{ $s = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./'; $salt = $s[rand(0, strlen($s) - 1)] . $s[rand(0, strlen($s) - 1)]; return crypt($passwd, $salt); } if (@$_REQUEST['username']) { mysql_connection_overwrite(USERS_DATABASE); $username = mysql_real_escape_string($_REQUEST['username']); $res = mysql_query('select ugr_ID,ugr_eMail,ugr_FirstName,ugr_Name from sysUGrps usr where usr.ugr_Name = "' . $username . '" or ugr_eMail = "' . $username . '"'); $row = mysql_fetch_assoc($res); $username = $row['ugr_Name']; $user_id = $row['ugr_ID']; $email = $row['ugr_eMail']; $firstname = $row['ugr_FirstName']; if ($user_id) { $new_passwd = generate_passwd(); mysql_query('update sysUGrps usr set ugr_Password = "******" where ugr_ID = ' . $user_id); $email_title = 'Password reset'; $email_text = "Dear " . $firstname . ",\n\n" . "Your Heurist password has been reset.\n\n" . "Your username is: " . $username . "\n" . "Your new password is: " . $new_passwd . "\n\n" . "To change your password go to Profile -> My User Info in the top right menu.\nYou will first be asked to log in with the new password above."; $email_header = 'From: ' . HEURIST_MAIL_TO_INFO; $rv = sendEmail($email, $email_title, $email_text, $email_header); if ($rv == "ok") { print '<p>Your password has been reset. You should receive an email shortly with your new password.</p>' . "\n"; } else { print '<p style="color: red;">' . $rv . '</p>' . "\n"; } } else { $error = '<p style="color: red;">Username does not exist</p>' . "\n"; } } if (!@$_REQUEST['username'] || @$error) {
/** * put your comment there... * * @param mixed $system * @param mixed $ugr_Name */ function user_ResetPassword($system, $username) { if ($username) { $mysqli = $system->get_mysqli(); $user = user_getByField($mysqli, 'ugr_Name', $username); if (null == $user) { $user = user_getByField($system->get_mysqli(), 'ugr_Name', $username); } if (null == $user) { $system->addError(HEURIST_NOT_FOUND, "It is not possible to recover password. Username / email, you specified, not found"); } else { //do not update password if mail is not enabled if (!checkSmtp()) { $system->addError(HEURIST_SYSTEM_CONFIG, 'Error_Mail_Recovery'); return false; } $new_passwd = generate_passwd(); $record = array("ugr_ID" => $user['ugr_ID'], "ugr_Password" => hash_it($new_passwd)); $res = mysql__insertupdate($mysqli, "sysUGrps", "ugr_", $record); if (is_numeric($res) > 0) { $email_title = 'Password reset'; $email_text = "Dear " . $user['ugr_FirstName'] . ",\n\n" . "Your Heurist password has been reset.\n\n" . "Your username is: " . $user['ugr_Name'] . "\n" . "Your new password is: " . $new_passwd . "\n\n" . "To change your password go to Profile -> My User Info in the top right menu.\nYou will first be asked to log in with the new password above."; $dbowner_Email = user_getDbOwner($mysqli, 'ugr_eMail'); $rv = sendEmail($user['ugr_eMail'], $email_title, $email_text, "From: " . $dbowner_Email); if ($rv == "ok") { return true; } else { $system->addError(HEURIST_SYSTEM_CONFIG, 'Error_Password_Reset', $rv); } } else { $system->addError(HEURIST_DB_ERROR, 'Cannot update record in database', $res); } } } else { $system->addError(HEURIST_INVALID_REQUEST, "Username / email not defined"); //INVALID_REQUEST } return false; }
// Main section if (isset($_REQUEST['searchPassword']) && !empty($emailTo)) { // search user with this email $sql = "SELECT `user_id` `uid` ,\n `nom` `lastName` ,\n `prenom` `firstName` ,\n `username` `loginName` ,\n `password` ,\n `email` ,\n `authSource` ,\n `creatorId`\n FROM `" . $tbl_user . "`\n WHERE LOWER(email) = '" . claro_sql_escape($emailTo) . "'"; $userList = claro_sql_query_fetch_all($sql); if (count($userList) > 0) { $allowedAuthSources = AuthDriverManager::getDriversAllowingLostPassword(); foreach ($userList as $user) { if (isset($allowedAuthSources[$user['authSource']])) { $passwordFound = true; if (get_conf('userPasswordCrypted', false)) { /* * If password are crypted, we can not send them as such. * We have to generate new ones. */ $user['password'] = generate_passwd(); // UPDATE THE DB WITH THE NEW GENERATED PASSWORD $sql = 'UPDATE `' . $tbl_user . '` SET `password` = "' . claro_sql_escape(md5($user['password'])) . '" WHERE `user_id` = "' . $user['uid'] . '"'; if (claro_sql_query($sql) === false) { trigger_error('<p align="center">' . get_lang('Wrong operation') . '</p>', E_USER_ERROR); } } // Build user account list for email $userAccountList[] = array('firstname' => $user['firstName'], 'lastname' => $user['lastName'], 'username' => $user['loginName'], 'password' => $user['password']); } else { $extAuthPasswordCount++; } } if ($passwordFound) {
