/**
* Initialize login
*
* @param iMSCP_Events_Manager_Interface $eventManager Events Manager
* @return void
*/
function init_login($eventManager)
{
// Purge expired sessions
do_session_timeout();
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
if ($cfg['BRUTEFORCE']) {
$bruteforce = new iMSCP_Plugin_Bruteforce(iMSCP_Registry::get('pluginManager'));
$bruteforce->register($eventManager);
}
// Register default authentication handler with lower priority
$eventManager->registerListener(iMSCP_Events::onAuthentication, 'login_credentials', -99);
// Register listener that is responsible to check domain status and expire date
$eventManager->registerListener(iMSCP_Events::onBeforeSetIdentity, 'login_checkDomainAccount');
}
$tpl->define_dynamic(array('layout' => 'shared/layouts/simple.tpl', 'page' => 'lostpassword.tpl', 'page_message' => 'layout'));
$tpl->assign(array('TR_PAGE_TITLE' => tr('i-MSCP - Multi Server Control Panel / Lost Password'), 'CONTEXT_CLASS' => '', 'productLongName' => tr('internet Multi Server Control Panel'), 'productLink' => 'http://www.i-mscp.net', 'productCopyright' => tr('© 2010-2015 i-MSCP Team<br/>All Rights Reserved'), 'TR_CAPCODE' => tr('Security code'), 'GET_NEW_IMAGE' => tr('Get a new image'), 'TR_IMGCAPCODE' => '<img id="captcha" src="imagecode.php" width="' . $cfg['LOSTPASSWORD_CAPTCHA_WIDTH'] . '" height="' . $cfg['LOSTPASSWORD_CAPTCHA_HEIGHT'] . '" alt="captcha image" />', 'TR_USERNAME' => tr('Username'), 'TR_SEND' => tr('Send'), 'TR_CANCEL' => tr('Cancel')));
// A request for new password was validated ( User clicked on the link he has received by mail )
if (isset($_GET['key']) && $_GET['key'] != '') {
// Check key
clean_input($_GET['key']);
// Sending new password
if (sendPassword($_GET['key'])) {
set_page_message(tr('Your new password has been sent. Check your email.'), 'success');
redirectTo('index.php');
} else {
set_page_message(tr('New password has not been sent. Ask your administrator.'), 'error');
}
} elseif (!empty($_POST)) {
// Request for new password
$bruteForce = new iMSCP_Plugin_Bruteforce(iMSCP_Registry::get('pluginManager'), 'captcha');
if ($bruteForce->isWaiting() || $bruteForce->isBlocked()) {
set_page_message($bruteForce->getLastMessage(), 'error');
redirectTo('lostpassword.php');
} else {
$bruteForce->recordAttempt();
}
if (!empty($_POST['uname']) && isset($_SESSION['image']) && isset($_POST['capcode'])) {
clean_input($_POST['uname']);
clean_input($_POST['capcode']);
if ($_SESSION['image'] != $_POST['capcode']) {
set_page_message(tr('Wrong security code'), 'error');
} elseif (!requestPassword($_POST['uname'])) {
set_page_message(tr('Wrong username.'), 'error');
} else {
set_page_message(tr('Your request for new password has been registered. You will receive an email with instructions to complete the process.'), 'success');
