetch_object(); $to = $row->user_email; $subject = "cat login information"; $message = "Your cat password has been changed to " . $random_password . " \r\n" . "please change it next time you log in"; $from = "From: support@cat.com \r\n"; if (mail($to, $subject, $message, $from) == FALSE) { return RESET_PWD_MAIL_ERROR; } else { return SUCCESS_NO_ERROR; } } }
function ldapAddUserOptions() { global $blog_id, $current_user; if ($_POST['addUser']) { // Process the post request $user = $_POST['user']; if (empty($user['username']) && empty($user['email'])) { wp_die(__("<p>Missing username.</p>")); } $username = strtolower($user['username']); // try finding a WP account for this user name $login = get_user_by('login', $username); if (!$login) { $result = wpmuLdapSearchUser(array('username' => $username, 'blog_id' => $blog_id, 'new_role' => $user['new_role'])); if (is_wp_error($result)) { ldapAddUserResult(array('updated' => 'false', 'error' => $result, 'username' => $username)); } else { $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); if ($result[0]) { wp_new_user_notification($result[1]); ldapAddUserResult(array('updated' => 'true', 'action' => 'add', 'username' => $username)); } elseif ($ldapCreateLocalUser || is_super_admin()) { ?> <div id='message' class='updated'> <form method='post'> <p><b><?php echo $username; ?> </b> not found in LDAP directory. To create a local user, enter the users email: <input type='text' name='user[email]' size='15' /> <input type='hidden' name='user[username]' value='<?php echo $username; ?> ' /> <input type='hidden' name='user[role]' value='<?php echo $user['new_role']; ?> ' /> <?php wp_nonce_field('add-local-user'); ?> <input type='submit' class='button' name='addLocalUser' value='Create Local User' /> </form></p> </div> <?php } else { ldapAddUserResult(array('updated' => 'false', 'action' => 'notfound', 'username' => $username)); } } } else { // Add User to Blog if (wpmuLdapAddUserToBlog($login->ID, $blog_id, $user['new_role'])) { wp_new_user_notification($login->ID); ldapAddUserResult(array('updated' => 'true', 'action' => 'add', 'username' => $username)); } else { ldapAddUserResult(array('updated' => 'false', 'action' => 'exists', 'username' => $username)); } } } elseif ($_POST['addUserBulk']) { // Check Access $ldapBulkAdd = get_site_option('ldapBulkAdd'); if (is_super_admin() || $ldapBulkAdd && is_admin()) { $user = $_POST['user']; $usernames = array(); if (!empty($user['bulk_username'])) { $usernames = explode("\n", $user['bulk_username']); $usernames = array_filter(array_map('trim', $usernames)); // trim whitespace from usernames and remove empty lines $usernames = array_map('strtolower', $usernames); } foreach ($usernames as $username) { // try finding a WP account for this user name $login = get_user_by('login', $username); if (!$login) { $result = wpmuLdapSearchUser(array('username' => $username, 'blog_id' => $blog_id, 'new_role' => $user['bulk_new_role'], 'createBlog' => false)); if (is_wp_error($result)) { ldapAddUserResult(array('updated' => 'false', 'error' => $result, 'username' => $username)); } else { if ($result[0]) { wp_new_user_notification($result[1]); ldapAddUserResult(array('updated' => 'true', 'action' => 'add', 'username' => $username)); } else { ldapAddUserResult(array('updated' => 'false', 'action' => 'notfound', 'username' => $username)); } } } else { // Add User to Blog if (wpmuLdapAddUserToBlog($login->ID, $blog_id, $user['bulk_new_role'])) { wp_new_user_notification($login->ID); ldapAddUserResult(array('updated' => 'true', 'action' => 'add', 'username' => $username)); } else { ldapAddUserResult(array('updated' => 'false', 'action' => 'exists', 'username' => $username)); } } } } else { ldapAddUserResult(array('updated' => 'false', 'action' => 'auth')); } } elseif ($_POST['addLocalUser']) { check_admin_referer('add-local-user'); $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); if ($ldapCreateLocalUser || is_super_admin()) { $user = $_POST['user']; if (empty($user['username']) && empty($user['email'])) { wp_die(__("<p>Missing username and email.