/** * Implements failing tables; if an account type fails multiple times, * then send the user an email and disable the account. * @see OpenclerkJobQueuer#getStandardJobs() */ function failed(\Exception $runtime_exception, Connection $db, Logger $logger) { // is this a standard job? $standard = $this->findStandardJob(); if ($standard) { $logger->info("Using standard job " . print_r($standard, true)); if (!$standard['failure']) { $logger->info("Not a failure standard job"); return; } } else { return; } $failing_table = $standard['table']; $job = $this->job; // find the relevant account_data for this standard job $account_data = false; foreach (account_data_grouped() as $label => $group) { foreach ($group as $exchange => $data) { if (isset($data['job_type']) && $job['job_type'] == $data['job_type']) { $account_data = $data; $account_data['exchange'] = $exchange; break; } } } if (!$account_data) { $logger->warn("Could not find any account data for job type '" . $job['job_type'] . "'"); } $logger->info("Using account data " . print_r($account_data, true)); // don't count CloudFlare as a failure if ($runtime_exception instanceof CloudFlareException || $runtime_exception instanceof \Openclerk\Apis\CloudFlareException) { $logger->info("Not increasing failure count: was a CloudFlareException"); } else { if ($runtime_exception instanceof IncapsulaException || $runtime_exception instanceof \Openclerk\Apis\IncapsulaException) { $logger->info("Not increasing failure count: was a IncapsulaException"); } else { if ($runtime_exception instanceof BlockchainException || $runtime_exception instanceof \Core\BlockchainException) { $logger->info("Not increasing failure count: was a BlockchainException"); } else { $q = $db->prepare("UPDATE {$failing_table} SET failures=failures+1,first_failure=IF(ISNULL(first_failure), NOW(), first_failure) WHERE id=?"); $q->execute(array($job['arg_id'])); $logger->info("Increasing account failure count"); } } } $user = get_user($job['user_id']); if (!$user) { $logger->info("Warning: No user " . $job['user_id'] . " found"); } else { // failed too many times? $q = $db->prepare("SELECT * FROM {$failing_table} WHERE id=? LIMIT 1"); $q->execute(array($job['arg_id'])); $account = $q->fetch(); $logger->info("Current account failure count: " . number_format($account['failures'])); if ($account['failures'] >= get_premium_value($user, 'max_failures')) { // disable it and send an email $q = $db->prepare("UPDATE {$failing_table} SET is_disabled=1 WHERE id=?"); $q->execute(array($job['arg_id'])); crypto_log(print_r($account_data, true)); if ($user['email'] && !$account['is_disabled']) { $email_type = $job['job_type'] == "notification" ? "failure_notification" : "failure"; send_user_email($user, $email_type, array("name" => $user['name'] ? $user['name'] : $user['email'], "exchange" => get_exchange_name($account_data['exchange']), "label" => $account_data['label'], "labels" => $account_data['labels'], "failures" => number_format($account['failures']), "message" => $runtime_exception->getMessage(), "length" => recent_format(strtotime($account['first_failure']), "", ""), "title" => isset($account['title']) && $account['title'] ? "\"" . $account['title'] . "\"" : "untitled", "url" => absolute_url(url_for("wizard_accounts")))); $logger->info("Sent failure e-mail to " . htmlspecialchars($user['email']) . "."); } } } }
