<?php require_once 'runtime.php'; require_once 'lib/core/helper.class.php'; require_once 'lib/core/register.class.php'; require_once 'lib/core/user_old.class.php'; $register = new register(); if (empty($_POST['email'])) { $smarty->assign('message', Message::getMessage()); $smarty->display("header.tpl.html"); $smarty->display("resend_activation_mail.tpl.html"); $smarty->display("footer.tpl.html"); } else { $user = User_old::getUserByEmail($_POST['email']); if ($user) { if ($user['activated'] != "0") { if (empty($user['openid'])) { $new_password = Helper::randomPassword(8); $register->setNewPassword($new_password, $user['id']); } $register->sendRegistrationEmail($user['email'], $user['nickname'], $new_password, $user['activated'], strtotime($user['create_date']), $user['openid']); header('Location: ./login.php'); } else { $message[] = array("Der Benutzer mit der Emailadresse {$_POST['email']} wurde bereits freigeschaltet!", 2); Message::setMessage($message); header('Location: ./login.php'); } } else { $message[] = array("Der Benutzer mit der Emailadresse {$_POST['email']} existiert nicht!", 2); Message::setMessage($message); header('Location: ./login.php');
$smarty->assign('community_slogan', $GLOBALS['community_slogan']); /** * Auto Login */ if ($GLOBALS['installed']) { //if the user is not logged in and the remember me cookie is set if (!isset($_SESSION['user_id']) and !empty($_COOKIE["remember_me"])) { require_once ROOT_DIR . '/lib/core/user_old.class.php'; require_once ROOT_DIR . '/lib/core/UserRememberMeList.class.php'; require_once ROOT_DIR . '/lib/extern/phpass/PasswordHash.php'; //get user_id and password from remember_me cookie $remember_me_cookie = explode(",", $_COOKIE["remember_me"]); $user_id = $remember_me_cookie[0]; $password = $remember_me_cookie[1]; //check if the user exists $user_data = User_old::getUserById($user_id); if (!empty($user_data)) { //get the remember_mes of the user from the database $user_remember_me_list = new UserRememberMeList($user_id, "create_date", "desc"); $user_remember_me_list = $user_remember_me_list->getUserRememberMeList(); //check if any remember me matches the password stored in the cookie $phpass = new PasswordHash(8, false); foreach ($user_remember_me_list as $user_remember_me) { if ($phpass->CheckPassword($password, $user_remember_me->getPassword())) { //if a remember me matches, then login and set a new random password on the remember me //store the session-id to the database $stmt = DB::getInstance()->prepare("UPDATE users SET session_id = ? WHERE id = ?"); $stmt->execute(array(session_id(), $user_data['id'])); //store the $_SESSION['user_id'] = $user_data['id']; //generate long random password
/** * Sets a new password for a user that forgot his password and requested a new password by mail * @author Clemens John <*****@*****.**> * @param $new_password_hash the hash of the new password. This hash was sent to the user * by mail previously and the user sets this hash by clicking on * the link in the email * @param $old_password_hash the hash of the old password. This hash was sent to the user * by mail previously and is used to check if the user is permitted to * set this user a new password * @param $user_id id of the user that wants to set a new password * @return boolean true if the password was changed successfull */ public function setNewPassword($new_password_hash, $old_password_hash, $user_id) { $user_data = User_old::getUserByID($user_id); if ($old_password_hash == $user_data['password']) { $stmt = DB::getInstance()->prepare("UPDATE users SET password = ? WHERE id = ?"); $stmt->execute(array($new_password_hash, $user_id)); if ($stmt->rowCount()) { $message[] = array("Dem Benutzer {$user_data['nickname']} wurde ein neues Passwort gesetzt", 1); Message::setMessage($message); return true; } else { $message[] = array("Dem Benutzer {$user_data['nickname']} konnte keine neues Passwort gesetzt werden.", 2); Message::setMessage($message); return false; } } else { $message[] = array("Der übergebene Passwordhash des Benutzers {$user_data['nickname']} stimmt nicht mit dem gespeicherten Hash überein.", 2); $message[] = array("Es wurde kein neues Passwort gesetzt.", 2); Message::setMessage($message); return false; } }