</p>")); } elseif (empty($user['username'])) { wp_die(__("<p>Missing username.</p>")); } elseif (empty($user['email'])) { wp_die(__("<p>Missing email.</p>")); } $password = generate_random_password(); $user_id = wpmu_create_user(wp_specialchars(strtolower($user['username'])), $password, wp_specialchars($user['email'])); if (false == $user_id) { wp_die(__("<p>Duplicated username or email address.</p>")); } else { wp_new_user_notification($user_id, $password); } // Update User Meta update_usermeta($user_id, 'primary_blog', $blog_id); // Configure User Role add_user_to_blog($blog_id, $user_id, $user['role']); ldapAddUserResult(array('updated' => 'true', 'action' => 'add', 'username' => $user['username'])); } else { wp_die(__("<p>Access denied.</p>")); } } ?> <div class="wrap"> <?php // Add User $ldapAddUser = get_site_option('ldapAddUser'); if (is_super_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser))) { ?> <div id="icon-users" class="icon32"> <br /> </div> <h2><?php _e('Add User'); ?> </h2> <?php $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); if ($ldapCreateLocalUser) { echo "<p>Local User Creation Enabled</p>"; } ?> <p> Using the following fields below to search out LDAP users and add them into the blog. <?php if ($ldapCreateLocalUser) { ?> If the user does not exist in the LDAP Directory, you will have the option to create a local account for them. <?php } ?> </p> <form method="post" id="ldap_add_user"> <?php wp_nonce_field('add-user'); ?> <fieldset class="options"> <table class="form-table" cellpadding="3" cellspacing="3"> <tr valign="top"> <th scope='row'><label for="addusername"><?php _e('Username:'******'Role:'); ?> </label></th> <td><?php wpmuLdapAddGenRoleBox('new_role'); ?> </td> </tr> </table> <p class="submit"> <input class="button" type="submit" name="addUser" value="<?php _e('Add User'); ?> " /> </p> </fieldset> </form> <?php } ?> <!-- Bulk Add User --> <?php $ldapBulkAdd = get_site_option('ldapBulkAdd'); if (is_super_admin() || $ldapBulkAdd && is_admin()) { ?> <h3><?php _e('Add Bulk Users'); ?> </h3> <p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk. The auto create blog for new users function will be disabled for bulk adds.</p> <form method="post" id="ldap_add_user_bulk"> <?php wp_nonce_field('add-user-bulk'); ?> <fieldset class="options"> <table class="form-table" cellpadding="3" cellspacing="3"> <tr valign="top"> <th scope='row'><label for="addbulkusername"><?php _e('Usernames:'); ?> </label></th> <td><textarea name="user[bulk_username]" id="addbulkusername" rows="15" cols="40"></textarea></td> </tr> <tr valign="top"> <th scope="row"><label for="bulk_new_role"><?php _e('Role:'); ?> </label></th> <td><?php wpmuLdapAddGenRoleBox('bulk_new_role'); ?> </td> </tr> </table> <p class="submit"> <input class="button" type="submit" name="addUserBulk" value="<?php _e('Add Bulk Users'); ?> " /> </p> </fieldset> </form> <?php } ?> </div> <?php }