<?php /** * An existing free user has not logged in within X days and we * now need to disable their account. */ // get the relevant user info $user = get_user($job['arg_id']); if (!$user) { throw new JobException("Cannot find user ID " . $job['arg_id']); } // check that they're not a premium user etc - this should never happen if ($user['is_premium']) { throw new JobException("Premium user was requested to be disabled - this should not happen"); } // update user (before sending email) $q = db()->prepare("UPDATE user_properties SET is_disabled=1,disabled_at=NOW() WHERE id=? LIMIT 1"); $q->execute(array($user['id'])); // construct email if ($user['email']) { $disables_at = strtotime(($user['last_login'] ? $user['last_login'] : $user['created_at']) . " +" . get_site_config('user_expiry_days') . " day"); send_user_email($user, "disable", array("name" => $user['name'] ? $user['name'] : $user['email'], "days" => number_format(get_site_config('user_expiry_days')), "disables" => iso_date($disables_at), "disables_text" => recent_format($disables_at, false, ""), "url" => absolute_url(url_for("user#user_premium")), "login" => absolute_url(url_for("login")), "profile" => absolute_url(url_for("profile")))); crypto_log("Sent disabled account e-mail to " . htmlspecialchars($user['email']) . "."); } else { crypto_log("User had no valid e-mail address."); }
$args += array("label" => "total " . get_currency_abbr($currency)); } else { if (substr($account['summary_type'], 0, strlen('all2')) == 'all2') { $summary_type = substr($account['summary_type'], strlen('all2')); $summary_types = get_total_conversion_summary_types(); $args += array("label" => "converted " . $summary_types[$summary_type]['short_title']); } else { throw new JobException("Unknown summary_instance summary_type '" . htmlspecialchars($account['summary_type']) . "'"); } } } $args['label_uc'] = capitalize($args['label']); break; default: throw new JobException("Unknown notification type for email '" . $notification['notification_type'] . "'"); } send_user_email($user, $email_template, $args); crypto_log("Sent notification e-mail to " . htmlspecialchars($user['email']) . "."); // update user stats $q = db()->prepare("UPDATE user_properties SET notifications_sent=notifications_sent+1 WHERE id=?"); $q->execute(array($user['id'])); } // update the notification $q = db()->prepare("UPDATE notifications SET is_notified=1,last_notification=NOW(),last_value=?,notifications_sent=notifications_sent+1 WHERE id=?"); $q->execute(array($current_value, $notification['id'])); } else { crypto_log("Trigger not successful."); // update the notification $q = db()->prepare("UPDATE notifications SET is_notified=0,last_value=? WHERE id=?"); $q->execute(array($current_value, $notification['id'])); }
throw new PurchaseException(t("Could not generate :currency address for purchase; please try again later.", array(':currency' => get_currency_abbr($currency)))); } // register it to the system as a normal blockchain address, but we need to get received rather than balance $q = db()->prepare("INSERT INTO addresses SET user_id=:user_id, address=:address, currency=:currency, is_received=1"); $q->execute(array("user_id" => get_site_config('system_user_id'), "address" => $address['address'], "currency" => $currency)); $new_address_id = db()->lastInsertId(); // create a new outstanding premium $q = db()->prepare("INSERT INTO outstanding_premiums SET user_id=:user_id, premium_address_id=:pid, address_id=:aid, balance=:balance, months=:months, years=:years"); $q->execute(array("user_id" => user_id(), "pid" => $address['id'], "aid" => $new_address_id, "balance" => $cost, "months" => $months, "years" => $years)); $purchase_id = db()->lastInsertId(); // address is now in use $q = db()->prepare("UPDATE premium_addresses SET is_used=1,used_at=NOW() WHERE id=?"); $q->execute(array($address['id'])); // try sending email, if an email address has been registered if ($user['email']) { send_user_email($user, "purchase", array("name" => $user['name'] ? $user['name'] : $user['email'], "amount" => number_format_autoprecision($cost), "currency" => get_currency_abbr($currency), "currency_name" => get_currency_name($currency), "address" => $address['address'], "explorer" => get_explorer_address($currency, $address['address']), "url" => absolute_url(url_for("user#user_outstanding")))); } // success! inform the user redirect(url_for('user#user_outstanding', array('new_purchase' => $purchase_id))); } catch (PurchaseException $e) { log_uncaught_exception($e); $errors[] = $e->getMessage(); } } page_header(t("Purchase Premium"), "page_purchase", array('js' => 'purchase')); ?> <h1><?php echo ht("Purchase Premium with :currency", array(':currency' => get_currency_name($currency))); ?> </h1>