//=== Connexion BDD connexionbdd(); //=== Récupération valeur formulaire $pseudo = mysql_real_escape_string($_POST['pseudo']); $mail = mysql_real_escape_string($_POST['mail']); //=== Requètes BDD $query = mysql_query('SELECT COUNT(*) AS nbr, id, pseudo, mail FROM Membres WHERE pseudo="' . $pseudo . '" GROUP BY id'); $query_result = mysql_fetch_assoc($query); //=== On teste si le visiteur a soumis le formulaire if (isset($_POST['submit']) && $_POST['submit'] == 'submit') { //=== Vérification si informations entrées existent if ($query_result['nbr'] == 1) { //=== Si: email entrée = email utilisateur if ($mail == $query_result['mail']) { //=== Génération du nouveau mot de passe $random_passwd = generate_passwd(10); $bdd_passwd = md5($random_passwd); //=== Enregistrement du nouveau mot de passe dans la bdd $query2 = 'UPDATE `Geekweb`.`Membres` SET `password` = "' . $bdd_passwd . '" WHERE `Membres`.`id` ="' . $query_result['id'] . '";'; mysql_query($query2) or die('Erreur SQL !' . $sql2 . '<br />' . mysql_error()); //=== Envoi du mail $to = $mail; $subject = 'Réinitialisation mot de passe Geekcloud!'; $message = "<html>\n\t\t\t\t\t\t\t <head>\n\t\t\t\t\t\t\t \t<title>Réinitialisation mot de passe</title>\n\t\t\t\t\t\t\t </head>\n\t\t\t\t\t\t\t\t<body>\n\t\t\t\t\t\t\t \tBonjour " . $pseudo . ",<br /><br />\n\t\t\t\t\t\t\t\t Vous venez de demander la réinitialisation de vote mot de passe.<br />\n\t\t\t\t\t\t\t\t Votre nouveau mot de passe est: <strong>" . $random_passwd . "</strong><br />\n\t\t\t\t\t\t\t\t N'oubliez pas de le changer !<br /><br />\n\t\t\t\t\t\t\t\t Cordialement<br />\n\t\t\t\t\t\t\t\t Razy69,<br />\n\t\t\t\t\t\t\t\t Webmaster de Geekcloud.fr\n\t\t\t\t\t\t\t\t</body>\n\t\t\t\t\t\t\t</html>"; $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= 'From: "Geekcloud" <*****@*****.**>' . "\r\n"; mail($to, $subject, $message, $headers); $informations = "<p style='font-weight: bold; color: green; padding-left: 30px'>Mot de passe réinitialisé</p>"; } else { $informations = "<p style='font-weight: bold; color: red; padding-left: 30px'>Erreur: L'adresse email ne correspond pas à celle de l'utilisateur.</p>";
} echo '<fieldset>' . "\n" . '<legend>' . get_lang('Database names') . '</legend>' . "\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="dbNameForm"><span class="required">*</span> ' . ($singleDbForm ? get_lang('Database name') : get_lang('Main database')) . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="dbNameForm" name="dbNameForm" value="' . claro_htmlspecialchars($dbNameForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' ' . $dbNameForm . '</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="mainTblPrefixForm">' . get_lang('Prefix for main tables') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="5" id="mainTblPrefixForm" name="mainTblPrefixForm" value="' . claro_htmlspecialchars($mainTblPrefixForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' ' . $mainTblPrefixForm . '</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n"; if (!$singleDbForm) { echo '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="dbStatsForm"><span class="required">*</span> ' . get_lang('Tracking database') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="dbStatsForm" name="dbStatsForm" value="' . claro_htmlspecialchars($dbStatsForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' ' . $dbStatsForm . '</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="statsTblPrefixForm">' . get_lang('Prefix for tracking tables') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="5" id="statsTblPrefixForm" name="statsTblPrefixForm" value="' . claro_htmlspecialchars($statsTblPrefixForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' ' . $statsTblPrefixForm . '</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<blockquote><small>' . "\n" . get_lang('Tracking tables are stored by default into the main Claroline database.') . '<br />' . get_lang('However, you can record tracking data into a separate database or set a specific prefix for tracking tables.') . "\n" . '</small></blockquote>' . "\n"; } echo '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="dbPrefixForm">' . ($singleDbForm ? get_lang('Prefix for course tables') : get_lang('Prefix for course databases')) . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="dbPrefixForm" name="dbPrefixForm" value="' . claro_htmlspecialchars($dbPrefixForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' ' . $dbPrefixForm . '</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n"; if (!$singleDbForm) { echo '<blockquote>' . "\n" . '<small>' . "\n" . '<strong>' . "\n" . get_lang('A database will be created for each course.') . "\n" . '</strong>' . "\n" . '<br />' . "\n" . get_lang('You can choose the prefix that will be used for these databases') . "\n" . '</small>' . "\n" . '</blockquote>' . "\n"; } echo '</fieldset>' . "\n\n" . '<small>' . get_lang('%requiredMark required field', array('%requiredMark' => '<span class="required">*</span>')) . '</small>' . "\n"; } elseif (DISP_ADMINISTRATOR_SETTING == $display) { echo '<input type="hidden" name="fromPanel" value="' . $display . '" />' . "\n" . '<h2>' . "\n" . get_lang('Step %step of %nb_step : %step_name', array('%step' => array_search(DISP_ADMINISTRATOR_SETTING, $panelSequence) + 1, '%nb_step' => count($panelSequence), '%step_name' => $panelTitle[DISP_ADMINISTRATOR_SETTING])) . '</h2>' . "\n"; if (is_array($missing_admin_data) || is_array($error_in_admin_data)) { echo '<div class="claroDialogBox boxError">' . "\n" . '<p>' . "\n" . '<strong>' . get_lang('Error') . '</strong> : ' . get_lang('Please enter missing information') . '</p>' . "\n" . '<p>' . "\n" . (is_array($missing_admin_data) ? 'Fill in ' . implode(', ', $missing_admin_data) . '<br />' : '') . (is_array($error_in_admin_data) ? 'Check ' . implode(', ', $error_in_admin_data) : '') . '</p>' . "\n" . '</div>' . "\n"; } echo '<fieldset>' . "\n" . '<legend>' . get_lang('Administrator details') . '</legend>' . "\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="loginForm"><span class="required">*</span> ' . get_lang('Login') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="loginForm" name="loginForm" value="' . claro_htmlspecialchars($loginForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' jdoe</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="passForm"><span class="required">*</span> ' . get_lang('Password') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="passForm" name="passForm" value="' . claro_htmlspecialchars($passForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . generate_passwd(8) . '</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="adminEmailForm"><span class="required">*</span> ' . get_lang('Email') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="adminEmailForm" name="adminEmailForm" value="' . claro_htmlspecialchars($adminEmailForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' jdoe@mydomain.net</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="adminNameForm"><span class="required">*</span> ' . get_lang('Last name') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="adminNameForm" name="adminNameForm" value="' . claro_htmlspecialchars($adminNameForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' Doe</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="adminSurnameForm"><span class="required">*</span> ' . get_lang('First name') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="adminSurnameForm" name="adminSurnameForm" value="' . claro_htmlspecialchars($adminSurnameForm) . '" />' . "\n" . '<span class="example">' . get_lang('e.g.') . ' John</span>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '</fieldset>' . "\n" . '<small>' . get_lang('%requiredMark required field', array('%requiredMark' => '<span class="required">*</span>')) . '</small>' . "\n"; } elseif (DISP_PLATFORM_SETTING == $display) { echo '<input type="hidden" name="fromPanel" value="' . $display . '" />' . "\n" . '<h2>' . "\n" . get_lang('Step %step of %nb_step : %step_name', array('%step' => array_search(DISP_PLATFORM_SETTING, $panelSequence) + 1, '%nb_step' => count($panelSequence), '%step_name' => $panelTitle[DISP_PLATFORM_SETTING])) . '</h2>' . "\n" . $msg_missing_platform_data . "\n" . '<fieldset>' . "\n" . '<legend>' . get_lang('Campus') . '</legend>' . "\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="campusForm"><span class="required">*</span> ' . get_lang('Name') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="campusForm" name="campusForm" value="' . claro_htmlspecialchars($campusForm) . '" />' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="urlForm"><span class="required">*</span> ' . get_lang('Absolute URL') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="urlForm" name="urlForm" value="' . claro_htmlspecialchars($urlForm) . '" />' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="courseRepositoryForm">' . get_lang('Path to courses repository (relative to the URL above)') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="courseRepositoryForm" name="courseRepositoryForm" value="' . claro_htmlspecialchars($courseRepositoryForm) . '" />' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="languageForm"><span class="required">*</span> ' . get_lang('Main language') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . claro_html_form_select('languageForm', $language_list, $languageForm, array('id' => 'languageForm')) . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="clmain_serverTimezone"><span class="required">*</span> ' . get_lang('Server timezone') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . claro_html_form_select('clmain_serverTimezone', get_timezone_list(), $clmain_serverTimezone, array('id' => 'clmain_serverTimezone')) . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '</fieldset>' . "\n\n" . '<fieldset>' . "\n" . '<legend>' . get_lang('User') . '</legend>' . "\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<span class="required">*</span> ' . "\n" . get_lang('Self-registration') . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="radio" id="allowSelfReg_1" name="allowSelfReg" value="1" ' . ($allowSelfReg ? 'checked' : '') . ' />' . "\n" . '<label for="allowSelfReg_1">' . get_lang('Enabled') . '</label>' . "\n" . '<br />' . "\n" . '<input type="radio" id="allowSelfReg_0" name="allowSelfReg" value="0" ' . ($allowSelfReg ? '' : 'checked') . ' />' . "\n" . '<label for="allowSelfReg_0">' . get_lang('Disabled') . '</label>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<span class="required">*</span> ' . "\n" . get_lang('Password storage') . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="radio" name="encryptPassForm" id="encryptPassForm_0" value="0" ' . ($encryptPassForm ? '' : 'checked') . ' />' . "\n" . '<label for="encryptPassForm_0">' . get_lang('Clear text') . '</label>' . "\n" . '<br />' . "\n" . '<input type="radio" name="encryptPassForm" id="encryptPassForm_1" value="1" ' . ($encryptPassForm ? 'checked' : '') . ' />' . "\n" . '<label for="encryptPassForm_1">' . get_lang('Encrypted') . '</label>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '</fieldset>' . "\n" . '<small>' . get_lang('%requiredMark required field', array('%requiredMark' => '<span class="required">*</span>')) . '</small>' . "\n"; } elseif (DISP_ADMINISTRATIVE_SETTING == $display) { echo '<input type="hidden" name="fromPanel" value="' . $display . '" /><h2>' . get_lang('Step %step of %nb_step : %step_name', array('%step' => array_search(DISP_ADMINISTRATIVE_SETTING, $panelSequence) + 1, '%nb_step' => count($panelSequence), '%step_name' => $panelTitle[DISP_ADMINISTRATIVE_SETTING])) . '</h2>' . "\n" . $msg_missing_administrative_data . '<fieldset>' . "\n" . '<legend>' . get_lang('Related organization') . '</legend>' . "\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="institutionForm">' . get_lang('Institution name') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="institutionForm" name="institutionForm" value="' . claro_htmlspecialchars($institutionForm) . '" />' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="institutionUrlForm">' . get_lang('Institution URL') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="institutionUrlForm" name="institutionUrlForm" value="' . claro_htmlspecialchars($institutionUrlForm) . '" />' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '</fieldset>' . "\n\n" . '<fieldset>' . "\n" . '<legend>' . get_lang('Campus