}
} else {
Cookie::set('login_attempts', 1, 600);
}
}
}
Notification::setNow('error', $login_error);
}
// Errors
$errors = array();
$site_url = Option::get('siteurl');
$site_name = Option::get('sitename');
$user_login = trim(Request::post('login'));
// Reset Password Form Submit
if (Request::post('reset_password_submit')) {
if (Option::get('captcha_installed') == 'true' && !CryptCaptcha::check(Request::post('answer'))) {
$errors['users_captcha_wrong'] = __('Captcha code is wrong', 'users');
}
if ($user_login == '') {
$errors['users_empty_field'] = __('Required field', 'users');
}
if ($user_login != '' && !$users->select("[login='******']")) {
$errors['users_user_doesnt_exists'] = __('This user doesnt exist', 'users');
}
if (count($errors) == 0) {
// Get user
$user = $users->select("[login='******']", null);
// Generate new hash
$new_hash = Text::random('alnum', 12);
// Update user hash
$users->updateWhere("[login='******']", array('hash' => $new_hash));
<?php
if (Option::get('captcha_installed') == 'true') {
?>
<div class="form-group">
<label><?php
echo __('Captcha', 'users');
?>
</label>
<input type="text" name="answer" class="form-control"><?php
if (isset($errors['users_captcha_wrong'])) {
echo Html::nbsp(3) . '<span class="error">' . $errors['users_captcha_wrong'] . '</span>';
}
?>
<br>
<?php
CryptCaptcha::draw();
?>
</div>
<?php
}
?>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="<?php
echo __('Register', 'users');
?>
" name="register">
</div>
</form>
</div>
</div>
/**
* Get Password Reset
*/
public static function getPasswordReset()
{
// Is User Loged in ?
if (!Session::get('user_id')) {
$errors = array();
$site_url = Option::get('siteurl');
$site_name = Option::get('sitename');
// Reset Password from hash
if (Request::get('hash')) {
// Get user with specific hash
$user = Users::$users->select("[hash='" . Request::get('hash') . "']", null);
// If user exists
if (count($user) > 0 && $user['hash'] == Request::get('hash')) {
// Generate new password
$new_password = Text::random('alnum', 6);
// Update user profile
// Set new hash and new password
Users::$users->updateWhere("[login='******'login'] . "']", array('hash' => Text::random('alnum', 12), 'password' => Security::encryptPassword($new_password)));
$mail = new PHPMailer();
$mail->CharSet = 'utf-8';
$mail->ContentType = 'text/html';
$mail->SetFrom(Option::get('system_email'));
$mail->AddReplyTo(Option::get('system_email'));
$mail->AddAddress($user['email'], $user['login']);
$mail->Subject = __('Your new password for :site_name', 'users', array(':site_name' => $site_name));
$mail->MsgHTML(View::factory('box/emails/views/emails/email_layout')->assign('site_url', $site_url)->assign('site_name', $site_name)->assign('user_id', $user['id'])->assign('user_login', $user['login'])->assign('new_password', $new_password)->assign('email_template', 'new-password')->render());
$mail->Send();
// Set notification
Notification::set('success', __('New password has been sent', 'users'));
// Redirect to password-reset page
Request::redirect(Site::url() . '/users/login');
}
}
// Reset Password Form Submit
if (Request::post('reset_password_submit')) {
$user_login = trim(Request::post('login'));
// Check csrf
if (Security::check(Request::post('csrf'))) {
if (Option::get('captcha_installed') == 'true' && !CryptCaptcha::check(Request::post('answer'))) {
$errors['users_captcha_wrong'] = __('Captcha code is wrong', 'users');
}
if ($user_login == '') {
$errors['users_empty_field'] = __('Required field', 'users');
}
if ($user_login != '' && !Users::$users->select("[login='******']")) {
$errors['users_user_doesnt_exists'] = __('This user doesnt exist', 'users');
}
if (count($errors) == 0) {
// Get user
$user = Users::$users->select("[login='******']", null);
// Generate new hash
$new_hash = Text::random('alnum', 12);
// Update user hash
Users::$users->updateWhere("[login='******']", array('hash' => $new_hash));
$mail = new PHPMailer();
$mail->CharSet = 'utf-8';
$mail->ContentType = 'text/html';
$mail->SetFrom(Option::get('system_email'));
$mail->AddReplyTo(Option::get('system_email'));
$mail->AddAddress($user['email'], $user['login']);
$mail->Subject = __('Your login details for :site_name', 'users', array(':site_name' => $site_name));
$mail->MsgHTML(View::factory('box/emails/views/emails/email_layout')->assign('site_url', $site_url)->assign('site_name', $site_name)->assign('user_id', $user['id'])->assign('user_login', $user['login'])->assign('new_hash', $new_hash)->assign('email_template', 'reset-password')->render());
$mail->Send();
// Set notification
Notification::set('success', __('Your login details for :site_name has been sent', 'users', array(':site_name' => $site_name)));
// Redirect to password-reset page
Request::redirect(Site::url() . '/users/password-reset');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
View::factory('box/users/views/frontend/password_reset')->assign('errors', $errors)->assign('user_login', trim(Request::post('login')))->display();
}
}