if ($subscribe != $user['subscribe_announcements'] || $subscribe && $user['email'] != $email) { $q = db()->prepare("DELETE FROM pending_subscriptions WHERE user_id=?"); $q->execute(array(user_id())); if ($email) { $q = db()->prepare("INSERT INTO pending_subscriptions SET user_id=?,created_at=NOW(),is_subscribe=?"); $q->execute(array($user['id'], $subscribe)); if ($subscribe) { $messages[] = t("You will be added manually to the :mailing_list soon.", array(':mailing_list' => "<a href=\"http://groups.google.com/group/" . htmlspecialchars(get_site_config('google_groups_announce')) . "\" target=\"_blank\">" . t("Announcements Mailing List") . "</a>")); } else { $messages[] = t("You will be removed manually from the :mailing_list soon.", array(':mailing_list' => "<a href=\"http://groups.google.com/group/" . htmlspecialchars(get_site_config('google_groups_announce')) . "\" target=\"_blank\">" . t("Announcements Mailing List") . "</a>")); } } } // try sending email if ($email && $email != $old_email) { send_user_email($user, $old_email ? "change_email" : "new_email", array("old_email" => $old_email ? $old_email : t("(no previous e-mail address)"), "email" => $email, "url" => absolute_url(url_for("unsubscribe", array('email' => $email, 'hash' => md5(get_site_config('unsubscribe_salt') . $email)))))); } // redirect to GET set_temporary_messages($messages); redirect(url_for('user')); } } $q = db()->prepare("SELECT outstanding_premiums.*, ab.created_at AS last_check, ab.balance AS last_balance,\n addresses.address, addresses.currency FROM outstanding_premiums\n LEFT JOIN addresses ON outstanding_premiums.address_id=addresses.id\n LEFT JOIN (SELECT * FROM address_balances WHERE is_recent=1) AS ab ON ab.address_id=addresses.id\n WHERE outstanding_premiums.user_id=? AND is_paid=0 AND is_unpaid=0\n ORDER BY outstanding_premiums.created_at DESC"); $q->execute(array(user_id())); $outstanding = $q->fetchAll(); $q = db()->prepare("SELECT outstanding_premiums.*,\n premium_addresses.address, premium_addresses.currency FROM outstanding_premiums\n LEFT JOIN premium_addresses ON outstanding_premiums.premium_address_id=premium_addresses.id\n WHERE outstanding_premiums.user_id=? AND (is_paid=1 OR is_unpaid=1)\n ORDER BY outstanding_premiums.created_at DESC"); $q->execute(array(user_id())); $previous = $q->fetchAll(); if (require_get("new_purchase", false)) { // find the new purchase foreach ($outstanding as $p) {
add_summary_instance($job, 'crypto2' . $currency, $total); } } crypto_log("</ul>"); } // update last_sum_job $q = db()->prepare("UPDATE user_properties SET last_sum_job=NOW() WHERE id=?"); $q->execute(array($job['user_id'])); // and now that we have added summary instances, check for first_report // (this is so that first_report jobs don't block up the job queue) /** * Send an e-mail to new users once their first non-zero summary reports have been compiled. */ // reload user in case multiple summary jobs for the same user are all blocked at once $user = get_user($job['user_id']); if (!$user['is_first_report_sent']) { // is there a non-zero summary instance? $q = db()->prepare("SELECT * FROM summary_instances WHERE user_id=? AND is_recent=1 AND balance > 0 LIMIT 1"); $q->execute(array($user['id'])); if ($instance = $q->fetch()) { crypto_log("User has a non-zero summary instance."); // update that we've reported now $q = db()->prepare("UPDATE user_properties SET is_first_report_sent=1,first_report_sent=NOW() WHERE id=?"); $q->execute(array($user['id'])); // send email if ($user['email']) { send_user_email($user, "first_report", array("name" => $user['name'] ? $user['name'] : $user['email'], "url" => absolute_url(url_for("profile")), "login" => absolute_url(url_for("login")), "wizard_currencies" => absolute_url(url_for("wizard_currencies")), "wizard_addresses" => absolute_url(url_for("wizard_accounts_addresses")), "wizard_accounts" => absolute_url(url_for("wizard_accounts")), "wizard_notifications" => absolute_url(url_for("wizard_notifications")), "reports" => absolute_url(url_for("profile")), "premium" => absolute_url(url_for("premium")))); crypto_log("Sent first report e-mail to " . htmlspecialchars($user['email']) . "."); } } }