contact') . '</legend>' . "\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="contactNameForm"><span class="required">*</span> ' . get_lang('Contact name') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="contactNameForm" name="contactNameForm" value="' . claro_htmlspecialchars($contactNameForm) . '"/>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="contactEmailForm"><span class="required">*</span> ' . get_lang('Contact email') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="contactEmailForm" name="contactEmailForm" value="' . claro_htmlspecialchars($contactEmailForm) . '"/>' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '<div class="row">' . "\n" . '<div class="rowTitle">' . "\n" . '<label for="contactPhoneForm">' . get_lang('Contact phone') . '</label>' . "\n" . '</div>' . "\n" . '<div class="rowField">' . "\n" . '<input type="text" size="30" id="contactPhoneForm" name="contactPhoneForm" value="' . claro_htmlspecialchars($contactPhoneForm) . '" />' . "\n" . '</div>' . "\n" . '</div>' . "\n\n" . '</fieldset>' . "\n" . '<small>' . get_lang('%requiredMark required field', array('%requiredMark' => '<span class="required">*</span>')) . '</small>' . "\n"; } elseif (DISP_LAST_CHECK_BEFORE_INSTALL == $display) { $pathForm = str_replace("\\\\", "/", $pathForm); //echo "pathForm $pathForm"; echo '<input type="hidden" name="fromPanel" value="' . $display . '" />' . "\n" . '<h2>' . get_lang('Step %step of %nb_step : %step_name', array('%step' => array_search(DISP_LAST_CHECK_BEFORE_INSTALL, $panelSequence) + 1, '%nb_step' => count($panelSequence), '%step_name' => $panelTitle[DISP_LAST_CHECK_BEFORE_INSTALL])) . '</h2>' . "\n" . '<p>' . "\n" . get_lang('Please check the values you entered.') . '<br />' . "\n" . get_lang('Print this page to keep your administrator password and other settings.') . "\n" . '</p>' . "\n" . '<fieldset>' . "\n" . '<legend>' . $panelTitle[DISP_DB_CONNECT_SETTING] . '</legend>' . "\n" . '<table class="checkList">' . "\n\n" . '<tr class="checkSubTitle">' . '<th colspan="2">' . get_lang('Mysql connection parameters') . '</th>' . '</tr>' . "\n" . '<tr class="check">' . "\n" . '<td class="checkTitle">' . "\n" . get_lang('Database host') . ' : ' . "\n" . '</td>' . "\n" . '<td class="checkValue">' . "\n" . claro_htmlspecialchars($dbHostForm) . '</td>' . "\n" . '</tr>' . "\n\n" . '<tr class="check">' . "\n" . '<td class="checkTitle">' . "\n" . get_lang('Database username') . ' : ' . "\n" . '</td>' . "\n" . '<td class="checkValue">' . "\n" . claro_htmlspecialchars($dbUsernameForm) . '</td>' . "\n" . '</tr>' . "\n\n" . '<tr class="check">' . "\n" . '<td class="checkTitle">' . "\n" . get_lang('Database password') . ' : ' . "\n" . '</td>' . "\n" . '<td class="checkValue">' . "\n" . claro_htmlspecialchars(empty($dbPassForm) ? '--empty--' : $dbPassForm) . '</td>' . "\n" . '</tr>' . "\n\n" . '</table>' . "\n\n" . '<table class="checkList">' . "\n\n" . '<tr class="checkSubTitle">' . '<th colspan="2">' . get_lang('Database usage') . '</th>' . '<tr>' . "\n" . '<tr class="check">' . "\n" . '<td class="checkTitle">' . "\n" . get_lang('Database mode') . ' : ' . "\n" . '</td>' . "\n" . '<td class="checkValue">' . "\n" . ($singleDbForm ? get_lang('Single') : get_lang('Multi')) . '</td>' . "\n" . '</tr>' . "\n\n" . '</table>' . "\n\n" . '</fieldset>' . "\n" . '<fieldset>' . "\n" . '<legend>' . $panelTitle[DISP_DB_NAMES_SETTING] . '</legend>' . "\n" . '<table class="checkList">' . "\n\n" . '<tr class="check">' . "\n" . '<td class="checkTitle">' . "\n" . get_lang('Main database') . ' : ' . "\n" . '</td>' . "\n" . '<td class="checkValue">' . "\n" . claro_htmlspecialchars($dbNameForm) . '</td>' . "\n" . '</tr>' . "\n\n" . '<tr class="check">' . "\n" . '<td class="checkTitle">' . "\n" . get_lang('Tracking database') . ' : ' . "\n" . '</td>' . "\n" . '<td class="checkValue">' . "\n" . claro_htmlspecialchars($dbStatsForm) . '</td>' . "\n" . '</tr>' . "\n\n" . '</table>' . "\n\n" . '<table class="checkList">' . "\n\n" . '<tr class="checkSubTitle">' . '<th colspan="2">' . get_lang('Table prefixes') . '</th>' . '<tr>' . "\n"; if ('' != $mainTblPrefixForm) { echo '<tr class="check">' . "\n" . '<td class="checkTitle">' . "\n" . get_lang('Main tables') . ' : ' . "\n" . '</td>' . "\n" . '<td class="checkValue">' . "\n" . claro_htmlspecialchars($mainTblPrefixForm) . '</td>' . "\n" . '</tr>' . "\n\n"; } if ('' != $statsTblPrefixForm) { echo '<tr class="check">' . "\n" . '<td class="checkTitle">' . "\n" . get_lang('Tracking tables') . ' : ' . "\n" . '</td>' . "\n" . '<td class="checkValue">' . "\n" . claro_htmlspecialchars($statsTblPrefixForm) . '</td>' . "\n" . '</tr>' . "\n\n"; } if ('' != $dbPrefixForm) {
