function Page_Main()
{
global $conn, $Language, $Security, $gsFormError;
global $Breadcrumb;
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("changepwd", "ChangePwdPage", ew_CurrentUrl(), "", "", TRUE);
$bPostBack = ew_IsHttpPost();
$bValidate = TRUE;
if ($bPostBack) {
$this->OldPassword = ew_StripSlashes(@$_POST["opwd"]);
$this->NewPassword = ew_StripSlashes(@$_POST["npwd"]);
$this->ConfirmedPassword = ew_StripSlashes(@$_POST["cpwd"]);
$bValidate = $this->ValidateForm($this->OldPassword, $this->NewPassword, $this->ConfirmedPassword);
if (!$bValidate) {
$this->setFailureMessage($gsFormError);
}
}
$bPwdUpdated = FALSE;
if ($bPostBack && $bValidate) {
// Setup variables
$sUsername = $Security->CurrentUserName();
$sFilter = str_replace("%u", ew_AdjustSql($sUsername), EW_USER_NAME_FILTER);
// Set up filter (Sql Where Clause) and get Return SQL
// SQL constructor in usuarios class, usuariosinfo.php
$this->CurrentFilter = $sFilter;
$sSql = $this->SQL();
if ($rs = $conn->Execute($sSql)) {
if (!$rs->EOF) {
$rsold = $rs->fields;
if (ew_ComparePassword($rsold['contrasenia'], $this->OldPassword)) {
$bValidPwd = TRUE;
$bValidPwd = $this->User_ChangePassword($rsold, $sUsername, $this->OldPassword, $this->NewPassword);
if ($bValidPwd) {
$rsnew = array('contrasenia' => $this->NewPassword);
// Change Password
$sEmail = $rsold['email'];
$rs->Close();
$conn->raiseErrorFn = $GLOBALS["EW_ERROR_FN"];
$bValidPwd = $this->Update($rsnew);
$conn->raiseErrorFn = '';
if ($bValidPwd) {
$bPwdUpdated = TRUE;
}
} else {
$this->setFailureMessage($Language->Phrase("InvalidNewPassword"));
$rs->Close();
}
} else {
$this->setFailureMessage($Language->Phrase("InvalidPassword"));
}
} else {
$rs->Close();
}
}
}
if ($bPwdUpdated) {
if (@$sEmail != "") {
// Load Email Content
$Email = new cEmail();
$Email->Load("phptxt/changepwd.txt");
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient($sEmail);
// Replace Recipient
$Email->ReplaceContent('<!--$Password-->', $this->NewPassword);
$Email->Charset = EW_EMAIL_CHARSET;
$Args = array();
$Args["rs"] =& $rsnew;
$bEmailSent = FALSE;
if ($this->Email_Sending($Email, $Args)) {
$bEmailSent = $Email->Send();
}
// Send email failed
if (!$bEmailSent) {
$this->setFailureMessage($Email->SendErrDescription);
}
}
if ($this->getSuccessMessage() == "") {
$this->setSuccessMessage($Language->Phrase("PasswordChanged"));
}
// Set up success message
$this->Page_Terminate("index.php");
// Exit page and clean up
}
}
function Page_Main()
{
global $conn, $Language, $gsFormError;
global $Breadcrumb;
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("forgotpwd", "<span id=\"ewPageCaption\">" . $Language->Phrase("RequestPwdPage") . "</span>", ew_CurrentUrl());
$bPostBack = ew_IsHttpPost();
$bValidEmail = FALSE;
if ($bPostBack) {
// Setup variables
$this->Email = $_POST["email"];
$bValidEmail = $this->ValidateForm($this->Email);
if ($bValidEmail) {
$this->Action = "activate";
$this->ActivateCode = ew_Encrypt($this->Email);
} else {
$this->setFailureMessage($gsFormError);
}
// Handle email activation
} elseif (@$_GET["action"] != "") {
$this->Action = $_GET["action"];
$this->Email = @$_GET["email"];
$this->ActivateCode = @$_GET["code"];
if ($this->Email != ew_Decrypt($this->ActivateCode) || strtolower($this->Action) != "confirm") {
// Email activation
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("ActivateFailed"));
}
// Set activate failed message
$this->Page_Terminate("login.php");
// Go to login page
}
}
if ($this->Action != "") {
$bEmailSent = FALSE;
// Set up filter (SQL WHERE clause) and get Return SQL
// SQL constructor in usuario class, usuarioinfo.php
$sFilter = str_replace("%e", ew_AdjustSql($this->Email), EW_USER_EMAIL_FILTER);
$this->CurrentFilter = $sFilter;
$sSql = $this->SQL();
if ($RsUser = $conn->Execute($sSql)) {
if (!$RsUser->EOF) {
$rsold = $RsUser->fields;
$bValidEmail = TRUE;