$errors[] = t("No such user account exists."); } else { if (!$user['last_password_reset'] || strtotime($user['last_password_reset']) < strtotime("-1 day")) { $errors[] = t("That account has not requested a password reset."); } else { $expected_hash = md5(get_site_config('password_reset_salt') . $email . ":" . strtotime($user['last_password_reset'])); if ($hash != $expected_hash) { $errors[] = t("Invalid hash - please recheck the link in your e-mail."); } } } if (!$errors) { $q = db()->prepare("UPDATE users SET password_hash=?, password_last_changed=NOW() WHERE id=?"); $password_hash = md5(get_site_config('password_salt') . $password); $q->execute(array($password_hash, $user['id'])); send_user_email($user, "password_reset_complete", array("email" => $email, "name" => $user['name'] ? $user['name'] : $email)); $messages[] = t("Password changed; you should now immediately login with this new password."); set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('login', array('email' => $email, 'use_password' => true))); } } require __DIR__ . "/../layout/templates.php"; page_header(t("Change Password"), "page_password_reset", array('js' => 'auth')); ?> <?php require_template("password_reset"); ?> <div class="authentication-form">
$account_data = get_account_data($exchange); // we re-enable ALL accounts, not just accounts belonging to active users, so that when a disabled user // logs back in, they automatically get their disabled accounts disabled as well $q = db()->prepare("SELECT t.*, users.email, user_properties.name AS users_name, user_properties.is_disabled AS user_is_disabled FROM " . $account_data['table'] . " t\n JOIN users ON t.user_id=users.id\n JOIN user_properties ON users.id=user_properties.id\n WHERE t.is_disabled=1"); $q->execute(); $count = 0; $accounts = $q->fetchAll(); foreach ($accounts as $account) { // re-enable it $q = db()->prepare("UPDATE " . $account_data['table'] . " SET is_disabled=0 WHERE id=? AND is_disabled_manually=0"); $q->execute(array($account['id'])); // email the user if their account is not disabled if (!$account['user_is_disabled']) { if ($account['email']) { $user_temp = array('email' => $account['email'], 'name' => $account['users_name']); send_user_email($user_temp, "reenable", array("name" => $account['users_name'] ? $account['users_name'] : $account['email'], "exchange" => get_exchange_name($exchange), "label" => $account_data['label'], "labels" => $account_data['labels'], "title" => isset($account['title']) && $account['title'] ? "\"" . $account['title'] . "\"" : "untitled", "url" => absolute_url(url_for("wizard_accounts")))); $messages[] = "Sent enabled message to " . htmlspecialchars($account['email']); } } $count++; } $messages[] = "Re-enabled " . plural("account", $count) . "."; } page_header("Admin: Accounts", "page_admin_accounts", array('js' => array('accounts'))); // where 0% = bad; 100% = perfect; etc function get_error_class($n) { if ($n >= 0.9) { // 0% return "perfect"; } else {
