}
} elseif (isset($_POST['action']) && $_POST['action'] == 'lost-pass') {
$u_file = file($file['users']);
$u_lines = '';
$m_name = '';
$m_email = '';
$m_pass = '';
$continue = false;
foreach ($u_file as $single_line) {
$u_data = explode(DELIMITER, $single_line);
if ($_POST['user_login'] == $u_data[1] && $_POST['user_mail'] == $u_data[3]) {
if ($u_data[5] == '1') {
$continue = true;
$m_name = $u_data[1];
$m_email = $u_data[3];
$m_pass = PasswordGenerator(7) . rand(1, 99);
$u_lines .= $u_data[0] . DELIMITER . $u_data[1] . DELIMITER . sha1($m_pass) . DELIMITER . $u_data[3] . DELIMITER . $u_data[4] . DELIMITER . $u_data[5] . DELIMITER . $u_data[6] . DELIMITER . $u_data[7] . DELIMITER . $_SERVER['REMOTE_ADDR'] . DELIMITER . $u_data[9] . DELIMITER . $u_data[10] . DELIMITER . $u_data[11] . DELIMITER . $u_data[12] . DELIMITER . $u_data[13] . DELIMITER . $u_data[14] . DELIMITER . $u_data[15] . DELIMITER . $u_data[16] . DELIMITER . $u_data[17] . DELIMITER . $u_data[18] . DELIMITER . $u_data[19] . DELIMITER . $u_data[20] . DELIMITER . $u_data[21] . DELIMITER . $u_data[22] . DELIMITER . $u_data[23] . DELIMITER . $u_data[24] . DELIMITER . $u_data[25] . DELIMITER . $u_data[26] . DELIMITER . $u_data[27] . DELIMITER . trim($u_data[28]) . DELIMITER . $u_data[29] . DELIMITER . $u_data[30] . DELIMITER . $u_data[31] . DELIMITER . $u_data[32] . DELIMITER . trim($u_data[33]) . "\n";
} else {
$continue = false;
$status_error = $u_data[5];
}
} else {
$u_lines .= $single_line;
}
}
if ($continue) {
if (@mail($m_email, $lang['login_lost_pass_mail_subject'], str_replace('%link%', $conf['admin_url'] . '/', $lang['login_lost_pass_mail_text']) . ' ' . $m_pass, "From: robot@mnewscms.com") && mn_put_contents($file['users'], $u_lines)) {
header('location: ./mn-login.php?back=pass-sent');
exit;
} else {
login_screen($lang['login_msg_pass_not_sent'], $lang['login_msg_pass_not_sent'], 'error');
function add_popup()
{
$t = time();
$page = CurrentPageName();
$tpl = new templates();
$parcourir_domaines = button("{browse}...", "Loadjs('browse.domains.php?field=domainname-{$t}')", 12);
$administrator = $_SESSION["uid"];
$password = null;
$directory_src = null;
$DUP = 0;
$RESTORE = 0;
if ($administrator == -100) {
$ldap = new clladp();
$administrator = $ldap->ldap_admin;
$password = $ldap->ldap_password;
}
$bt_title = "{add}";
if ($password == null) {
$password = PasswordGenerator();
}
if (isset($_GET["duplicate"])) {
$title = "<div style='font-size:22px'>{duplicate}:{$_GET["duplicate"]}</div>\n\t\t<div style='font-size:18px' class=explain>{wordpress_duplicate_explain}</div>";
$bt_title = "{duplicate}";
$DUP = 1;
}
if (isset($_GET["restore"])) {
$title = "<div style='font-size:22px'>{restore_from_website}:{$_GET["duplicate"]}</div>\n\t\t<div style='font-size:18px' class=explain>{restore_from_website_explain}</div>";
$bt_title = "{restore}";
$RESTORE = 1;
$free = new freeweb($_GET["restore"]);
$directory_src = $free->WORKING_DIRECTORY;
$q = new mysql();
$sql = "SELECT servername FROM freeweb WHERE `groupware`='WORDPRESS'";
$results = $q->QUERY_SQL($sql, "artica_backup");
$ARRAY_REST[null] = "{select}";
while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
$ARRAY_REST[$ligne["servername"]] = $ligne["servername"];
}
unset($ARRAY_REST[$_GET["duplicate"]]);
$restore_tr = "\n\t\t<r>\n\t\t\t<td class=legend style='font-size:22px;vertical-align:middle'>{website_source}:</td>\n\t\t\t<td colspan=2>" . Field_array_Hash($ARRAY_REST, "restore-{$t}", null, "style:font-size:22px", null, null, null, false, null) . "</td>\n\t\t\t\n\t\t</tr>";
}
$html = "{$title}\n<div style='width:98%' class=form>\n<div class=explain>{wordpress_form_explain_add}</div>\n\t<table style='width:100%'>\n\t\t<tr>\n\t\t\t<td class=legend style='font-size:22px;vertical-align:middle'>{webservername}:</td>\n\t\t\t<td colspan=2>" . Field_text("servername-{$t}", null, "font-size:22px;padding:3px;font-weight:bold;width:300px") . "</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td class=legend style='font-size:22px;vertical-align:middle'>{domainname}:</td>\n\t\t\t<td>" . Field_text("domainname-{$t}", null, "font-size:22px;padding:3px;width:400px;", null, null, null, false, "SaveCheck{$t}(event)") . "</td>\n\t\t\t<td>{$parcourir_domaines}</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td