echo __LINE__; $result = resetPassword($db, $userID); $gui->note = $result['msg']; if ($result['status'] >= tl::OK) { $user = new tlUser($userID); if ($user->readFromDB($db) >= tl::OK) { logAuditEvent(TLS("audit_pwd_reset_requested", $user->login), "PWD_RESET", $userID, "users"); } redirect(TL_BASE_HREF . "login.php?note=lost"); exit; } else { if ($result['status'] == tlUser::E_EMAILLENGTH) { $gui->note = lang_get('mail_empty_address'); } else { if ($note != "") { $gui->note = getUserErrorMessage($result['status']); } } } } $smarty = new TLSmarty(); $smarty->assign('gui', $gui); $smarty->display($templateCfg->default_template); /** * */ function init_args() { $iParams = array("login" => array(tlInputParameter::STRING_N, 0, 30)); $args = new stdClass(); P_PARAMS($iParams, $args);
$result = $user->setPassword($args->password); if ($result >= tl::OK) { $user->login = $args->login; $user->emailAddress = $args->email; $user->firstName = $args->firstName; $user->lastName = $args->lastName; $result = $user->writeToDB($db); $cfg = config_get('notifications'); if ($cfg->userSignUp->enabled) { notifyGlobalAdmins($db, $user); } logAuditEvent(TLS("audit_users_self_signup", $args->login), "CREATE", $user->dbID, "users"); redirect(TL_BASE_HREF . "login.php?note=first"); exit; } else { $message = getUserErrorMessage($result); } } else { $message = $rx['msg']; } } } $smarty = new TLSmarty(); $gui = $args; // we get info about THE DEFAULT AUTHENTICATION METHOD $gui->external_password_mgmt = tlUser::isPasswordMgtExternal(); $gui->message = $message; $smarty->assign('gui', $gui); $smarty->display($templateCfg->default_template); /** * get input from user and return it in some sort of namespace
$gui->note = lang_get('bad_user'); } else { $result = resetPassword($db, $userID, $gui->note); if ($result >= tl::OK) { $user = new tlUser($userID); if ($user->readFromDB($db) >= tl::OK) { logAuditEvent(TLS("audit_pwd_reset_requested", $user->login), "PWD_RESET", $userID, "users"); } redirect(TL_BASE_HREF . "login.php?note=lost"); exit; } else { if ($result == tlUser::E_EMAILLENGTH) { $gui->note = lang_get('mail_empty_address'); } else { if ($note != "") { $gui->note = getUserErrorMessage($result); } } } } } $smarty = new TLSmarty(); $smarty->assign('gui', $gui); $smarty->display($templateCfg->default_template); function init_args() { $iParams = array("login" => array(tlInputParameter::STRING_N, 0, 30)); $args = new stdClass(); P_PARAMS($iParams, $args); return $args; }
$op = generateAPIKey($args, $user); break; } if ($doUpdate) { $op->status = $user->writeToDB($db); if ($op->status >= tl::OK) { logAuditEvent(TLS($op->auditMsg, $user->login), "SAVE", $user->dbID, "users"); $_SESSION['currentUser'] = $user; setUserSession($db, $user->login, $args->userID, $user->globalRoleID, $user->emailAddress, $user->locale); } } $gui->loginHistory = new stdClass(); $gui->loginHistory->failed = $g_tlLogger->getAuditEventsFor($args->userID, "users", "LOGIN_FAILED", 10); $gui->loginHistory->ok = $g_tlLogger->getAuditEventsFor($args->userID, "users", "LOGIN", 10); if ($op->status != tl::OK) { $op->user_feedback = getUserErrorMessage($op->status); } $user->readFromDB($db); // set a string if not generated key yet if (null == $user->userApiKey) { $user->userApiKey = TLS('none'); } $gui->user_feedback = $op->user_feedback; $smarty = new TLSmarty(); $smarty->assign('gui', $gui); $smarty->assign('user', $user); $smarty->display($templateCfg->template_dir . $templateCfg->default_template); function init_args() { $_REQUEST = strings_stripSlashes($_REQUEST); $iParams = array("firstName" => array("POST", tlInputParameter::STRING_N, 0, 30), "lastName" => array("REQUEST", tlInputParameter::STRING_N, 0, 30), "emailAddress" => array("REQUEST", tlInputParameter::STRING_N, 0, 100), "locale" => array("POST", tlInputParameter::STRING_N, 0, 10), "oldpassword" => array("POST", tlInputParameter::STRING_N, 0, 32), "newpassword" => array("POST", tlInputParameter::STRING_N, 0, 32), "doAction" => array("POST", tlInputParameter::STRING_N, 0, 15, null, 'checkDoAction'));
