seeddms-code/op/op.PasswordForgotten.php

<?php
//    MyDMS. Document Management System
//    Copyright (C) 2002-2005 Markus Westphal
//    Copyright (C) 2006-2008 Malcolm Cowe
//    Copyright (C) 2010-2011 Uwe Steinmann
//
//    This program is free software; you can redistribute it and/or modify
//    it under the terms of the GNU General Public License as published by
//    the Free Software Foundation; either version 2 of the License, or
//    (at your option) any later version.
//
//    This program is distributed in the hope that it will be useful,
//    but WITHOUT ANY WARRANTY; without even the implied warranty of
//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//    GNU General Public License for more details.
//
//    You should have received a copy of the GNU General Public License
//    along with this program; if not, write to the Free Software
//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

include("../inc/inc.Settings.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Utils.php");
include("../inc/inc.Language.php");
include("../inc/inc.ClassSession.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassEmail.php");

function _printMessage($heading, $message) {

	UI::htmlStartPage($heading, "password");
	UI::globalBanner();
	UI::pageNavigation($heading);
	UI::contentContainer($message."<p><a href=\"../out/out.Login.php\">" . getMLText("login") . "</a></p>\n");
			UI::htmlEndPage();
	return;
}

if (isset($_POST["email"])) {
	$email = $_POST["email"];
}
if (isset($_POST["login"])) {
	$login = $_POST["login"];
}

if (empty($email) || empty($login)) {
	_printMessage(getMLText("email_error_title"),	"<p>".getMLText("email_not_given")."</p>\n".
		"<p><a href='".$settings->_httpRoot."out/out.PasswordForgotten.php'>".getMLText("back")."</a></p>\n");
	exit;
}

$user = $dms->getUserByLogin($login, $email);
if($user) {
	$hash = $dms->createPasswordRequest($user);
	$emailobj = new LetoDMS_Email();
	$subject = "###SITENAME###: ".getMLText("password_forgotten_email_subject");
	$message = str_replace('###HASH###', $hash, getMLText("password_forgotten_email_body"));
	
	$emailobj->sendPassword('', $user, $subject, $message);
}

_printMessage(getMLText("password_forgotten_title"), "<p>".getMLText("password_forgotten_send_hash")."</p>");
exit;
?>
- scripts for sending forgotten password 2011-10-07 16:22:05 +00:00			`<?php`
			`// MyDMS. Document Management System`
			`// Copyright (C) 2002-2005 Markus Westphal`
			`// Copyright (C) 2006-2008 Malcolm Cowe`
			`// Copyright (C) 2010-2011 Uwe Steinmann`
			`//`
			`// This program is free software; you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation; either version 2 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// This program is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with this program; if not, write to the Free Software`
			`// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.`

			`include("../inc/inc.Settings.php");`
			`include("../inc/inc.LogInit.php");`
			`include("../inc/inc.Utils.php");`
			`include("../inc/inc.Language.php");`
			`include("../inc/inc.ClassSession.php");`
			`include("../inc/inc.DBInit.php");`
			`include("../inc/inc.ClassUI.php");`
			`include("../inc/inc.ClassEmail.php");`

			`function _printMessage($heading, $message) {`

			`UI::htmlStartPage($heading, "password");`
			`UI::globalBanner();`
			`UI::pageNavigation($heading);`
- fixed to login page 2012-02-27 19:30:55 +00:00			`UI::contentContainer($message."<p><a href=\"../out/out.Login.php\">" . getMLText("login") . "</a></p>\n");`
- scripts for sending forgotten password 2011-10-07 16:22:05 +00:00			`UI::htmlEndPage();`
			`return;`
			`}`

			`if (isset($_POST["email"])) {`
- no need to sanitize login and email anymore 2011-12-01 21:30:11 +00:00			`$email = $_POST["email"];`
- scripts for sending forgotten password 2011-10-07 16:22:05 +00:00			`}`
			`if (isset($_POST["login"])) {`
- no need to sanitize login and email anymore 2011-12-01 21:30:11 +00:00			`$login = $_POST["login"];`
- scripts for sending forgotten password 2011-10-07 16:22:05 +00:00			`}`

			`if (empty($email) \|\| empty($login)) {`
			`_printMessage(getMLText("email_error_title"), "<p>".getMLText("email_not_given")."</p>\n".`
			`"<p><a href='".$settings->_httpRoot."out/out.PasswordForgotten.php'>".getMLText("back")."</a></p>\n");`
			`exit;`
			`}`

			`$user = $dms->getUserByLogin($login, $email);`
			`if($user) {`
- use new function to create password change request 2011-10-10 14:09:27 +00:00			`$hash = $dms->createPasswordRequest($user);`
- scripts for sending forgotten password 2011-10-07 16:22:05 +00:00			`$emailobj = new LetoDMS_Email();`
			`$subject = "###SITENAME###: ".getMLText("password_forgotten_email_subject");`
- use new function to create password change request 2011-10-10 14:09:27 +00:00			`$message = str_replace('###HASH###', $hash, getMLText("password_forgotten_email_body"));`
- scripts for sending forgotten password 2011-10-07 16:22:05 +00:00
			`$emailobj->sendPassword('', $user, $subject, $message);`
			`}`

- use new function to create password change request 2011-10-10 14:09:27 +00:00			`_printMessage(getMLText("password_forgotten_title"), "<p>".getMLText("password_forgotten_send_hash")."</p>");`
- scripts for sending forgotten password 2011-10-07 16:22:05 +00:00			`exit;`
			`?>`