{
unset( $_SESSION['captcha'] );
}
*/
if (!count($errors)) {
// Generate a random password
$new_pass = $users->generateRandomString(8);
$md5_password = md5($new_pass);
$result = $users->createUser($groups_id, $active, $username, $md5_password, $display_name, $email, CAT_Users::get_home_folder());
if (!is_bool($result)) {
$errors[] = $val->lang()->translate('Unable to create user account. Please contact the administrator.');
} else {
// Setup email to send
$mail_to = $email;
$mail_subject = $val->lang()->translate('Your login details...');
$mail_message = $parser->get('account_signup_mail_body', array('LOGIN_DISPLAY_NAME' => $display_name, 'LOGIN_WEBSITE_TITLE' => WEBSITE_TITLE, 'LOGIN_NAME' => $username, 'LOGIN_PASSWORD' => $new_pass, 'SERVER_EMAIL' => SERVER_EMAIL));
// Try sending the email
if (!CAT_Helper_Mail::getInstance()->sendMail(SERVER_EMAIL, $mail_to, $mail_subject, $mail_message, CATMAILER_DEFAULT_SENDERNAME)) {
$database->query("DELETE FROM `:prefix:users` WHERE username=:name", array('name' => $username));
$errors[] = $val->lang()->translate('Unable to email password, please contact system administrator');
} else {
$message = $val->lang()->translate('Registration process completed!<br /><br />You should receive an eMail with your login data. If not, please contact {{SERVER_EMAIL}}.', array('SERVER_EMAIL' => SERVER_EMAIL));
$form = false;
}
}
}
if (count($errors)) {
$message = implode('<br />', $errors);
}
}
$parser->output('account_signup_form', array('form' => $form, 'captcha' => CAT_Helper_Captcha::get(), 'message' => $message, 'ENABLED_ASP' => ENABLED_ASP, 'username' => $val->sanitizePost('username'), 'display_name' => $val->sanitizePost('display_name'), 'email' => $val->sanitizePost('email')));
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
ob_start();
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: text/html; charset:utf-8;");
$backend = CAT_Backend::getInstance('Settings', 'settings_basic');
$curr_user_is_admin = in_array(1, CAT_Users::getInstance()->get_groups_id());
if (!$curr_user_is_admin) {
echo "<div style='border: 2px solid #CC0000; padding: 5px; text-align: center; background-color: #ffbaba;'>You're not allowed to use this function!</div>";
exit;
}
$settings = array();
$sql = 'SELECT `name`, `value` FROM `' . CAT_TABLE_PREFIX . 'settings`';
if ($res_settings = $backend->db()->query($sql)) {
while ($row = $res_settings->fetchRow(MYSQL_ASSOC)) {
$settings[strtoupper($row['name'])] = $row['name'] != 'catmailer_smtp_password' ? htmlspecialchars($row['value']) : $row['value'];
}
}
ob_clean();
// this is not the optimal solution, but as we have 2 libs only, it's good enough
$lib_to_driver = array('lib_phpmailer' => 'PHPMailer', 'lib_swift' => 'Swift');
// send mail
$mailer = CAT_Helper_Mail::getInstance($lib_to_driver[$settings['CATMAILER_LIB']]);
if ($mailer->sendMail($settings['SERVER_EMAIL'], $settings['SERVER_EMAIL'], $settings['CATMAILER_DEFAULT_SENDERNAME'], $backend->lang()->translate('This is the required test mail: CAT mailer is working'))) {
echo "<div style='border: 2px solid #006600; padding: 5px; text-align: center; background-color: #dff2bf;'>", $backend->lang()->translate('The test eMail was sent successfully. Please check your inbox.'), "</div>";
} else {
echo "<div style='border: 2px solid #CC0000; padding: 5px; text-align: center; background-color: #ffbaba;'>", $backend->lang()->translate('The test eMail could not be sent! Please check your settings!'), "<br />", CAT_Helper_Mail::getError(), "<br /></div>";
}
/**
* handles forgot user details:
* + generate new password
* + send user a mail with his login details
*
* @access public
* @param string $email - email address
