public function changePassword($request)
{
$request = new Vtiger_Request($request);
$viewer = Vtiger_Viewer::getInstance();
$userName = $request->get('username');
$newPassword = $request->get('password');
$confirmPassword = $request->get('confirmPassword');
$shortURLID = $request->get('shorturl_id');
$secretHash = $request->get('secret_hash');
$shortURLModel = Vtiger_ShortURL_Helper::getInstance($shortURLID);
$secretToken = $shortURLModel->handler_data['secret_token'];
$validateData = array('username' => $userName, 'secret_token' => $secretToken, 'secret_hash' => $secretHash);
$valid = $shortURLModel->compareEquals($validateData);
if ($valid) {
$userId = getUserId_Ol($userName);
$user = Users::getActiveAdminUser();
$wsUserId = vtws_getWebserviceEntityId('Users', $userId);
vtws_changePassword($wsUserId, '', $newPassword, $confirmPassword, $user);
} else {
$viewer->assign('ERROR', true);
}
$shortURLModel->delete();
$viewer->assign('USERNAME', $userName);
$viewer->assign('PASSWORD', $newPassword);
$viewer->view('FPLogin.tpl', 'Users');
}
public function requestForgotPassword($request)
{
$request = new Vtiger_Request($request);
$adb = PearDatabase::getInstance();
$username = vtlib_purify($request->get('user_name'));
$result = $adb->pquery('select id,email1 from vtiger_users where user_name = ? ', array($username));
if ($adb->num_rows($result) > 0) {
$email = $adb->query_result($result, 0, 'email1');
}
if (strcasecmp($request->get('emailId'), $email) === 0) {
$userId = $adb->query_result($result, 0, 'id');
$time = time();
$options = array('handler_path' => 'modules/Users/handlers/ForgotPassword.php', 'handler_class' => 'Users_ForgotPassword_Handler', 'handler_function' => 'changePassword', 'handler_data' => array('username' => $username, 'email' => $email, 'time' => $time, 'hash' => md5($username . $time)));
$trackURL = Vtiger_ShortURL_Helper::generateURL($options);
$data = ['sysname' => 'UsersForgotPassword', 'to_email' => $email, 'module' => 'Users', 'record' => $userId, 'trackURL' => $trackURL];
$recordModel = Vtiger_Record_Model::getCleanInstance('OSSMailTemplates');
$status = $recordModel->sendMailFromTemplate($data);
$site_URL = vglobal('site_URL') . 'index.php?modules=Users&view=Login';
if ($status === 1) {
header('Location: ' . $site_URL . '&status=1');
} else {
header('Location: ' . $site_URL . '&statusError=1');
}
} else {
$site_URL = vglobal('site_URL') . 'index.php?modules=Users&view=Login';
header('Location: ' . $site_URL . '&fpError=1');
}
}
public function changePassword($data)
{
global $site_URL;
$request = new Vtiger_Request($data);
$userName = $request->get('username');
$viewer = Vtiger_Viewer::getInstance();
$companyModel = Vtiger_CompanyDetails_Model::getInstanceById();
$companyName = $companyModel->get('organizationname');
$organisationDetails = $companyModel->getLogo();
$logoTitle = $organisationDetails->get('title');
$logoName = $organisationDetails->get('imagename');
$moduleName = 'Users';
$viewer->assign('LOGOURL', $site_URL . '/test/logo/' . $logoName);
$viewer->assign('TITLE', $logoTitle);
$viewer->assign('COMPANYNAME', $companyName);