$q->execute(array(require_post("code"), require_post("title"))); $messages[] = "Added coin " . require_post("code") . "."; } if (require_post("id", false)) { $q = db()->prepare("SELECT * FROM vote_coins WHERE id=?"); $q->execute(array(require_post("id"))); $vote = $q->fetch(); if (!$vote) { $errors[] = "Could not find any such vote_coins"; } else { $sent = 0; $q = db()->prepare("SELECT * FROM vote_coins_votes JOIN users ON vote_coins_votes.user_id=users.id WHERE coin_id=?"); $q->execute(array($vote['id'])); while ($user = $q->fetch()) { if ($user['email']) { send_user_email($user, "voted_coin", array("name" => $user['name'] ? $user['name'] : $user['email'], "code" => strtolower($vote['code']), "abbr" => get_currency_abbr(strtolower($vote['code'])), "title" => get_currency_name(strtolower($vote['code'])), "original_title" => $vote['title'], "total_users" => plural("other user", $vote['total_users']), "url" => absolute_url(url_for("vote_coins")), "wizard" => absolute_url(url_for("wizard_currencies")))); $sent++; } } $messages[] = "Sent notifications to " . plural("user", $sent) . "."; // remove vote_coins and vote_coins_votes entries $q = db()->prepare("DELETE FROM vote_coins WHERE id=?"); $q->execute(array($vote['id'])); $q = db()->prepare("DELETE FROM vote_coins_votes WHERE coin_id=?"); $q->execute(array($vote['id'])); $messages[] = "Removed voted coin."; } } page_header("Admin Vote Coins", "page_admin_vote_coins"); ?>
<?php throw new Exception("This functionality is currently unavailable."); require_login(); $user = get_user(user_id()); $messages = array(); $errors = array(); $confirm = require_post("confirm", false); if ($password && (strlen($password) < 6 || strlen($password) > 255)) { $errors[] = t("You did not select the confirmation checkbox."); } if (!$errors) { $q = db()->prepare("UPDATE user_properties SET password_hash=NULL, password_last_changed=NOW() WHERE id=?"); $q->execute(array(user_id())); $messages[] = t("Removed password."); $name = $user['name'] ? $user['name'] : $user['email']; $email = $user['email']; send_user_email($user, "password_removed", array("email" => $email, "name" => $name, "url" => absolute_url(url_for("user#user_openid")))); } set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('user#user_password'));
<?php /** * An existing premium user's account needs to expire. * May send out an e-mail. */ // get the relevant user info $user = get_user($job['arg_id']); if (!$user) { throw new JobException("Cannot find user ID " . $job['arg_id']); } $was_premium = $user['is_premium']; // update user (before sending email) $q = db()->prepare("UPDATE user_properties SET updated_at=NOW(),is_premium=0 WHERE id=? LIMIT 1"); $q->execute(array($user['id'])); crypto_log("Disabled premium status on user " . $user['id'] . "."); // construct email, but only if we haven't already sent an email out if ($user['email'] && $was_premium) { send_user_email($user, "expire", array("name" => $user['name'] ? $user['name'] : $user['email'], "expires" => iso_date($user['premium_expires']), "expires_text" => recent_format($user['premium_expires'], false, ""), "prices" => get_text_premium_prices(), "prices_html" => get_html_premium_prices(), "url" => absolute_url(url_for("user#user_premium")))); crypto_log("Sent premium expired e-mail to " . htmlspecialchars($user['email']) . "."); } else { crypto_log("User had no valid e-mail address."); }
$errors[] = $e->getMessage(); } if ($user && !$errors) { $user_instance = $user; $q = db()->prepare("INSERT INTO user_properties SET\n id=:id,\n name=:name, country=:country, user_ip=:ip, referer=:referer, subscribe_announcements=:subscribe, created_at=NOW(), updated_at=NOW()"); $user = array("id" => $user->getId(), "name" => $name, "country" => $country, "ip" => user_ip(), "referer" => isset($_SESSION['referer']) ? substr($_SESSION['referer'], 0, 250) : NULL, "subscribe" => $subscribe ? 