/** * Validate user form. * * @author Hugues Peeters <*****@*****.**> * @author Frederic Minne <*****@*****.**> * @param string $mode 'registration' or 'profile' or 'admin_user_profile' * @param array $data to fill the form * @param int $userId (optional) id of the user account currently edited * @return array with error messages */ function user_validate_form($formMode, $data, $userId = null) { require_once dirname(__FILE__) . '/datavalidator.lib.php'; if (empty($userId) || claro_is_platform_admin()) { $editableFields = array('name', 'official_code', 'login', 'password', 'email', 'phone', 'language', 'picture', 'skype'); if (claro_is_platform_admin()) { $editableFields[] = 'authSource'; } } else { // $editableFields = get_conf('profile_editable'); $editableFields = AuthProfileManager::getUserAuthProfile($userId)->getEditableProfileFields(); } $validator = new DataValidator(); $validator->setDataList($data); if (in_array('name', $editableFields)) { $validator->addRule('lastname', get_lang('You left some required fields empty'), 'required'); $validator->addRule('firstname', get_lang('You left some required fields empty'), 'required'); } if (in_array('login', $editableFields)) { $validator->addRule('username', get_lang('You left some required fields empty'), 'required'); $validator->addRule('username', get_lang('Username is too long (maximum 60 characters)'), 'maxlength', 60); } if (in_array('email', $editableFields) && !get_conf('userMailCanBeEmpty')) { $validator->addRule('email', get_lang('You left some required fields empty'), 'required'); } if (in_array('official_code', $editableFields) && !get_conf('userOfficialCodeCanBeEmpty')) { $validator->addRule('officialCode', get_lang('You left some required fields empty'), 'required'); } if (in_array('password', $editableFields) && (array_key_exists('password', $data) || array_key_exists('password_conf', $data))) { if ($formMode != 'registration' && $formMode != 'admin_user_profile') { $userProperties = user_get_properties($userId); $validator->addRule('old_password', get_lang('You left some required fields empty'), 'required'); $validator->addRule('old_password', get_lang('Old password is wrong'), 'user_check_authentication', array($userProperties['username'])); } if (get_conf('SECURE_PASSWORD_REQUIRED')) { $validator->addRule('password', get_lang('This password is too simple or too close to the username, first name or last name.<br> Use a password like this <code>%passProposed</code>', array('%passProposed' => generate_passwd())), 'is_password_secure_enough', array(array($data['username'], $data['officialCode'], $data['lastname'], $data['firstname'], $data['email']))); } $validator->addRule('password', get_lang('You typed two different passwords'), 'compare', $data['password_conf']); } $validator->addRule('email', get_lang('The email address is not valid'), 'email'); if ('registration' == $formMode) { $validator->addRule('password_conf', get_lang('You left some required fields empty'), 'required'); $validator->addRule('officialCode', get_lang('This official code is already used by another user.'), 'is_official_code_available'); $validator->addRule('username', get_lang('This username is already taken'), 'is_username_available'); $validator->addRule('password', get_lang('You left some required fields empty'), 'required'); } else { // FIX for the empty password issue if (!empty($data['password']) || !empty($data['password_conf'])) { $validator->addRule('password', get_lang('You left some required fields empty'), 'required'); } $validator->addRule('officialCode', get_lang('This official code is already used by another user.'), 'is_official_code_available', $userId); $validator->addRule('username', get_lang('This username is already taken'), 'is_username_available', $userId); } if ($validator->validate()) { return array(); } else { return array_unique($validator->getErrorList()); } }