$viewer->assign('USERNAME', $userName);
$changePasswordTrackUrl = $site_URL . "/modules/Users/actions/ForgotPassword.php";
$viewer->assign('TRACKURL', $changePasswordTrackUrl);
$expiryTime = (int) $request->get('time') + 24 * 60 * 60;
$currentTime = time();
if ($expiryTime > $currentTime) {
$secretToken = uniqid();
$secretHash = md5($userName . $secretToken);
$options = array('handler_path' => 'modules/Users/handlers/ForgotPassword.php', 'handler_class' => 'Users_ForgotPassword_Handler', 'handler_function' => 'changePassword', 'onetime' => 1, 'handler_data' => array('username' => $userName, 'secret_token' => $secretToken, 'secret_hash' => $secretHash));
$trackURL = Vtiger_ShortURL_Helper::generateURL($options);
$shortURLID = explode('id=', $trackURL);
$viewer->assign('SHORTURL_ID', $shortURLID[1]);
$viewer->assign('SECRET_HASH', $secretHash);
} else {
$viewer->assign('LINK_EXPIRED', true);
}
$viewer->assign('TRACKURL', $changePasswordTrackUrl);
$viewer->assign('MODULE', $moduleName);
$viewer->view('ForgotPassword.tpl', $moduleName);
}
public function process(Vtiger_Request $request)
{
$qfmwmxy = "id";
${"GLOBALS"}["btyrupplv"] = "sql";
global $current_user;
${${"GLOBALS"}["wqxksqquocx"]} = PearDatabase::getInstance();
${"GLOBALS"}["axveas"] = "id";
${"GLOBALS"}["vymwlrnohoih"] = "trackURL";
$fgwvunwio = "options";
${${"GLOBALS"}["btyrupplv"]} = "INSERT INTO vtiger_wf_http_limits SET name = 'NEW', created = NOW()";
$nyooqkgs = "options";
$kksnpkt = "sql";
$adb->query(${$kksnpkt});
${"GLOBALS"}["aakvfh"] = "trackURL";
${${"GLOBALS"}["byiaudbd"]} = $adb->getLastInsertID();
${$fgwvunwio} = array("handler_path" => "modules/Workflow2/HTTPHandler.php", "handler_class" => "Workflow2_HTTPHandler_Handler", "handler_function" => "handle", "handler_data" => array("handlerid" => ${${"GLOBALS"}["byiaudbd"]}));
${"GLOBALS"}["pxtwwt"] = "sql";
${${"GLOBALS"}["aakvfh"]} = Vtiger_ShortURL_Helper::generateURL(${$nyooqkgs});
${${"GLOBALS"}["pxtwwt"]} = "UPDATE vtiger_wf_http_limits SET name = 'Limit " . ${${"GLOBALS"}["byiaudbd"]} . "', url = '" . ${${"GLOBALS"}["vymwlrnohoih"]} . "' WHERE id = " . ${${"GLOBALS"}["axveas"]};
$adb->query(${${"GLOBALS"}["diwunqef"]}, true);
echo json_encode(array("id" => ${$qfmwmxy}));
}
require_once 'include/utils/utils.php';
require_once 'include/utils/VtlibUtils.php';
require_once 'modules/Emails/class.phpmailer.php';
require_once 'modules/Emails/mail.php';
require_once 'modules/Vtiger/helpers/ShortURL.php';
global $adb;
$adb = PearDatabase::getInstance();
if (isset($_REQUEST['user_name']) && isset($_REQUEST['emailId'])) {
$username = vtlib_purify($_REQUEST['user_name']);
$result = $adb->pquery('select email1 from vtiger_users where user_name= ? ', array($username));
if ($adb->num_rows($result) > 0) {
$email = $adb->query_result($result, 0, 'email1');
}
if (vtlib_purify($_REQUEST['emailId']) == $email) {
$options = array('handler_path' => 'modules/Users/ForgotPassword.php', 'handler_class' => 'Users_ForgotPassword_Handler', 'handler_function' => 'changePassword', 'handler_data' => array('username' => $username, 'email' => $email));
