/**
* send password change notification email
*/
function _notifyUser($user, $password)
{
if ($sent = auth_sendPassword($user, $password)) {
msg($this->lang['notify_ok'], 1);
} else {
msg($this->lang['notify_fail'], -1);
}
return $sent;
}
/**
* Send a new password
*
* This function handles both phases of the password reset:
*
* - handling the first request of password reset
* - validating the password reset auth token
*
* @author Benoit Chesneau <*****@*****.**>
* @author Chris Smith <*****@*****.**>
* @author Andreas Gohr <*****@*****.**>
*
* @return bool true on success, false on any error
*/
function act_resendpwd()
{
global $lang;
global $conf;
/* @var auth_basic $auth */
global $auth;
/* @var Input $INPUT */
global $INPUT;
if (!actionOK('resendpwd')) {
msg($lang['resendna'], -1);
return false;
}
$token = preg_replace('/[^a-f0-9]+/', '', $INPUT->str('pwauth'));
if ($token) {
// we're in token phase - get user info from token
$tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
if (!@file_exists($tfile)) {
msg($lang['resendpwdbadauth'], -1);
$INPUT->remove('pwauth');
return false;
}
// token is only valid for 3 days
if (time() - filemtime($tfile) > 3 * 60 * 60 * 24) {
msg($lang['resendpwdbadauth'], -1);
$INPUT->remove('pwauth');
@unlink($tfile);
return false;
}
$user = io_readfile($tfile);
$userinfo = $auth->getUserData($user);
if (!$userinfo['mail']) {
msg($lang['resendpwdnouser'], -1);
return false;
}
if (!$conf['autopasswd']) {
// we let the user choose a password
$pass = $INPUT->str('pass');
// password given correctly?
if (!$pass) {
return false;
}
if ($pass != $INPUT->str('passchk')) {
msg($lang['regbadpass'], -1);
return false;
}
// change it
if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
msg('error modifying user data', -1);
return false;
}
} else {
// autogenerate the password and send by mail
$pass = auth_pwgen();
if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
msg('error modifying user data', -1);
return false;
}
if (auth_sendPassword($user, $pass)) {
msg($lang['resendpwdsuccess'], 1);
} else {
msg($lang['regmailfail'], -1);
}
}
@unlink($tfile);
return true;
} else {
// we're in request phase
if (!$INPUT->post->bool('save')) {
return false;
}
if (!$INPUT->post->str('login')) {
msg($lang['resendpwdmissing'], -1);
return false;
} else {
$user = trim($auth->cleanUser($INPUT->post->str('login')));
}
$userinfo = $auth->getUserData($user);
if (!$userinfo['mail']) {
msg($lang['resendpwdnouser'], -1);
return false;
}
// generate auth token
$token = md5(auth_cookiesalt() . $user);
//secret but user based
$tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
$url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&');
io_saveFile($tfile, $user);
$text = rawLocale('pwconfirm');
$trep = array('FULLNAME' => $userinfo['name'], 'LOGIN' => $user, 'CONFIRM' => $url);
$mail = new Mailer();
$mail->to($userinfo['name'] . ' <' . $userinfo['mail'] . '>');
$mail->subject($lang['regpwmail']);
$mail->setBody($text, $trep);
if ($mail->send()) {
msg($lang['resendpwdconfirm'], 1);
} else {
msg($lang['regmailfail'], -1);
}
return true;
}
// never reached
}
/**
* Send a new password
*
* This function handles both phases of the password reset:
*
* - handling the first request of password reset
* - validating the password reset auth token
*
* @author Benoit Chesneau <*****@*****.**>
* @author Chris Smith <*****@*****.**>
* @author Andreas Gohr <*****@*****.**>
*
* @return bool true on success, false on any error
*/
function act_resendpwd()
{
global $lang;
global $conf;
global $auth;
if (!actionOK('resendpwd')) {
return false;
}
if (!$auth) {
return false;
}
// should not be able to get here without modPass being possible...