public function exportUserListAsvCard30() { $userlist = User_old::getUserList(); foreach ($userlist as $user) { $vcardlist .= "BEGIN:VCARD\n"; $vcardlist .= "NICKNAME:{$user['nickname']}\n"; $vcardlist .= "EMAIL:{$user['email']}\n"; if (!empty($user['vorname']) and !empty($user['nachname'])) { $vcardlist .= "FN:{$user['vorname']} {$user['nachname']}\n"; $vcardlist .= "N:{$user['nachname']};{$user['vorname']};;;\n"; } $vcardlist .= "VERSION:3.0\n"; $vcardlist .= "END:VCARD\n\n"; } return $vcardlist; }
} } elseif (isset($_POST['openid_identifier']) or isset($_GET['openid_mode'])) { $status = ""; if (!empty($_POST['openid_identifier'])) { //login initiation $consumer = new Zend_OpenId_Consumer(); if (!$consumer->login($_POST['openid_identifier'], "login.php?section=login_send&remember=" . $_POST['remember'])) { $status = "OpenID Login fehlgeschlagen."; } } else { if (isset($_GET['openid_mode'])) { //login result from openid server if ($_GET['openid_mode'] == "id_res") { $consumer = new Zend_OpenId_Consumer(); if ($consumer->verify($_GET, $id)) { $user_data = User_old::getUserByOpenID($id); if (empty($user_data)) { $messages[] = array("Mit dieser Open-ID ist kein gültiger Benutzer verknüpft.", 2); Message::setMessage($messages); header('Location: login.php'); die; } } else { $messages[] = array("Diese Identität ist nicht gültig.", 2); Message::setMessage($messages); header('Location: login.php'); die; } } else { if ($_GET['openid_mode'] == "cancel") { $messages[] = array("Der Loginprozess wurde abgebrochen.", 2);
$smarty->assign('message', Message::getMessage()); if ($_GET['section'] == "edit") { //Only owner and Root can access this site. if (permission::checkIfUserIsOwnerOrPermitted(PERM_ROOT, (int) $_GET['user_id'])) { $smarty->assign('user', User_old::getUserByID($_GET['user_id'])); $smarty->assign('is_root', Permission::checkPermission(PERM_ROOT, $_SESSION['user_id'])); $smarty->assign('permissions', User_old::getRolesByUserID($_GET['user_id'])); $smarty->display("header.tpl.html"); $smarty->display("user_edit.tpl.html"); $smarty->display("footer.tpl.html"); } else { Permission::denyAccess(PERM_ROOT, (int) $_GET['user_id']); } } elseif ($_GET['section'] == "insert_edit") { if (permission::checkIfUserIsOwnerOrPermitted(PERM_ROOT, (int) $_GET['user_id'])) { if (User_old::userInsertEdit($_GET['user_id'], $_POST['changepassword'], $_POST['permission'], $_POST['oldpassword'], $_POST['newpassword'], $_POST['newpasswordchk'], $_POST['openid'], $_POST['vorname'], $_POST['nachname'], $_POST['strasse'], $_POST['plz'], $_POST['ort'], $_POST['telefon'], $_POST['email'], $_POST['jabber'], $_POST['icq'], $_POST['website'], $_POST['about'], $_POST['notification_method'])) { header('Location: user.php?user_id=' . $_GET['user_id']); } else { header('Location: user_edit.php?section=edit&user_id=' . $_GET['user_id']); } } else { Permission::denyAccess(PERM_ROOT, (int) $_GET['user_id']); } } elseif ($_GET['section'] == "delete") { if (permission::checkIfUserIsOwnerOrPermitted(PERM_ROOT, (int) $_GET['user_id'])) { if ($_POST['delete'] == "true") { //fetch user data $user = new User((int) $_GET['user_id']); $user->fetch(); //logout user if the logged in user is the user to be deleted if ($_GET['user_id'] == $_SESSION['user_id']) {