$trackURL = Vtiger_ShortURL_Helper::generateURL($options);
$contents = 'Hi ' . $username . ', <br>
This email was sent to you as you submitted the request to change password for Vtiger CRM.<br>
Please follow this link to reset your password. <br><br>' . $trackURL;
$mail = new PHPMailer();
setMailerProperties($mail, 'Request : ForgotPassword - vtigercrm', $contents, '*****@*****.**', $username, $email);
$status = MailSend($mail);
if ($status === 1) {
header('Location: index.php?modules=Users&view=Login&status=1');
} else {
header('Location: index.php?modules=Users&view=Login&statusError=1');
}
} else {
header('Location: index.php?modules=Users&view=Login&fpError=1');
}
}
public function process(Vtiger_Request $request)
{
$zadczamouyb = "edit_id";
$gyptqsaidi = "adb";
$ceiqykw = "sql";
${"GLOBALS"}["olrlugec"] = "qualifiedModuleName";
global $current_user;
${"GLOBALS"}["lrnouxxjrd"] = "viewer";
$sfizrxy = "limitData";
global $root_directory;
${$gyptqsaidi} = PearDatabase::getInstance();
$ekjgyesyrx = "result";
${${"GLOBALS"}["isakgdp"]} = $request->getModule();
$jpylglnvcgsi = "result";
$deepnfi = "sql";
${${"GLOBALS"}["olrlugec"]} = $request->getModule(false);
$eenfoxcyhi = "result";
${"GLOBALS"}["oemsbrrtpyc"] = "limitData";
${${"GLOBALS"}["lrnouxxjrd"]} = $this->getViewer(${${"GLOBALS"}["sbpoidvdt"]});
${"GLOBALS"}["slngnjh"] = "limitData";
$jvqirbs = "values";
$xqoeynh = "qualifiedModuleName";
${"GLOBALS"}["glafouj"] = "sql";
${$zadczamouyb} = (int) $request->get("edit_id");
${${"GLOBALS"}["yuqzuplby"]} = "SELECT * FROM vtiger_wf_http_limits WHERE id = " . ${${"GLOBALS"}["ubnppvu"]};
${$jpylglnvcgsi} = $adb->query(${$ceiqykw});
$jhfexchyvq = "ips";
${"GLOBALS"}["ixpsmpdnlx"] = "sql";
${${"GLOBALS"}["rxcectzb"]} = $adb->fetchByAssoc(${$eenfoxcyhi});
if (empty(${${"GLOBALS"}["rxcectzb"]}["url"])) {
$korfqywfnwo = "options";
${"GLOBALS"}["eorqbbesrcuf"] = "sql";
${"GLOBALS"}["kkezvon"] = "edit_id";
$upbfhiglk = "trackURL";
$vjwgfahry = "options";
${"GLOBALS"}["diowcomu"] = "trackURL";
${$korfqywfnwo} = array("handler_path" => "modules/Workflow2/HTTPHandler.php", "handler_class" => "Workflow2_HTTPHandler_Handler", "handler_function" => "handle", "handler_data" => array("handlerid" => ${${"GLOBALS"}["ubnppvu"]}));
${$upbfhiglk} = Vtiger_ShortURL_Helper::generateURL(${$vjwgfahry});
${${"GLOBALS"}["yuqzuplby"]} = "UPDATE vtiger_wf_http_limits SET url = '" . ${${"GLOBALS"}["diowcomu"]} . "' WHERE id = " . ${${"GLOBALS"}["kkezvon"]};
$adb->query(${${"GLOBALS"}["eorqbbesrcuf"]});
}
${"GLOBALS"}["eeqzvfhy"] = "workflows";
$jxfkzjahbrm = "row";
${$deepnfi} = "SELECT vtiger_wf_http_limits_value.*, vtiger_wf_settings.title 'wf_title' FROM\n vtiger_wf_http_limits_value\n LEFT JOIN vtiger_wf_settings ON(vtiger_wf_settings.id = vtiger_wf_http_limits_value.value)\n WHERE limit_id = " . ${${"GLOBALS"}["oemsbrrtpyc"]}["id"];
${"GLOBALS"}["foipcnwvk"] = "resultTMP";
${"GLOBALS"}["qoshqtv"] = "ip";
${${"GLOBALS"}["whxpfefmyemn"]} = $adb->query(${${"GLOBALS"}["yuqzuplby"]}, true);
${${"GLOBALS"}["ehfbncujijkz"]} = array();
