/** * Emails password to a user * * This will email the given user their password. * * @param string $username Username for which to get and email password * @param string $passwd Unencrypted password (optional) * @param int $msg Message number of message to show when done * @return string Optionally returns the HTML for the default form if the user info can't be found * */ function emailpassword($username, $passwd = '', $msg = 0) { global $_CONF, $_TABLES, $LANG04; $retval = ''; $username = DB_escapeString($username); // don't retrieve any remote users! $result = DB_query("SELECT uid,email,status FROM {$_TABLES['users']} WHERE username = '******' AND (account_type & " . LOCAL_USER . ")"); $nrows = DB_numRows($result); if ($nrows == 1) { $A = DB_fetchArray($result); if ($_CONF['usersubmission'] == 1 && $A['status'] == USER_ACCOUNT_AWAITING_APPROVAL) { echo COM_refresh($_CONF['site_url'] . '/index.php?msg=48'); } $mailresult = USER_createAndSendPassword($username, $A['email'], $A['uid'], $passwd); if ($mailresult == false) { echo COM_refresh("{$_CONF['site_url']}/index.php?msg=85"); } else { if ($msg) { echo COM_refresh("{$_CONF['site_url']}/index.php?msg={$msg}"); } else { if ($_CONF['registration_type'] == 1) { echo COM_refresh("{$_CONF['site_url']}/index.php?msg=3"); } else { echo COM_refresh("{$_CONF['site_url']}/index.php?msg=1"); } } } } else { $retval = defaultform(''); } return $retval; }
/** * User request for a new password - send email with a link and request id * * @param username string name of user who requested the new password * @return string form or meta redirect */ function requestpassword($username) { global $_CONF, $_TABLES, $LANG04; $retval = ''; // no remote users! $result = DB_query("SELECT uid,email,passwd,status FROM {$_TABLES['users']} WHERE username = '******' AND ((remoteservice IS NULL) OR (remoteservice=''))"); $nrows = DB_numRows($result); if ($nrows == 1) { $A = DB_fetchArray($result); if ($_CONF['usersubmission'] == 1 && $A['status'] == USER_ACCOUNT_AWAITING_APPROVAL) { COM_redirect($_CONF['site_url'] . '/index.php?msg=48'); } $reqid = substr(md5(uniqid(rand(), 1)), 1, 16); DB_change($_TABLES['users'], 'pwrequestid', "{$reqid}", 'uid', $A['uid']); $mailtext = sprintf($LANG04[88], $username); $mailtext .= $_CONF['site_url'] . '/users.php?mode=newpwd&uid=' . $A['uid'] . '&rid=' . $reqid . "\n\n"; $mailtext .= $LANG04[89]; $mailtext .= "{$_CONF['site_name']}\n"; $mailtext .= "{$_CONF['site_url']}\n"; $subject = $_CONF['site_name'] . ': ' . $LANG04[16]; if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) { $mailfrom = $_CONF['noreply_mail']; $mailtext .= LB . LB . $LANG04[159]; } else { $mailfrom = $_CONF['site_mail']; } if (COM_mail($A['email'], $subject, $mailtext, $mailfrom)) { $msg = 55; // message sent } else { $msg = 85; // problem sending the email } $redirect = $_CONF['site_url'] . "/index.php?msg={$msg}"; COM_updateSpeedlimit('password'); COM_redirect($redirect); } else { $retval = COM_createHTMLDocument(defaultform($LANG04[17]), array('pagetitle' => $LANG04[17])); } return $retval; }