} if ($_POST['save_linkwag_email']) { $linkwag_unique = get_option('linkwag_uni'); if ($_POST['linkwag_email'] != '') { $linkwag_email = get_option('linkwag_email'); if ($_POST['linkwag_email'] == $linkwag_email) { if ($linkwag_unique == $_POST['unique_key']) { $y_login = update_option('y_login', '1'); $val = "Successfull"; update_option('linkwag_unique', $_POST['unique_key']); } else { $y_login = update_option('y_login', ''); $val = "You entered wrong verification "; } } else { $randno = generate_random_password(10); update_option('linkwag_uni', $randno); get_option('linkwag_uni'); $to = $_POST['linkwag_email']; $subject = "New Account Created"; $headers = "From: info@linkwag.com\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"; $mailtext .= "<TR>"; $mailtext .= "<TD width=30% valign=top class=text><BR></TD>"; $mailtext .= "<TD width=70% valign=top class=text>Thank you for registering with us!! </TD>"; $mailtext .= "</TR>"; $mailtext .= "<TR>"; $mailtext .= "<TD width=30% valign=top class=text><BR></TD>"; $mailtext .= "<TD width=70% valign=top class=text> Verification Code =" . $randno . "</a><br /><br /><BR /></TD>"; $mailtext .= "</TR>";
/** * Creates a WordPress user account from an LDAP response specified by * $ldapUserData. Assumes that a user account $newUserName does not already * exist. * * Code courtesy of dwang99 via post at * <code>http://patcavit.com/2005/05/11/wordpress-ldap-and-playing-nicely/</code> * * @author - dwang99 */ function wpmuLdapCreateWPUserFromLdap($opts) { global $base, $error, $wpdb, $current_site; // Extract Inputs extract($opts); if (!isset($newUserName)) { $newUserName = ''; } if (!isset($newUserPassword)) { $newUserPassword = ''; } if (!isset($ldapUserData)) { $ldapUserData = false; } if (!isset($createBlog)) { $createBlog = true; } // Check to see if email is empty if (empty($ldapUserData[LDAP_INDEX_EMAIL])) { return new WP_Error('ldapcreate_emailempty', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> does not have an email address associated with the ldap record. All wordpress accounts must have a unique email address.'), $newUserName)); } // Check to see if email already exists if (email_exists($ldapUserData[LDAP_INDEX_EMAIL])) { return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> (%s) is already associated with another account. All accounts (including the admin account) must have an unique email address.'), $ldapUserData[LDAP_INDEX_EMAIL], $newUserName)); } // we don't actually care about the WP password (since it's LDAP), but we need one for WP database $sPassword = generate_random_password(); $user_id = wpmu_create_user($newUserName, $sPassword, $ldapUserData[LDAP_INDEX_EMAIL]); if ($user_id === false) { return new WP_Error('ldapcreate_failed', __('<strong>ERROR</strong>: Account creation from LDAP failed.')); } //Update their first and last name from ldap update_usermeta($user_id, 'first_name', $ldapUserData[LDAP_INDEX_GIVEN_NAME]); update_usermeta($user_id, 'last_name', $ldapUserData[LDAP_INDEX_SURNAME]); update_usermeta($user_id, 'ldap_login', 'true'); //Set Public Display Name $displayName = get_site_option('ldapPublicDisplayName'); $display_name = ''; $ldapnick = $ldapUserData[LDAP_INDEX_NICKNAME]; if (!empty($ldapnick)) { $display_name = $ldapnick; } else { if (!empty($displayName)) { if ($displayName == 'username') { $display_name = $newUserName; } if ($displayName == 'first') { $display_name = $ldapUserData[LDAP_INDEX_GIVEN_NAME]; } if ($displayName == 'firstlast') { $display_name = $ldapUserData[LDAP_INDEX_GIVEN_NAME] . ' ' . $ldapUserData[LDAP_INDEX_SURNAME]; } if ($displayName == 'lastfirst') { $display_name = $ldapUserData[LDAP_INDEX_SURNAME] . ' ' . $ldapUserData[LDAP_INDEX_GIVEN_NAME]; } } else { $display_name = $newUserName; } } if (!empty($display_name)) { $wpdb->update($wpdb->users, compact('display_name'), array('ID' => $user_id)); } //This is for plugin events do_action('wpmu_activate_user', $user_id, $newUserPassword, false); $uname = strtolower(wp_specialchars($newUserName)); # WPMU doesnot accept non-alphanumeric characters $domain = preg_replace('/[^\\da-z]/i', '', $uname); if (constant("VHOST") == 'yes') { $newdomain = $domain . "." . $current_site->domain; $path = $base; } else { $newdomain = $current_site->domain; # prefix path with a / $path = '/' . $base . $domain . '/'; } // is it configured to create WP blogs from LDAP accounts? $ldapCreateBlog = get_site_option("ldapCreateBlog"); if ($createBlog && $ldapCreateBlog) { // Create and update the user's blog. $meta = apply_filters('signup_create_blog_meta', array('lang_id' => 'en', 'public' => 0)); $blog_id = wpmu_create_blog($newdomain, $path, $newUserName . "'s blog", $user_id, $meta); if (is_a($blog_id, "WP_Error")) { return new WP_Error('blogcreate_failed', __('<strong>ERROR</strong>: Blog creation from LDAP failed.')); } do_action('wpmu_activate_blog', $blog_id, $user_id, $newUserPassword, $newUserName . "'s blog", $meta); } // Add user as subscriber to blog #1 wpmuUpdateBlogAccess($user_id); return new WP_User($user_id); }
break; case 3: //update a product update(); break; case 4: //get details of a product getProduct(); break; case 5: //sends sms to get stock level getStock(); break; case 6: //generate random id for transaction generate_random_password(5); break; case 7: //add sale to db addSale(); break; case 8: //all transaction to db addTransaction(); break; case 9: //get all purchases with a given transaction id displaySale(); break; case 10: //set the total value of a transaction
} else { $trusted_port = ""; } $sth = $dbh->prepare("UPDATE maia_config SET enable_user_autocreation = 'N', " . "internal_auth = 'Y', " . "admin_email = ?, " . "reminder_login_url = ?, " . "newuser_template_file = ?, " . "smtp_server = ?, " . "smtp_port = ? " . "WHERE id = 0"); $sth->execute(array($admin_email, $reminder_login_url, $newuser_template_file, $trusted_server, $trusted_port)); if (PEAR::isError($sth)) { die($sth->getMessage()); } $new_email = get_rewritten_email_address($your_email, $address_rewriting_type); $username = $new_email; $new_user_id = add_user($username, $new_email); if ($new_user_id === -1) { $smarty->assign("error", "This superuser account already exists. It must be removed from the database before recreating."); } // Generate a random password and assign it to the new user list($password, $digest) = generate_random_password(); $sth = $dbh->prepare("UPDATE maia_users SET password = ? WHERE id = ?"); $sth->execute(array($digest, $new_user_id)); if (PEAR::isError($sth)) { die($sth->getMessage()); } $sth->free(); $fh = fopen($newuser_template_file, "r"); if ($fh) { $body = fread($fh, filesize($newuser_template_file)); fclose($fh); $body = preg_replace("/%%ADMINEMAIL%%/", $admin_email, $body); $body = preg_replace("/%%LOGIN%%/", $username, $body); $body = preg_replace("/%%PASSWORD%%/", $password, $body); $body = preg_replace("/%%LOGINURL%%/", $reminder_login_url, $body); $result = smtp_send($admin_email, $new_email, $body);
require_once BASE . '/inc/utils.php'; // verify API key if (!isset($_GET['api-key']) || $settings->getAPIKey() !== $_GET['api-key']) { panic('Invalid API-key'); } // add recipient (user) to local database, send password by mail if ($_GET['type'] == 'trigger' && isset($_GET['recipient']) && $_GET['recipient'] !== '') { if (!has_auth_database()) { panic('No database authentication source'); } $recipient = $_GET['recipient']; $dbh = $settings->getDatabase(); $statement = $dbh->prepare("SELECT 1 FROM users WHERE username = :username;"); $statement->execute(array(':username' => $recipient)); if (!