* @return
**/
public static function handleForgot($email)
{
global $parser;
$email = strip_tags($email);
$self = self::getInstance();
$val = CAT_Helper_Validate::getInstance();
$message = '';
$result = false;
// Check if the email exists in the database
$results = $self->db()->query("SELECT `user_id`,`username`,`display_name`,`email`,`last_reset`,`password` FROM " . "`:prefix:users` WHERE email=:mail", array('mail' => $email));
if ($results->rowCount() > 0) {
// Get the id, username, email, and last_reset from the above db query
$results_array = $results->fetch();
// Check if the password has been reset in the last hour
$last_reset = $results_array['last_reset'];
$time_diff = time() - $last_reset;
// Time since last reset in seconds
$time_diff = $time_diff / 60 / 60;
// Time since last reset in hours
if ($time_diff < 1) {
// Tell the user that their password cannot be reset more than once per hour
$message = $self->lang()->translate('Password cannot be reset more than once per hour');
} else {
$old_pass = $results_array['password'];
/**
* Generate a random password then update the database with it
*/
$new_pass = self::generateRandomString(AUTH_MIN_PASS_LENGTH);
$self->db()->query("UPDATE `:prefix:users` SET password=:pw, last_reset=:reset WHERE user_id=:id", array('pw' => md5($new_pass), 'reset' => time(), 'id' => $results_array['user_id']));
if ($self->db()->isError()) {
// Error updating database
$message = $self->db()->getError();
} else {
// Setup email to send
$mail_to = $email;
$mail_subject = $self->lang()->translate('Your login details...');
$parser->setPath(CAT_PATH . '/templates/' . DEFAULT_TEMPLATE . '/templates/' . CAT_Registry::get('DEFAULT_THEME_VARIANT'));
$parser->setFallbackPath(CAT_PATH . '/account/templates/default/');
$mail_message = $parser->get('account_forgotpw_mail_body', array('LOGIN_DISPLAY_NAME' => $results_array['display_name'], 'LOGIN_WEBSITE_TITLE' => WEBSITE_TITLE, 'SERVER_EMAIL' => SERVER_EMAIL, 'CATMAILER_DEFAULT_SENDERNAME' => CATMAILER_DEFAULT_SENDERNAME, 'LOGIN_NAME' => $results_array['username'], 'LOGIN_PASSWORD' => $new_pass));
$mail_message_html = $parser->get('account_forgotpw_mail_body_html', array('LOGIN_DISPLAY_NAME' => $results_array['display_name'], 'LOGIN_WEBSITE_TITLE' => WEBSITE_TITLE, 'SERVER_EMAIL' => SERVER_EMAIL, 'CATMAILER_DEFAULT_SENDERNAME' => CATMAILER_DEFAULT_SENDERNAME, 'LOGIN_NAME' => $results_array['username'], 'LOGIN_PASSWORD' => $new_pass));
// Try sending the email
$mailer = CAT_Helper_Mail::getInstance();
if (is_object($mailer) && $mailer->sendMail(SERVER_EMAIL, $mail_to, $mail_subject, $mail_message, CATMAILER_DEFAULT_SENDERNAME, $mail_message_html)) {
$message = $self->lang()->translate('Your username and password have been sent to your email address');
$display_form = false;
$result = true;
} else {
// reset PW if sending mail failed
$self->db()->query("UPDATE `:prefix:users` SET password=:pw, lastreset='' WHERE user_id=:id", array('pw' => $old_pass, 'id' => $results_array['user_id']));
$message = $self->lang()->translate('Unable to email password, please contact system administrator');
if (is_object($mailer)) {
$message .= '<br />' . $mailer->getError();
}
}
}
}
} else {
// given eMail address not found
$message = $val->lang()->translate('The email that you entered cannot be found in the database');
}
return array($result, $message);
}
public function mail($fromaddress, $toaddress, $subject, $message, $fromname = '')
{
// check if mailer lib is installed
if (count(CAT_Helper_Addons::getLibraries('mail'))) {
return CAT_Helper_Mail::getInstance()->sendMail($fromaddress, $toaddress, $subject, $message, $fromname);
} else {
return false;
}
}
