<?php
$data = $_POST['form'];
global $RBAC;
require_once PATH_RBAC . "model/RbacUsers.php";
G::LoadClass('pmFunctions');
require_once 'classes/model/Users.php';
G::LoadClass("system");
$rbacUser = new RbacUsers();
$user = new Users();
$userData = $rbacUser->getByUsername($data['USR_USERNAME']);
if ($userData['USR_EMAIL'] != '' && $userData['USR_EMAIL'] === $data['USR_EMAIL']) {
$aSetup = getEmailConfiguration();
if (count($aSetup) == 0 || !isset($aSetup['MESS_ENGINE'])) {
G::SendTemporalMessage('ID_EMAIL_ENGINE_IS_NOT_ENABLED', "warning");
G::header('location: forgotPassword');
die;
}
$newPass = G::generate_password();
$aData['USR_UID'] = $userData['USR_UID'];
$aData['USR_PASSWORD'] = md5($newPass);
/* **Save after sending the mail
$rbacUser->update($aData);
$user->update($aData);
*/
$sFrom = ($aSetup['MESS_ACCOUNT'] != '' ? $aSetup['MESS_ACCOUNT'] . ' ' : '') . '<' . $aSetup['MESS_ACCOUNT'] . '>';
$sSubject = G::LoadTranslation('ID_RESET_PASSWORD') . ' - ProcessMaker';
$msg = '<h3>ProcessMaker Forgot password Service</h3>';
$msg .= '<p>' . G::LoadTranslation('ID_YOUR_USERMANE_IS') . ' : <strong>' . $userData['USR_USERNAME'] . '</strong></p>';
$msg .= '<p>' . G::LoadTranslation('ID_YOUR_PASSWORD_IS') . ' : <strong>' . $newPass . '</strong></p>';
switch ($aSetup['MESS_ENGINE']) {
public function forgotPassword($httpData)
{
$this->setResponseType('json');
global $RBAC;
require_once PATH_RBAC . "model/RbacUsers.php";
require_once 'classes/model/Users.php';
G::LoadClass("system");
$rbacUser = new RbacUsers();
$user = new Users();
try {
$userData = $rbacUser->getByUsername($httpData->username);
if (!$userData) {
$msg = G::LoadTranslation('ID_USER') . ' <b>' . $httpData->username . '</b> ' . G::LoadTranslation('ID_IS_NOT_REGISTERED');
throw new Exception($msg);
}
if (trim($userData['USR_EMAIL']) != trim($httpData->email)) {
$msg = G::LoadTranslation('ID_EMAIL_DOES_NOT_MATCH_FOR_USER') . ' <b>' . $httpData->username . '</b>';
throw new Exception($msg);
}
$newPass = G::generate_password();
$aData['USR_UID'] = $userData['USR_UID'];
$aData['USR_PASSWORD'] = md5($newPass);
$rbacUser->update($aData);
$user->update($aData);
$subject = G::loadTranslation('ID_PROCESSMAKER_FORGOT_PASSWORD_SERVICE');
$template = new TemplatePower(PATH_TPL . 'main/forgotPassword.tpl');
$template->prepare();
$template->assign('server', $_SERVER['SERVER_NAME']);
$template->assign('serviceMsg', G::loadTranslation('ID_PROCESSMAKER_FORGOT_PASSWORD_SERVICE'));
$template->assign('content', G::loadTranslation('ID_PASSWORD_CHANGED_SUCCESSFULLY'));
$template->assign('passwd', $newPass);
$template->assign('poweredBy', G::loadTranslation('ID_PROCESSMAKER_SLOGAN1'));
$template->assign('versionLabel', G::loadTranslation('ID_VERSION'));
$template->assign('version', System::getVersion());
$template->assign('visit', G::loadTranslation('ID_VISIT'));
$template->assign('footer', '');
$body = $template->getOutputContent();
G::sendMail('', 'ProcessMaker Service', $httpData->email, $subject, $body);
$result->success = true;
$result->message = G::LoadTranslation('ID_NEW_PASSWORD_SENT');
} catch (Exception $e) {
$result->success = false;
$result->message = $e->getMessage();
}
return $result;
}