$statement->fetch(PDO::FETCH_ASSOC)) { $password = password_hash(generate_random_password(), PASSWORD_DEFAULT); $token = uniqid(); $publictoken = hash_hmac('sha256', $password, $token); $dbh->beginTransaction(); $statement = $dbh->prepare("INSERT INTO users (username, password, reset_password_token) VALUES (:username, :password, :token);"); $statement->execute(array(':username' => $recipient, 'password' => $password, 'token' => $token)); $statement = $dbh->prepare("INSERT INTO users_relations (username, type, access) VALUES (:username, 'mail', :username);"); $statement->execute(array(':username' => $recipient)); if (!$dbh->commit()) { panic('Database INSERT failed'); } $smarty_no_assign = true; require BASE . '/inc/smarty.php'; $smarty->assign('email', $recipient); $smarty->assign('register_url', $settings->getPublicURL() . "/?page=forgot&reset={$recipient}&type=create&token={$publictoken}"); $headers = array();
public function processForgot($data) { // get form parameters $name = $data['Forgot']['name']; $to = $data['Forgot']['email']; // can we find a user with those fields? $forgetful_user = $this->find('first', ['conditions' => ['username' => $name, 'email' => $to]]); if (empty($forgetful_user)) { // no user $response = 'Sorry, no user matches those details'; } else { // generate a new password for the use $temp = generate_random_password(8); if ($this->save(['User' => ['id' => $forgetful_user['User']['id'], 'password' => $temp]])) { // compose an email to the user telling them the new password $from = [MAIL_SENDER => 'Goalmine Admin']; $subject = 'Forgotten Password'; $message = 'You have requested a password reset for your Goalmine account. Your new, temporary password is given below. ' . $temp . ' Please log in using this password, and change it to something more memorable'; $email = new CakeEmail('default'); $email->from($from)->subject($subject)->to($to); $email->send($message); debug($message); $response = 'Your password has been reset and emailed to you'; $this->log(__('Reset password for user: %s, to %s', $name, $temp), 'user'); } else { // couldn't save the new record for some reason $response = 'Sorry, your details couldn\'t be updated at this time'; } } return $response; }
function ra_create_blog($email, $domain = '', $title, $username = '', $password = '******', $copy_id = 0) { global $wpdb, $current_site, $base, $current_user; if (!$email) { return; } $user_id = email_exists(sanitize_email($email)); if (!$user_id) { $password = generate_random_password(); $user_id = wpmu_create_user($username, $password, $email); if (!$user_id) { return __('There was an error creating the user'); } wp_new_user_notification($user_id, $password); } if ($domain && $title) { if (is_subdomain_install()) { $newdomain = $domain . "." . $current_site->domain; $path = $base; } else { $newdomain = $current_site->domain; $path = $base . $domain . '/'; } remove_action('wpmu_new_blog', 'ra_copy_blog', 10); $wpdb->hide_errors(); $new_id = wpmu_create_blog($newdomain, $path, $title, $user_id, array("public" => 1), $current_site->id); $wpdb->show_errors(); if (!is_wp_error($new_id)) { $dashboard_blog = get_dashboard_blog(); if (!is_super_admin() && get_user_option('primary_blog', $user_id) == $dashboard_blog->blog_id) { update_user_option($user_id, 'primary_blog', $new_id, true); } $content_mail = sprintf(__("New site created by %1s\n\nAddress: http://%2s\nName: %3s"), $current_user->user_login, $newdomain . $path, stripslashes($title)); wp_mail(get_site_option('admin_email'), sprintf(__('[%s] New ' . ($is_wp30 ? 'Site' : 'Blog') . ' Created'), $current_site->site_name), $content_mail, 'From: "Site Admin" <' . get_site_option('admin_email') . '>'); wpmu_welcome_notification($new_id, $user_id, $password, $title, array("public" => 1)); // now copy if ($copy_id) { ra_copy_blog($new_id, $copy_id, $user_id); $msg = __('Replicated'); } } else { $msg = $new_id->get_error_message(); } } return $msg; }