// Call User Recover Password event
$bValidEmail = $this->User_RecoverPassword($rsold);
if ($bValidEmail) {
$sUserName = $rsold['usuario'];
$sPassword = $rsold['contrasenia'];
if (EW_ENCRYPTED_PASSWORD) {
if (strtolower($this->Action) == "confirm") {
$sPassword = substr($sPassword, 0, 16);
// Use first 16 characters only
$rsnew = array('contrasenia' => $sPassword);
// Reset the password
$this->Update($rsnew);
}
} else {
$this->Action = "confirm";
// Send password directly if not MD5
}
}
} else {
$bValidEmail = FALSE;
$this->setFailureMessage($Language->Phrase("InvalidEmail"));
}
if ($bValidEmail) {
$Email = new cEmail();
if (strtolower($this->Action) == "confirm") {
$Email->Load("phptxt/forgotpwd.txt");
$Email->ReplaceContent('<!--$Password-->', $sPassword);
} else {
$Email->Load("phptxt/resetpwd.txt");
$sActivateLink = ew_FullUrl() . "?action=confirm";
$sActivateLink .= "&email=" . $this->Email;
$sActivateLink .= "&code=" . $this->ActivateCode;
$Email->ReplaceContent('<!--$ActivateLink-->', $sActivateLink);
}
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient($this->Email);
// Replace Recipient
$Email->ReplaceContent('<!--$UserName-->', $sUserName);
$Email->Charset = EW_EMAIL_CHARSET;
$Args = array();
if (EW_ENCRYPTED_PASSWORD && strtolower($this->Action) == "confirm") {
$Args["rs"] =& $rsnew;
}
if ($this->Email_Sending($Email, $Args)) {
$bEmailSent = $Email->Send();
}
}
$RsUser->Close();
}
if ($bEmailSent) {
if ($this->getSuccessMessage() == "") {
if (strtolower($this->Action) == "confirm") {
$this->setSuccessMessage($Language->Phrase("PwdEmailSent"));
} else {
$this->setSuccessMessage($Language->Phrase("ResetPwdEmailSent"));
}
}
// Set up success message
$this->Page_Terminate("login.php");
// Return to login page
} elseif ($bValidEmail) {
$this->setFailureMessage($Language->Phrase("FailedToSendMail"));
// Set up error message
}
}
}
function ew_SendTemplateEmail($sTemplate, $sSender, $sRecipient, $sCcEmail, $sBccEmail, $sSubject, $arContent)
{
if ($sSender != "" && $sRecipient != "") {
$Email = new cEmail();
$Email->Load($sTemplate);
$Email->ReplaceSender($sSender);
// Replace Sender
$Email->ReplaceRecipient($sRecipient);
// Replace Recipient
if ($sCcEmail != "") {
$Email->AddCc($sCcEmail);
}
// Add Cc
if ($sBccEmail != "") {
$Email->AddBcc($sBccEmail);
}
// Add Bcc
if ($sSubject != "") {
$Email->ReplaceSubject($sSubject);
}
// Replace subject
if (is_array($arContent)) {
foreach ($arContent as $key => $value) {
$Email->ReplaceContent($key, $value);
}
}
return $Email->Send();
}
return FALSE;
}
function ew_SendNotifyEmail($sFn, $sSubject, $sTable, $sKey, $sAction)
{
// Send Email
if (EW_SENDER_EMAIL != "" && EW_RECIPIENT_EMAIL != "") {
$Email = new cEmail();
$Email->Load($sFn);
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient(EW_RECIPIENT_EMAIL);
// Replace Recipient
$Email->ReplaceSubject($sSubject);
// Replace Subject
$Email->ReplaceContent("<!--table-->", $sTable);
$Email->ReplaceContent("<!--key-->", $sKey);
$Email->ReplaceContent("<!--action-->", $sAction);
$Email->Send();
}
}
function Page_Main()
{
global $UserTableConn, $Language, $gsFormError;
global $Breadcrumb;
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("forgotpwd", "RequestPwdPage", ew_CurrentUrl(), "", "", TRUE);
$bPostBack = ew_IsHttpPost();
$bValidEmail = FALSE;
if ($bPostBack) {
// Setup variables
$this->Email = $_POST["email"];
$bValidEmail = $this->ValidateForm($this->Email);
if ($bValidEmail) {
if (EW_ENCRYPTED_PASSWORD) {
$this->Action = "reset";
} else {
$this->Action = "confirm";
}
// Send password directly if not MD5
$this->ActivateCode = ew_Encrypt($this->Email);
} else {
$this->setFailureMessage($gsFormError);
}
// Handle email activation
} elseif (@$_GET["action"] != "") {
$this->Action = $_GET["action"];
$this->Email = @$_GET["email"];
$this->ActivateCode = @$_GET["code"];