1 : 0); $q->execute($user); if ($subscribe) { $q = db()->prepare("INSERT INTO pending_subscriptions SET user_id=?,created_at=NOW(),is_subscribe=1"); $q->execute(array($user['id'])); $messages[] = t("You will be added manually to the :mailing_list soon.", array(':mailing_list' => "<a href=\"http://groups.google.com/group/" . htmlspecialchars(get_site_config('google_groups_announce')) . "\" target=\"_blank\">" . t("Announcements Mailing List") . "</a>")); } // try sending email if ($user_instance->getEmail()) { $user['email'] = $user_instance->getEmail(); send_user_email($user, "signup", array("email" => $user['email'], "name" => $name ? $name : $user['email'], "announcements" => "http://groups.google.com/group/" . htmlspecialchars(get_site_config('google_groups_announce')), "url" => absolute_url(url_for("unsubscribe", array('email' => $user['email'], 'hash' => md5(get_site_config('unsubscribe_salt') . $user['email'])))), "wizard_currencies" => absolute_url(url_for("wizard_currencies")), "wizard_addresses" => absolute_url(url_for("wizard_accounts_addresses")), "wizard_accounts" => absolute_url(url_for("wizard_accounts")), "wizard_notifications" => absolute_url(url_for("wizard_notifications")), "reports" => absolute_url(url_for("profile")), "premium" => absolute_url(url_for("premium")))); } // create default summary pages and cryptocurrencies and graphs contents reset_user_settings($user['id']); // success! // issue #62: rather than requiring another step to login, just log the user in now. \Users\User::forceLogin(db(), $user['id']); complete_login($user, $autologin); $messages[] = t("New account creation successful."); // redirect set_temporary_messages($messages); redirect(url_for(get_site_config('premium_welcome') ? "welcome" : get_site_config('signup_login'), array("pause" => true))); } } catch (Exception $e) { if (!$e instanceof EscapedException) { $e = new EscapedException(htmlspecialchars($e->getMessage()), (int) $e->getCode(), $e);
crypto_log("Sent e-mail to " . htmlspecialchars($user['email']) . "."); } } } else { // have we reminded recently? if (!$address['last_reminder'] || strtotime($address['last_reminder'] . " +" . get_site_config('outstanding_reminder_hours') . " hour") < time()) { // send a reminder if ($user['email']) { send_user_email($user, "purchase_reminder", array("name" => $user['name'] ? $user['name'] : $user['email'], "amount" => number_format_autoprecision($address['balance']), "received" => number_format_autoprecision($balance['balance']), "currency" => get_currency_abbr($address['currency']), "currency_name" => get_currency_name($address['currency']), "address" => $address['address'], "explorer" => get_explorer_address($address['currency'], $address['address']), "url" => absolute_url(url_for("user#user_outstanding")), "reminder" => $reminder, "cancelled" => $cancelled)); crypto_log("Sent e-mail to " . htmlspecialchars($user['email']) . "."); } $q = db()->prepare("UPDATE outstanding_premiums SET last_reminder=NOW() WHERE id=?"); $q->execute(array($address['id'])); crypto_log("Sent reminder message on outstanding premium payment."); } } } else { if ($balance['balance'] > 0 && $balance['balance'] > $address['last_balance']) { // issue #231: have we made a new payment since we looked last? // send a reminder if ($user['email']) { send_user_email($user, "purchase_further", array("name" => $user['name'] ? $user['name'] : $user['email'], "amount" => number_format_autoprecision($address['balance']), "received" => number_format_autoprecision($balance['balance']), "difference" => number_format_autoprecision($balance['balance'] - $address['last_balance']), "currency" => get_currency_abbr($address['currency']), "currency_name" => get_currency_name($address['currency']), "address" => $address['address'], "explorer" => get_explorer_address($address['currency'], $address['address']), "url" => absolute_url(url_for("user#user_outstanding")), "reminder" => $reminder, "cancelled" => $cancelled)); crypto_log("Sent e-mail to " . htmlspecialchars($user['email']) . "."); } $q = db()->prepare("UPDATE outstanding_premiums SET last_balance=? WHERE id=?"); $q->execute(array($balance['balance'], $address['id'])); crypto_log("Sent received payment message on outstanding premium payment."); } } } }