if (!$auth->canDo('modPass')) {
msg($lang['resendna'], -1);
return false;
}
$token = preg_replace('/[^a-f0-9]+/', '', $_REQUEST['pwauth']);
if ($token) {
// we're in token phase
$tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
if (!@file_exists($tfile)) {
msg($lang['resendpwdbadauth'], -1);
return false;
}
$user = io_readfile($tfile);
@unlink($tfile);
$userinfo = $auth->getUserData($user);
if (!$userinfo['mail']) {
msg($lang['resendpwdnouser'], -1);
return false;
}
$pass = auth_pwgen();
if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
msg('error modifying user data', -1);
return false;
}
if (auth_sendPassword($user, $pass)) {
msg($lang['resendpwdsuccess'], 1);
} else {
msg($lang['regmailfail'], -1);
}
return true;
} else {
// we're in request phase
if (!$_POST['save']) {
return false;
}
if (empty($_POST['login'])) {
msg($lang['resendpwdmissing'], -1);
return false;
} else {
$user = trim($auth->cleanUser($_POST['login']));
}
$userinfo = $auth->getUserData($user);
if (!$userinfo['mail']) {
msg($lang['resendpwdnouser'], -1);
return false;
}
// generate auth token
$token = md5(auth_cookiesalt() . $user);
//secret but user based
$tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
$url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&');
io_saveFile($tfile, $user);
$text = rawLocale('pwconfirm');
$text = str_replace('@DOKUWIKIURL@', DOKU_URL, $text);
$text = str_replace('@FULLNAME@', $userinfo['name'], $text);
$text = str_replace('@LOGIN@', $user, $text);
$text = str_replace('@TITLE@', $conf['title'], $text);
$text = str_replace('@CONFIRM@', $url, $text);
if (mail_send($userinfo['name'] . ' <' . $userinfo['mail'] . '>', $lang['regpwmail'], $text, $conf['mailfrom'])) {
msg($lang['resendpwdconfirm'], 1);
} else {
msg($lang['regmailfail'], -1);
}
return true;
}
return false;
// never reached
}
/**
* Send password change notification email
*
* @param string $user id of user
* @param string $password plain text
* @param bool $status_alert whether status alert should be shown
* @return bool whether succesful
*/
protected function _notifyUser($user, $password, $status_alert = true)
{
if ($sent = auth_sendPassword($user, $password)) {
if ($status_alert) {
msg($this->lang['notify_ok'], 1);
}
} else {
if ($status_alert) {
msg($this->lang['notify_fail'], -1);
}
}
return $sent;
}
/**
* Send a new password
*
* This function handles both phases of the password reset:
*
* - handling the first request of password reset
* - validating the password reset auth token
*
* @author Benoit Chesneau <*****@*****.**>
* @author Chris Smith <*****@*****.**>
* @author Andreas Gohr <*****@*****.**>
*
* @return bool true on success, false on any error
*/
function act_resendpwd()
{
global $lang;
global $conf;
global $auth;
if (!actionOK('resendpwd')) {
msg($lang['resendna'], -1);
return false;
}
$token = preg_replace('/[^a-f0-9]+/', '', $_REQUEST['pwauth']);
if ($token) {
// we're in token phase - get user info from token
$tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
if (!@file_exists($tfile)) {
msg($lang['resendpwdbadauth'], -1);
unset($_REQUEST['pwauth']);
return false;
}
// token is only valid for 3 days
if (time() - filemtime($tfile) > 3 * 60 * 60 * 24) {
msg($lang['resendpwdbadauth'], -1);
unset($_REQUEST['pwauth']);
@unlink($tfile);
return false;
}
$user = io_readfile($tfile);
$userinfo = $auth->getUserData($user);
if (!$userinfo['mail']) {
msg($lang['resendpwdnouser'], -1);
return false;
}
if (!$conf['autopasswd']) {
// we let the user choose a password
// password given correctly?
if (!isset($_REQUEST['pass']) || $_REQUEST['pass'] == '') {
return false;
}
if ($_REQUEST['pass'] != $_REQUEST['passchk']) {
msg($lang['regbadpass'], -1);
return false;
}
$pass = $_REQUEST['pass'];
if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
msg('error modifying user data', -1);
return false;
}
} else {
// autogenerate the password and send by mail
$pass = auth_pwgen();
if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
msg('error modifying user data', -1);
return false;
}
if (auth_sendPassword($user, $pass)) {
msg($lang['resendpwdsuccess'], 1);
} else {
msg($lang['regmailfail'], -1);
}
}
@unlink($tfile);
return true;
} else {
// we're in request phase
if (!$_POST['save']) {
return false;
}
if (empty($_POST['login'])) {
msg($lang['resendpwdmissing'], -1);
return false;
} else {
$user = trim($auth->cleanUser($_POST['login']));
}
$userinfo = $auth->getUserData($user);
if (!$userinfo['mail']) {
msg($lang['resendpwdnouser'], -1);
return false;
}
// generate auth token
$token = md5(auth_cookiesalt() . $user);
//secret but user based
$tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
$url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&');
io_saveFile($tfile, $user);
$text = rawLocale('pwconfirm');
$text = str_replace('@DOKUWIKIURL@', DOKU_URL, $text);
$text = str_replace('@FULLNAME@', $userinfo['name'], $text);
$text = str_replace('@LOGIN@', $user, $text);
$text = str_replace('@TITLE@', $conf['title'], $text);
$text = str_replace('@CONFIRM@', $url, $text);
if (empty($conf['mailprefix'])) {
$subject = $lang['regpwmail'];
} else {
$subject = '[' . $conf['mailprefix'] . '] ' . $lang['regpwmail'];
}
if (mail_send($userinfo['name'] . ' <' . $userinfo['mail'] . '>', $subject, $text, $conf['mailfrom'])) {
msg($lang['resendpwdconfirm'], 1);
} else {
msg($lang['regmailfail'], -1);
}
return true;
}
return false;
// never reached
}