public function resetPass(array $params)
{
global $DB, $User;
$ChangeUser = new User($params['userID']);
if ($ChangeUser->type['Admin'] || $ChangeUser->type['Moderator'] && !$User->type['Admin']) {
throw new Exception(l_t("Cannot reset an admin/moderator's password if you aren't admin."));
}
$password = base64_encode(rand(1000000, 2000000));
$DB->sql_put("UPDATE wD_Users\r\n\t\t\tSET password = UNHEX('" . libAuth::pass_Hash($password) . "')\r\n\t\t\tWHERE id = " . $ChangeUser->id);
return l_t('Users password reset to %s', $password);
}
/**
* Filter a registration/user control panel form. An exception is thrown if
* data can't be filtered. An array of variables usable in SQL are returned.
*
* @param array $input An array of unfiltered data from a registration/control panel form
* @return array An array of filtered SQL insertable data
*/
public static function processForm($input, &$errors)
{
global $DB;
$SQLVars = array();
$available = array('username' => '', 'password' => '', 'passwordcheck' => '', 'email' => '', 'hideEmail' => '', 'showEmail' => '', 'homepage' => '', 'comment' => '');
$userForm = array();
foreach ($available as $name => $val) {
if (isset($input[$name]) and $input) {
$userForm[$name] = $input[$name];
}
}
if (isset($userForm['username'])) {
$SQLVars['username'] = trim($DB->escape($userForm['username']));
}
if (isset($userForm['password']) and $userForm['password']) {
if (isset($userForm['passwordcheck']) and $userForm['password'] == $userForm['passwordcheck']) {
$SQLVars['password'] = "******" . libAuth::pass_Hash($userForm['password']) . "')";
} else {
$errors[] = l_t("The two passwords do not match");
}
}
if (isset($userForm['email']) and $userForm['email']) {
$userForm['email'] = trim($DB->escape($userForm['email']));
if (!libAuth::validate_email($userForm['email'])) {
$errors[] = l_t("The e-mail address you entered isn't valid. Please enter a valid one");
} else {
$SQLVars['email'] = $userForm['email'];
}
}
if (isset($userForm['hideEmail'])) {
if ($userForm['hideEmail'] == "Yes") {
$SQLVars['hideEmail'] = "Yes";
} else {
$SQLVars['hideEmail'] = "No";
}
}
if (isset($userForm['homepage']) and $userForm['homepage']) {
$userForm['homepage'] = $DB->escape($userForm['homepage']);
$SQLVars['homepage'] = $userForm['homepage'];
}
if (isset($userForm['comment']) and $userForm['comment']) {
$userForm['comment'] = $DB->msg_escape($userForm['comment']);
$SQLVars['comment'] = $userForm['comment'];
}
return $SQLVars;
}
</form>';
} elseif ($_REQUEST['forgotPassword'] == 2 && isset($_REQUEST['forgotUsername'])) {
try {
$forgottenUser = new User(0, $DB->escape($_REQUEST['forgotUsername']));
} catch (Exception $e) {
throw new Exception(l_t("Cannot find an account for the given username, please " . "<a href='logon.php?forgotPassword=1' class='light'>go back</a> and check your spelling."));
}
require_once l_r('objects/mailer.php');
$Mailer = new Mailer();
$Mailer->Send(array($forgottenUser->email => $forgottenUser->username), l_t('webDiplomacy forgotten password verification link'), l_t("You can use this link to get a new password generated:") . "<br>\r\n" . libAuth::email_validateURL($forgottenUser->email) . "&forgotPassword=3<br><br>\r\n\r\n" . l_t("If you have any further problems contact the server's admin at %s.", Config::$adminEMail) . "<br>");
print '<p>' . l_t('An e-mail has been sent with a verification link, which will allow you to have your password reset. ' . 'If you can\'t find the e-mail in your inbox try your junk folder/spam-box.') . '</p>';
} elseif ($_REQUEST['forgotPassword'] == 3 && isset($_REQUEST['emailToken'])) {
$email = $DB->escape(libAuth::emailToken_email($_REQUEST['emailToken']));
$userID = User::findEmail($email);
$newPassword = base64_encode(rand(1000000000, 2000000000));
$DB->sql_put("UPDATE wD_Users\r\n\t\t\t\tSET password=UNHEX('" . libAuth::pass_Hash($newPassword) . "')\r\n\t\t\t\tWHERE id=" . $userID . " LIMIT 1");
print '<p>' . l_t('Thanks for verifying your address, this is your new password, which you can ' . 'change once you have logged back on:') . '<br /><br />
<strong>' . $newPassword . '</strong></p>
<p><a href="logon.php" class="light">' . l_t('Back to log-on prompt') . '</a></p>';
}
} catch (Exception $e) {
print '<p class="notice">' . $e->getMessage() . '</p>';
}
print '</div>';
libHTML::footer();
}
if (!$User->type['User']) {
print libHTML::pageTitle(l_t('Log on'), l_t('Enter your webDiplomacy account username and password to log into your account.'));
print '