if ($confirm != "confirm") { $errors[] = t("Please type in ':text'.", array(':text' => "confirm")); } if (!$errors) { // mark the account as due to be deleted $q = db()->prepare("UPDATE user_properties SET is_deleted=1, requested_delete_at=NOW() WHERE id=?"); $q->execute(array(user_id())); // remove any OpenID connections for this user account, so that users can sign up // again immediately with the same OpenID details $q = db()->prepare("DELETE FROM user_openid_identities WHERE user_id=?"); $q->execute(array(user_id())); // send email to user $name = $user['name'] ? $user['name'] : $user['email']; $email = $user['email']; if ($email) { send_user_email($user, "deleted", array("email" => $email, "name" => $name, "url" => absolute_url(url_for("signup")))); } // send email to admin with reasons $email = get_site_config('site_email'); send_email($email, "deleted_reason", array("email" => $email, "reason" => $reason, "user" => print_r($user, true))); // redirect back to signup page with information $messages[] = t("Your user account will shortly be deleted. You may sign up again here."); // now logout the user before doing anything else! user_logout(); set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('signup')); } // otherwise, go back to user page with errors set_temporary_messages($messages); set_temporary_errors($errors);
$messages = array(); $errors = array(); $password = require_post("password", false); $password2 = require_post("password2", false); if ($password && (strlen($password) < 6 || strlen($password) > 255)) { $errors[] = t("Please select a password between :min-:max characters long.", array(':min' => 6, ':max' => 255)); } if ($password && $password != $password2) { $errors[] = t("Those passwords do not match."); } if (!$user['email']) { $errors[] = t("You need to have added an e-mail address to your account before you can enable password login."); } // check there are no other accounts using a password hash on this e-mail address $q = db()->prepare("SELECT * FROM users WHERE email=? AND id <> ?"); $q->execute(array($user['email'], user_id())); if ($q->fetch()) { $errors[] = t("This e-mail address is already being used by another account for password login."); } if (!$errors) { // change password $user_instance = \Users\User::getInstance(db()); \Users\UserPassword::changePassword(db(), $user_instance, $password); $messages[] = t("Updated password."); $name = $user['name'] ? $user['name'] : $user['email']; $email = $user['email']; send_user_email($user, $user['password_hash'] ? "password_changed" : "password_added", array("email" => $email, "name" => $name)); } set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('user#user_password'));
<?php throw new Exception("This functionality is currently unavailable."); $email = trim(require_post("email", require_get("email", false))); $confirm = require_post("confirm", false); $messages = array(); $errors = array(); if ($email && $confirm) { $q = db()->prepare("SELECT * FROM user_properties WHERE email=? AND ISNULL(password_hash) = 0"); $q->execute(array($email)); if ($user = $q->fetch()) { $q = db()->prepare("UPDATE user_properties SET last_password_reset=NOW() WHERE id=?"); $q->execute(array($user['id'])); $user = get_user($user['id']); $hash = md5(get_site_config('password_reset_salt') . $email . ":" . strtotime($user['last_password_reset'])); send_user_email($user, "password_reset", array("email" => $email, "name" => $user['name'] ? $user['name'] : $email, "ip" => user_ip(), "url" => absolute_url(url_for("password_reset", array('email' => $email, 'hash' => $hash))))); $messages[] = t("Further instructions to change your password have been sent to your e-mail address :email.", array(':email' => htmlspecialchars($email))); } else { $errors[] = t("No such user account exists."); } } require __DIR__ . "/../layout/templates.php"; page_header(t("Reset Password"), "page_password", array('js' => 'auth')); ?> <?php require_template("password"); ?> <div class="authentication-form"> <h2><?php