/** * */ function doUpdate(&$dbHandler, &$argsObj, $sessionUserID) { $op = new stdClass(); $op->user_feedback = ''; $op->user = new tlUser($argsObj->user_id); $op->status = $op->user->readFromDB($dbHandler); if ($op->status >= tl::OK) { initializeUserProperties($op->user, $argsObj); $op->status = $op->user->writeToDB($dbHandler); if ($op->status >= tl::OK) { logAuditEvent(TLS("audit_user_saved", $op->user->login), "SAVE", $op->user->dbID, "users"); if ($sessionUserID == $argsObj->user_id) { $_SESSION['currentUser'] = $op->user; setUserSession($dbHandler, $op->user->login, $argsObj->user_id, $op->user->globalRoleID, $op->user->emailAddress, $op->user->locale); if (!$argsObj->user_is_active) { header("Location: ../../logout.php"); exit; } } } $op->user_feedback = getUserErrorMessage($op->status); } return $op; }
/** * reset user password in DB * * @param resource &$db reference to database handler * @param integer $userID * @param string $newPasswordSendMethod, default 'send_password_by_mail' * * @return hash * status: integer result status code * password: new password * msg: error message (if any) */ function resetPassword(&$db, $userID, $passwordSendMethod = 'send_password_by_mail') { $retval = array('status' => tl::OK, 'password' => '', 'msg' => ''); $user = new tlUser($userID); $retval['status'] = $user->readFromDB($db); // Reset can be done ONLY if user authentication method allows it. $doIt = false; if ($retval['status'] >= tl::OK) { $cfg = config_get('authentication'); $cfg = $cfg['domain']; $doIt = isset($cfg[$user->authentication]) && $cfg[$user->authentication]['allowPasswordManagement']; } if ($doIt) { $retval['status'] = tlUser::E_EMAILLENGTH; if (trim($user->emailAddress) != "") { $newPassword = tlUser::generatePassword(8, 4); $retval['status'] = $user->setPassword($newPassword, $cfg[$user->authentication]); if ($retval['status'] >= tl::OK) { $retval['password'] = $newPassword; $mail_op = new stdClass(); $mail_op->status_ok = false; if ($passwordSendMethod == 'send_password_by_mail') { $msgBody = lang_get('your_password_is') . "\n\n" . $newPassword . "\n\n" . lang_get('contact_admin'); $mail_op = @email_send(config_get('from_email'), $user->emailAddress, lang_get('mail_passwd_subject'), $msgBody); } if ($mail_op->status_ok || $passwordSendMethod == 'display_on_screen') { $retval['status'] = $user->writePasswordToDB($db); } else { $retval['status'] = tl::ERROR; $retval['msg'] = $mail_op->msg; } } } } $retval['msg'] = $retval['msg'] != "" ? $retval['msg'] : getUserErrorMessage($retval['status']); return $retval; }
/** * reset user password in DB * * @param resource &$db reference to database handler * @param integer $userID * @param string &$errorMsg reference to error message * * @return integer result status code */ function resetPassword(&$db, $userID, &$errorMsg) { $errorMsg = ''; $user = new tlUser($userID); $result = $user->readFromDB($db); if ($result >= tl::OK) { $result = tlUser::E_EMAILLENGTH; if ($user->emailAddress != "") { $newPassword = tlUser::generatePassword(8, 4); $result = $user->setPassword($newPassword); if ($result >= tl::OK) { // BUGID 3396 $msgBody = lang_get('your_password_is') . "\n\n" . $newPassword . "\n\n" . lang_get('contact_admin'); $mail_op = @email_send(config_get('from_email'), $user->emailAddress, lang_get('mail_passwd_subject'), $msgBody); if ($mail_op->status_ok) { $result = $user->writePasswordToDB($db); // BUGID 3396 } else { $result = tl::ERROR; $errorMsg = $mail_op->msg; } } } } $errorMsg = $errorMsg != "" ? $errorMsg : getUserErrorMessage($result); return $result; }