if ($this->Email != ew_Decrypt($this->ActivateCode) || strtolower($this->Action) != "confirm" && strtolower($this->Action) != "reset") {
// Email activation
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("ActivateFailed"));
}
// Set activate failed message
$this->Page_Terminate("login.php");
// Go to login page
}
if (strtolower($this->Action) == "reset") {
$this->Action = "resetpassword";
}
}
if ($this->Action != "") {
$bEmailSent = FALSE;
// Set up filter (SQL WHERE clause) and get Return SQL
// SQL constructor in user class, userinfo.php
$sFilter = str_replace("%e", ew_AdjustSql($this->Email, EW_USER_TABLE_DBID), EW_USER_EMAIL_FILTER);
$this->CurrentFilter = $sFilter;
$sSql = $this->SQL();
if ($RsUser = $UserTableConn->Execute($sSql)) {
if (!$RsUser->EOF) {
$rsold = $RsUser->fields;
$bValidEmail = TRUE;
// Call User Recover Password event
$bValidEmail = $this->User_RecoverPassword($rsold);
if ($bValidEmail) {
$sUserName = $rsold['CODE'];
$sPassword = $rsold['PASS'];
}
} else {
$bValidEmail = FALSE;
$this->setFailureMessage($Language->Phrase("InvalidEmail"));
}
$RsUser->Close();
if ($bValidEmail) {
if (strtolower($this->Action) == "resetpassword") {
// Reset password
$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = $sUserName;
// Save login user name
$_SESSION[EW_SESSION_STATUS] = "passwordreset";
$this->Page_Terminate("changepwd.php");
} else {
$Email = new cEmail();
if (strtolower($this->Action) == "confirm") {
$Email->Load(EW_EMAIL_FORGOTPWD_TEMPLATE);
$Email->ReplaceContent('<!--$Password-->', $sPassword);
} else {
$Email->Load(EW_EMAIL_RESETPWD_TEMPLATE);
$sActivateLink = ew_FullUrl() . "?action=reset";
$sActivateLink .= "&email=" . $this->Email;
$sActivateLink .= "&code=" . $this->ActivateCode;
$Email->ReplaceContent('<!--$ActivateLink-->', $sActivateLink);
}
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient($this->Email);
// Replace Recipient
$Email->ReplaceContent('<!--$UserName-->', $sUserName);
$Args = array();
if (EW_ENCRYPTED_PASSWORD && strtolower($this->Action) == "confirm") {
$Args["rs"] =& $rsnew;
}
if ($this->Email_Sending($Email, $Args)) {
$bEmailSent = $Email->Send();
}
}
}
}
if ($bEmailSent) {
if ($this->getSuccessMessage() == "") {
if (strtolower($this->Action) == "confirm") {
$this->setSuccessMessage($Language->Phrase("PwdEmailSent"));
} else {
$this->setSuccessMessage($Language->Phrase("ResetPwdEmailSent"));
}
}
// Set up success message
$this->Page_Terminate("login.php");
// Return to login page
} elseif ($bValidEmail) {
$this->setFailureMessage($Email->SendErrDescription);
// Set up error message
}
}
}
function Page_Main()
{
global $conn, $Security, $Language, $gsFormError, $objForm;
global $Breadcrumb;
// Set up Breadcrumb
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("register", "<span id=\"ewPageCaption\">" . $Language->Phrase("RegisterPage") . "</span>", ew_CurrentUrl());
$bUserExists = FALSE;
if (@$_POST["a_register"] != "") {
// Get action
$this->CurrentAction = $_POST["a_register"];
$this->LoadFormValues();
// Get form values
// Validate form
if (!$this->ValidateForm()) {
$this->CurrentAction = "I";
// Form error, reset action
$this->setFailureMessage($gsFormError);
}
} else {
$this->CurrentAction = "I";
// Display blank record
$this->LoadDefaultValues();
// Load default values
}
// Handle email activation
if (@$_GET["action"] != "") {
$sAction = $_GET["action"];
$sEmail = @$_GET["email"];
$sCode = @$_GET["token"];
@(list($sApprovalCode, $sUsr, $sPwd) = explode(",", $sCode, 3));
$sApprovalCode = ew_Decrypt($sApprovalCode);
$sUsr = ew_Decrypt($sUsr);
$sPwd = ew_Decrypt($sPwd);
if ($sEmail == $sApprovalCode) {
if (strtolower($sAction) == "confirm") {
// Email activation
if ($this->ActivateEmail($sEmail)) {
// Activate this email
if ($this->getSuccessMessage() == "") {
$this->setSuccessMessage($Language->Phrase("ActivateAccount"));
}
// Set up message acount activated
