break; /* * CASE * Generate a password */ /* * CASE * Generate a password */ case "pw_generate": $key = ""; //call class include '../includes/libraries/pwgen/pwgen.class.php'; $pwgen = new PWGen(); // Set pw size $pwgen->setLength($_POST['size']); // Include at least one number in the password $pwgen->setNumerals($_POST['num'] == "true" ? true : false); // Include at least one capital letter in the password $pwgen->setCapitalize($_POST['maj'] == "true" ? true : false); // Include at least one symbol in the password $pwgen->setSymbols($_POST['symb'] == "true" ? true : false); // Complete random, hard to memorize password if (isset($_POST['secure']) && $_POST['secure'] == "true") { $pwgen->setSecure(true); $pwgen->setSymbols(true); $pwgen->setCapitalize(true); $pwgen->setNumerals(true); } else { $pwgen->setSecure(false); }
} else { //no one has this email ... alert echo '[{"error":"error_email" , "message":"' . $txt['forgot_my_pw_error_email_not_exist'] . '"}]'; } break; //Send to user his new pw if key is conform //Send to user his new pw if key is conform case "generate_new_password": //check if key is okay $data = $db->fetch_row("SELECT valeur FROM " . $pre . "misc WHERE intitule = '" . $_POST['login'] . "' AND type = 'password_recovery'"); if ($_POST['key'] == $data[0]) { //Generate and change pw $new_pw = ""; include '../includes/libraries/pwgen/pwgen.class.php'; $pwgen = new PWGen(); $pwgen->setLength(10); $pwgen->setSecure(true); $pwgen->setSymbols(false); $pwgen->setCapitalize(true); $pwgen->setNumerals(true); $new_pw_not_crypted = $pwgen->generate(); $new_pw = encrypt(string_utf8_decode($new_pw_not_crypted)); //update DB $db->query_update("users", array('pw' => $new_pw), "login = '******'login'] . "'"); //Delete recovery in DB $db->query_delete("misc", array('type' => 'password_recovery', 'intitule' => $_POST['login'], 'valeur' => $key)); //Get email $data_user = $db->query_first("SELECT email FROM " . $pre . "users WHERE login = '******'login'] . "'"); $_SESSION['validite_pw'] = false; //load library require_once "../includes/libraries/phpmailer/class.phpmailer.php";
if (!empty($return)) { //save file $filename = 'db-backup-' . time() . '.sql'; $path = '../files/'; $handle = fopen($path . $filename, 'w+'); //Encrypt the file if (!empty($_POST['option'])) { $return = encrypt($return, $_POST['option']); } //write file fwrite($handle, $return); fclose($handle); //generate 2d key include '../includes/libraries/pwgen/pwgen.class.php'; $pwgen = new PWGen(); $pwgen->setLength(20); $pwgen->setSecure(true); $pwgen->setSymbols(false); $pwgen->setCapitalize(true); $pwgen->setNumerals(true); $_SESSION['key_tmp'] = $pwgen->generate(); echo '[{"result":"db_backup" , "href":"sources/downloadFile.php?name=' . urlencode($filename) . '&path=' . $path . $filename . '&type=sql&key=' . $_SESSION['key'] . '&key_tmp=' . $_SESSION['key_tmp'] . '"}]'; } break; ########################################################### #CASE for restoring a DB backup ########################################################### #CASE for restoring a DB backup case "admin_action_db_restore": require_once 'main.functions.php'; $data_post = explode('&', $_POST['option']);