while (${${"GLOBALS"}["qoshqtv"]} = $adb->fetchByAssoc(${${"GLOBALS"}["foipcnwvk"]})) {
${"GLOBALS"}["qzsvjkubulu"] = "ip";
${"GLOBALS"}["brnndqtbt"] = "ip";
${${"GLOBALS"}["ehfbncujijkz"]}[${${"GLOBALS"}["qzsvjkubulu"]}["mode"]][] = ${${"GLOBALS"}["brnndqtbt"]}["value"];
}
${${"GLOBALS"}["kmujinixnb"]} = array();
${${"GLOBALS"}["yuqzuplby"]} = "SELECT * FROM vtiger_wf_trigger WHERE custom = 1 AND deleted = 0 ORDER BY label";
${${"GLOBALS"}["ltyrtnjbg"]} = $adb->query(${${"GLOBALS"}["ixpsmpdnlx"]});
while (${$jxfkzjahbrm} = $adb->fetchByAssoc(${${"GLOBALS"}["ltyrtnjbg"]})) {
${"GLOBALS"}["ufnrdbdvyve"] = "trigger";
$zvmlwnjjxdx = "row";
$unuxmbijig = "row";
${${"GLOBALS"}["ufnrdbdvyve"]}[${$zvmlwnjjxdx}["key"]] = ${$unuxmbijig}["label"];
}
${${"GLOBALS"}["eeqzvfhy"]} = array();
${"GLOBALS"}["hfufbu"] = "result";
${${"GLOBALS"}["yuqzuplby"]} = "SELECT * FROM vtiger_wf_settings WHERE active = 1 ORDER BY title";
${${"GLOBALS"}["hfufbu"]} = $adb->query(${${"GLOBALS"}["yuqzuplby"]});
while (${${"GLOBALS"}["exglstnbf"]} = $adb->fetchByAssoc(${$ekjgyesyrx})) {
${"GLOBALS"}["rulxxpdv"] = "row";
${${"GLOBALS"}["olxsjd"]}[${${"GLOBALS"}["exglstnbf"]}["id"]] = ${${"GLOBALS"}["rulxxpdv"]}["id"] . " - " . ${${"GLOBALS"}["exglstnbf"]}["title"];
}
${${"GLOBALS"}["glafouj"]} = "SELECT * FROM vtiger_wf_http_limits_ips WHERE limit_id = " . ${$sfizrxy}["id"];
${${"GLOBALS"}["whxpfefmyemn"]} = $adb->query(${${"GLOBALS"}["yuqzuplby"]}, true);
${$jhfexchyvq} = array();
${"GLOBALS"}["rysubfwnneub"] = "trigger";
while (${${"GLOBALS"}["jcvuevuyl"]} = $adb->fetchByAssoc(${${"GLOBALS"}["whxpfefmyemn"]})) {
$lprwpsxfye = "ips";
${$lprwpsxfye}[] = ${${"GLOBALS"}["jcvuevuyl"]}["ip"];
}
$viewer->assign("ips", ${${"GLOBALS"}["bdpyrvsbfr"]});
$viewer->assign("editId", ${${"GLOBALS"}["ubnppvu"]});
$viewer->assign("limitData", ${${"GLOBALS"}["slngnjh"]});
$viewer->assign("values", ${$jvqirbs});
$viewer->assign("trigger", ${${"GLOBALS"}["rysubfwnneub"]});
$viewer->assign("workflows", ${${"GLOBALS"}["olxsjd"]});
echo $viewer->view("HttpHandlerEditor.tpl", ${$xqoeynh}, true);
}
<?php
/*+***********************************************************************************
* The contents of this file are subject to the vtiger CRM Public License Version 1.0
* ("License"); You may not use this file except in compliance with the License
* The Original Code is: vtiger CRM Open Source
* The Initial Developer of the Original Code is vtiger.
* Portions created by vtiger are Copyright (C) vtiger.
* All Rights Reserved.
*************************************************************************************/
//Overrides GetRelatedList : used to get related query
//TODO : Eliminate below hacking solution
require_once 'config/config.php';
require_once 'config/debug.php';
require_once 'config/performance.php';
require_once 'include/ConfigUtils.php';
include_once 'include/Webservices/Relation.php';
include_once 'vtlib/Vtiger/Module.php';
include_once dirname(__FILE__) . '/include/Loader.php';
vimport('include.runtime.EntryPoint');
Vtiger_ShortURL_Helper::handle(vtlib_purify($_REQUEST['id']));
