# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
    exit('');
}
$i18n = exponent_lang_loadFile('modules/loginmodule/actions/resetpass_send.php');
if (!defined('SYS_USERS')) {
    require_once BASE . 'subsystems/users.php';
}
$u = exponent_users_getUserByName($_POST['username']);
if ($u != null && $u->is_acting_admin == 0 && $u->is_admin == 0 && $u->email != '') {
    if (!defined('SYS_SMTP')) {
        require_once BASE . 'subsystems/smtp.php';
    }
    $tok = null;
    $tok->uid = $u->id;
    $tok->expires = time() + 2 * 3600;
    $tok->token = md5(time()) . uniqid('');
    $e_template = new template('loginmodule', '_email_resetconfirm', $loc);
    $e_template->assign('token', $tok);
    $msg = $e_template->render();
    // FIXME: smtp call prototype / usage has changed.
    if (!exponent_smtp_mail($u->email, $i18n['from_name'] . ' <' . $i18n['from_email'] . '@' . HOSTNAME . '>', $i18n['title'], $msg)) {
        echo $i18n['smtp_error'];
    } else {
Пример #2
0
 $capcha_real = exponent_sessions_get('capcha_string');
 if (!defined('SYS_USERS')) {
     require_once BASE . 'subsystems/users.php';
 }
 if (!defined('SYS_SECURITY')) {
     require_once BASE . 'subsystems/security.php';
 }
 $username_error = exponent_security_checkUsername($_POST['username']);
 if ($username_error != '') {
     $post = $_POST;
     unset($post['username']);
     $post['_formError'] = sprintf($i18n['username_failed'], $username_error);
     exponent_sessions_set('last_POST', $post);
     header('Location: ' . $_SERVER['HTTP_REFERER']);
 } else {
     if (exponent_users_getUserByName($_POST['username']) != null) {
         $post = $_POST;
         unset($post['username']);
         $post['_formError'] = $i18n['username_taken'];
         exponent_sessions_set('last_POST', $post);
         header('Location: ' . $_SERVER['HTTP_REFERER']);
     } else {
         if ($_POST['pass1'] != $_POST['pass2']) {
             $post = $_POST;
             unset($post['pass1']);
             unset($post['pass2']);
             $post['_formError'] = $i18n['unmatched_passwords'];
             exponent_sessions_set('last_POST', $post);
             header('Location: ' . $_SERVER['HTTP_REFERER']);
         } else {
             $strength_error = exponent_security_checkPasswordStrength($_POST['username'], $_POST['pass1']);
             $userinfo->clearpassword = $newpass;
             break;
         case "DEFPASS":
             $userinfo->clearpassword = str_replace(" ", "", trim($_POST["pwordText"]));
             break;
     }
     $userinfo->password = md5($userinfo->clearpassword);
     $suffix = "";
     while (exponent_users_getUserByName($userinfo->username . $suffix) != null) {
         //username already exists
         if (isset($_POST["update"]) == 1) {
             if (in_array($userinfo->username, $usersdone)) {
                 $suffix = rand(100, 999);
                 $userinfo->changed = 1;
             } else {
                 $tmp = exponent_users_getUserByName($userinfo->username . $suffix);
                 $userinfo->id = $tmp->id;
                 break;
             }
         } else {
             $suffix = rand(100, 999);
             $userinfo->changed = 1;
         }
     }
     $userinfo->username = $userinfo->username . $suffix;
     $userarray[] = exponent_users_saveUser($userinfo);
     $usersdone[] = $userinfo->username;
 } else {
     $userinfo->linenum = $linenum;
     $userarray[] = $userinfo;
 }