function token() { global $instDir, $objMessages, $entryMessage; // Get the userid include_once $instDir . "lib/password.php"; $password = new Password(); $token = $_GET['t']; $userid = $password->getUserId($token); if (sizeof($userid) > 0) { // Clear the request $password->removeToken($token); // Send a mail that the request was canceled. if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } $subject = LangCancelRequestNewPasswordSubject; $message = LangCancelRequestNewPassword1 . $ip; $message .= LangCancelRequestNewPassword2; $objMessages->sendEmail($subject, $message, $userid); // Go to the DeepskyLog page and show 'Your password change request was canceled' $entryMessage = LangCancelRequestNewPasswordSubject . "."; } }
function change_password() { global $instDir, $entryMessage, $baseURL; include_once $instDir . "lib/password.php"; $password = new Password(); $token = $_GET['t']; // Move this to control, only setting the password to this file. // Only show the change password form when the token is known if ($password->tokenExists($token)) { $userid = $password->getUserId($token); // Check if the token is not too old. If the token is too old, remove the token. if ($password->isValid($token)) { // Add form to change the password. echo "<div id=\"main\">\n <form action=\"" . $baseURL . "index.php?indexAction=changepasswordToken\" method=\"post\">\n " . LangNewPassword . "\n <input type=\"hidden\" name=\"userid\" value=\"" . $userid . "\" />\n <input type=\"hidden\" name=\"token\" value=\"" . $token . "\" />\n <input type=\"password\" name=\"newPassword\" class=\"strength\" required>" . LangChangeAccountField6 . "\n <input type=\"password\" name=\"confirmPassword\" class=\"strength\" required data-show-meter=\"false\">\n <br />\n <input class=\"btn btn-danger\" type=\"submit\" name=\"changePasswordToken\" value=\"" . LangChangePassword . "\" />"; echo "</div>"; } else { echo "<meta http-equiv=\"refresh\" content=\"0; url=/index.php\" />"; } } else { echo "<meta http-equiv=\"refresh\" content=\"0; url=/index.php\" />"; } }