예제 #1
0
function reset_password()
{
    $email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
    $user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
    $key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
    $target_id = WebUsers::getId($user);
    $webUser = new WebUsers($target_id);
    if (WebUsers::getIdFromEmail($email) == $target_id && hash('sha512', $webUser->getHashedPass()) == $key) {
        //you are allowed on the page!
        $GETString = "";
        foreach ($_GET as $key => $value) {
            $GETString = $GETString . $key . '=' . $value . "&";
        }
        if ($GETString != "") {
            $GETString = '?' . $GETString;
        }
        $pageElements['getstring'] = $GETString;
        return $pageElements;
    } else {
        global $WEBPATH;
        $_SESSION['error_code'] = "403";
        header("Cache-Control: max-age=1");
        header("Location: " . $WEBPATH . "?page=error");
        throw new SystemExit();
    }
}
예제 #2
0
function forgot_password()
{
    $email = filter_var($_POST["Email"], FILTER_SANITIZE_EMAIL);
    $target_id = WebUsers::getIdFromEmail($email);
    if ($target_id == "FALSE") {
        //the email address doesn't exist.
        $result['prevEmail'] = $email;
        $result['EMAIL_ERROR'] = 'TRUE';
        $result['no_visible_elements'] = 'TRUE';
        helpers::loadtemplate('forgot_password', $result);
        throw new SystemExit();
    }
    $webUser = new WebUsers($target_id);
    $target_username = $webUser->getUsername();
    $target_hashedPass = $webUser->getHashedPass();
    $hashed_key = hash('sha512', $target_hashedPass);
    if (isset($_COOKIE['Language'])) {
        $lang = $_COOKIE['Language'];
    } else {
        global $DEFAULT_LANGUAGE;
        $lang = $DEFAULT_LANGUAGE;
    }
    global $AMS_TRANS;
    $variables = parse_ini_file($AMS_TRANS . '/' . $lang . '.ini', true);
    $mailText = array();
    foreach ($variables['email'] as $key => $value) {
        $mailText[$key] = $value;
    }
    //create the reset url
    global $WEBPATH;
    $resetURL = $WEBPATH . "?page=reset_password&user="******"&email=" . $email . "&key=" . $hashed_key;
    //set email stuff
    $recipient = $email;
    $subject = $mailText['email_subject_forgot_password'];
    $body = $mailText['email_body_forgot_password_header'] . $resetURL . $mailText['email_body_forgot_password_footer'];
    Mail_Handler::send_mail($recipient, $subject, $body, NULL);
    $result['EMAIL_SUCCESS'] = 'TRUE';
    $result['prevEmail'] = $email;
    $result['no_visible_elements'] = 'TRUE';
    helpers::loadtemplate('forgot_password', $result);
    throw new SystemExit();
}
예제 #3
0
function reset_password()
{
    //filter all data
    $email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
    $user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
    $key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
    $password = filter_var($_POST['NewPass'], FILTER_SANITIZE_STRING);
    $confirmpass = filter_var($_POST['ConfirmNewPass'], FILTER_SANITIZE_STRING);
    $target_id = WebUsers::getId($user);
    $webUser = new WebUsers($target_id);
    if (WebUsers::getIdFromEmail($email) == $target_id && hash('sha512', $webUser->getHashedPass()) == $key) {
        $params = array('user' => $user, 'CurrentPass' => "dummy", 'NewPass' => $password, 'ConfirmNewPass' => $confirmpass, 'adminChangesOther' => true);
        $result = $webUser->check_change_password($params);
        if ($result == "success") {
            $result = array();
            $status = WebUsers::setPassword($user, $password);
            if ($status == 'ok') {
                $result['SUCCESS_PASS'] = "******";
            } else {
                if ($status == 'shardoffline') {
                    $result['SUCCESS_PASS'] = "******";
                }
            }
            $result['no_visible_elements'] = 'TRUE';
            helpers::loadtemplate('reset_success', $result);
            throw new SystemExit();
        }
        $GETString = "";
        foreach ($_GET as $key => $value) {
            $GETString = $GETString . $key . '=' . $value . "&";
        }
        if ($GETString != "") {
            $GETString = '?' . $GETString;
        }
        $result['getstring'] = $GETString;
        $result['prevNewPass'] = $password;
        $result['prevConfirmNewPass'] = $confirmpass;
        $result['no_visible_elements'] = 'TRUE';
        helpers::loadtemplate('reset_password', $result);
        throw new SystemExit();
    }
}