$this->Page_Terminate("cciaglogin.php");
// Go to login page
}
}
}
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("ActivateFailed"));
}
// Set activate failed message
$this->Page_Terminate("cciaglogin.php");
// Go to login page
}
switch ($this->CurrentAction) {
case "I":
// Blank record, no action required
break;
case "A":
// Add
// Check for duplicate User ID
$sFilter = str_replace("%u", ew_AdjustSql($this->usuario->CurrentValue), EW_USER_NAME_FILTER);
// Set up filter (SQL WHERE clause) and get return SQL
// SQL constructor in usuario class, usuarioinfo.php
$this->CurrentFilter = $sFilter;
$sUserSql = $this->SQL();
if ($rs = $conn->Execute($sUserSql)) {
if (!$rs->EOF) {
$bUserExists = TRUE;
$this->RestoreFormValues();
// Restore form values
$this->setFailureMessage($Language->Phrase("UserExists"));
// Set user exist message
}
$rs->Close();
}
if (!$bUserExists) {
$this->SendEmail = TRUE;
// Send email on add success
if ($this->AddRow()) {
// Add record
// Load user email
$sReceiverEmail = $this->_email->CurrentValue;
if ($sReceiverEmail == "") {
// Send to recipient directly
$sReceiverEmail = EW_RECIPIENT_EMAIL;
$sBccEmail = "";
} else {
// Bcc recipient
$sBccEmail = EW_RECIPIENT_EMAIL;
}
// Set up email content
if ($sReceiverEmail != "") {
$Email = new cEmail();
$Email->Load("phptxt/cciagregister.txt");
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient($sReceiverEmail);
// Replace Recipient
if ($sBccEmail != "") {
$Email->AddBcc($sBccEmail);
}
// Add Bcc
$Email->ReplaceContent('<!--FieldCaption_email-->', $this->_email->FldCaption());
$Email->ReplaceContent('<!--email-->', strval($this->_email->FormValue));
$sActivateLink = ew_FullUrl() . "?action=confirm";
$sActivateLink .= "&email=" . $this->_email->CurrentValue;
$sToken = ew_Encrypt($this->_email->CurrentValue) . "," . ew_Encrypt($this->usuario->CurrentValue) . "," . ew_Encrypt($this->contrasenia->FormValue);
$sActivateLink .= "&token=" . $sToken;
$Email->ReplaceContent("<!--ActivateLink-->", $sActivateLink);
$Email->Charset = EW_EMAIL_CHARSET;
// Get new recordset
$this->CurrentFilter = $this->KeyFilter();
$sSql = $this->SQL();
$rsnew = $conn->Execute($sSql);
$Args = array();
$Args["rs"] = $rsnew->fields;
$bEmailSent = FALSE;
if ($this->Email_Sending($Email, $Args)) {
$bEmailSent = $Email->Send();
}
// Send email failed
if (!$bEmailSent) {
$this->setFailureMessage($Email->SendErrDescription);
}
}
if ($this->getSuccessMessage() == "") {
$this->setSuccessMessage($Language->Phrase("RegisterSuccessActivate"));
}
// Activate success
$this->Page_Terminate("cciaglogin.php");
// Return
} else {
$this->RestoreFormValues();
// Restore form values
}
}
}
// Render row
if ($this->CurrentAction == "F") {
// Confirm page
$this->RowType = EW_ROWTYPE_VIEW;
// Render view
} else {
$this->RowType = EW_ROWTYPE_ADD;
// Render add
}
$this->ResetAttrs();
$this->RenderRow();
}
function SendEmailOnEdit(&$rsold, &$rsnew)
{
echo $rsold;
global $Language;
$sFn = "phptxt/notify.txt";
$sTable = 'messages';
$sSubject = $sTable . " " . $Language->Phrase("RecordUpdated");
$sAction = $Language->Phrase("ActionUpdated");
// Get key value
$sKey = "";
if ($sKey != "") {
$sKey .= $GLOBALS["EW_COMPOSITE_KEY_SEPARATOR"];
}
$sKey .= $rsold['id'];
$Email = new cEmail();
$Email->Load($sFn);
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient(EW_RECIPIENT_EMAIL);
// Replace Recipient
$Email->ReplaceSubject($sSubject);
// Replace Subject
$Email->ReplaceContent("<!--table-->", $sTable);
$Email->ReplaceContent("<!--key-->", $sKey);
$Email->ReplaceContent("<!--action-->", $sAction);
$Email->Charset = EW_EMAIL_CHARSET;
$Args = array();
$Args["rsold"] =& $rsold;
$Args["rsnew"] =& $rsnew;
$bEmailSent = FALSE;
if ($this->Email_Sending($Email, $Args)) {
$bEmailSent = $Email->Send();
}
// Send email failed
if (!$bEmailSent) {
$this->setFailureMessage($Email->SendErrDescription);
}
}