class=legend style='font-size:22px;vertical-align:middle'>{website_directory}:</td>\n\t\t\t<td>" . Field_text("dirname-{$t}", $directory_src, "font-size:22px;padding:3px;width:400px;", null, null, null, false, "SaveCheck{$t}(event)") . "</td>\n\t\t\t<td>" . button_browse("dirname-{$t}") . "</td>\n\t\t</tr>\n\t\t{$restore_tr}\n\t\t<tr><td colspan=2><div style='margin:20px;font-size:26px'>{wordpress_administrator}</div></td></tr>\t\t\n\t\t<tr>\n\t\t\t<td class=legend style='font-size:22px;vertical-align:middle'>{administrator}:</td>\t\n\t\t\t<td colspan=2>" . Field_text("administrator-{$t}", $administrator, "font-size:22px;padding:3px;width:320px;", null, null, null, false, "SaveCheck{$t}(event)") . "</td>\n\t\t\t\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td class=legend style='font-size:22px;vertical-align:middle'>{password}:</td>\t\n\t\t\t<td colspan=2>" . Field_password("password-{$t}", $password, "font-size:22px;padding:3px;width:320px;font-weight:bold", null, null, null, false, "SaveCheck{$t}(event)") . "</td>\n\t\t\t\n\t\t</tr>\t\t\t\t\t\t\t\n\t\t<tr>\n\t\t\t<td colspan=3 align='right'><hr>" . button($bt_title, "Save{$t}()", "32") . "</td>\n\t\t</tr>\n\t</table>\n</div>\t\n<script>\n\tvar xSave{$t}= function (obj) {\n\t\tvar results=obj.responseText;\n\t\tif(results.length>3){alert(results);return;}\n\t\t\n\t\tvar hostname=document.getElementById('servername-{$t}').value+'.'+document.getElementById('domainname-{$t}').value;\n\t\t\n\t\tLoadjs('freeweb.rebuild.progress.php?servername='+hostname)\n\t\tYahooWinHide();\n\t\tif(document.getElementById('freewebs-table-id')){\n\t\t\tvar id=document.getElementById('freewebs-table-id').value;\n\t\t\t\$('#'+id).flexReload();\n\t\t\tUnlockPage();\n\t\t\treturn;\n\t\t}\n\t\t\n\t\t\n\t\t\$('#freewebs-table-{$_GET["t"]}').flexReload();\n\t\tUnlockPage();\n\t\t\n\t\t\n\t}\n\t\nfunction SaveCheck{$t}(e){\n\tif(!checkEnter(e)){return;}\n\tSave{$t}();\n\n}\nfunction Save{$t}(){\n\t\tLockPage();\n\t\tvar RESTORE={$RESTORE};\n\t\tvar XHR = new XHRConnection();\n\t\tif(RESTORE==0){\n\t\t\tXHR.appendData('duplicate-from','{$_GET["duplicate"]}');\n\t\t}else{\n\t\t\tXHR.appendData('duplicate-from',document.getElementById('restore-{$t}').value);\n\t\t}\n\t\tXHR.appendData('servername',document.getElementById('servername-{$t}').value);\n\t\tXHR.appendData('domainname',document.getElementById('domainname-{$t}').value);\n\t\tXHR.appendData('directory',encodeURIComponent(document.getElementById('dirname-{$t}').value));\n\t\tXHR.appendData('administrator',encodeURIComponent(document.getElementById('administrator-{$t}').value));\n\t\tXHR.appendData('password',encodeURIComponent(document.getElementById('password-{$t}').value));\n\t\tXHR.sendAndLoad('{$page}', 'POST',xSave{$t});\n\t\t}\n\t\t\nfunction CheckRestore{$t}(){\n\tvar rest={$RESTORE};\n\tif(rest==0){return;}\n\tdocument.getElementById('administrator-{$t}').disabled=true;\n\tdocument.getElementById('password-{$t}').disabled=true;\n\tdocument.getElementById('servername-{$t}').value='{$_GET["restore"]}';\n\tdocument.getElementById('servername-{$t}').disabled=true;\n\tdocument.getElementById('domainname-{$t}').disabled=true;\n\tdocument.getElementById('dirname-{$t}').disabled=true;\n}\n\t\t\nfunction CheckDup{$t}(){\n\tvar DUP={$DUP};\n\tif(DUP==0){return;}\n\tdocument.getElementById('administrator-{$t}').disabled=true;\n\tdocument.getElementById('password-{$t}').disabled=true;\n\n}\nCheckDup{$t}();\n CheckRestore{$t}();\n</script>";
echo $tpl->_ENGINE_parse_body($html);
}
function ResetPassword($Action)
{
$Email = stripslashes($_POST["D1"]);
$UserData = FetchUser($Action, $Email);
if (!empty($UserData['Email'])) {
$Password = PasswordGenerator();
$HashedPassword = HashIt($Password);
global $PDOconn;
$Query = 'CALL UpdatePassword (?, ?)';
$Statement = $PDOconn->prepare($Query);
$Statement->bindParam(1, $HashedPassword, PDO::PARAM_STR, 64);
$Statement->bindParam(2, $Email, PDO::PARAM_STR, 45);
Execute($Action, $Statement);
$ActivityMSG = "Your password was changed.";
AddActivity($Action, $Email, $ActivityMSG);
mail($Email, "Password was reset", "Your password was reset to " . $Password . ".");
echo json_encode("refresh");
$PDOconn = null;
} else {
echo json_encode("none");
}
}