summaryrefslogtreecommitdiff
path: root/remind_password.php
blob: 9ea045d91b0bb1dfc06e5ca0ad59e7071f58deca (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

<?php
/**
 * password reminder
 *
 * @copyright (c) 2004-15 bitweaver.org
 *
 * @package users
 * @subpackage functions
 */

/**
 * required setup
 */
use Bitweaver\KernelTools;

require_once '../kernel/includes/setup_inc.php';

$gBitSystem->verifyFeature( 'users_forgot_pass' );

$pageTitle = KernelTools::tra( 'Request Password Reminder' );

if( $gBitUser->isRegistered() ) {
	header( 'Location: '.BIT_ROOT_URL );
	die;
} elseif (isset($_REQUEST["remind"])) {
	$userInfo = '';
	$_REQUEST["username"] = strip_tags( urldecode( $_REQUEST["username"]) );
	$pLogin = trim( $_REQUEST["username"] );
	if ( strlen ( $pLogin ) ) {
		$loginCol = strpos( $pLogin, '@' ) ? 'email' : 'login';
		$userInfo = $gBitUser->getUserInfo( [ $loginCol => $pLogin ] );
	}
	if( $userInfo ) {
		$pass = $gBitUser->genPass();
		[ $pass, $provpass ] = $gBitUser->createTempPassword( $_REQUEST["username"], $pass );
		$gBitSmarty->assign( 'mailProvPass', $provpass );
		$gBitSmarty->assign( 'mailUserId', $userInfo['user_id'] );
		$pageTitle = KernelTools::tra( 'Change Your Password' );
		$tmp['success'] = KernelTools::tra("Information to change your password has been sent to the registered email address for")." " . $_REQUEST["username"] . ".";

		$gBitSmarty->assign('mail_user', $userInfo[$loginCol]);
		$gBitSmarty->assign('mail_pass', $pass);
		$gBitSmarty->assign('linkUri', $gBitSystem->isFeatureActive("site_https_login_required") ? 'https://'.$_SERVER['HTTP_HOST'].USERS_PKG_URL : USERS_PKG_URI );
		$mail_data = $gBitSmarty->fetch('bitpackage:users/password_reminder.tpl');
		$subject = KernelTools::tra( "Your password for" ).": ".$gBitSystem->getConfig( 'site_title', $_SERVER['HTTP_HOST'] );
		mail( $userInfo['email'], $subject, $mail_data, "From: ".$gBitSystem->getConfig( 'site_sender_email' )."\nContent-type: text/plain;charset=utf-8\n");
		// Just show "success" message and no form
	} else {
		// Show error message (and leave form visible so user can fix problem)
		$gBitSmarty->assign('showmsg', 'e');
		$tmp['error'] = KernelTools::tra("Invalid or unknown username").": ".$_REQUEST["username"];
	}
	$gBitSmarty->assign('msg', $tmp);
}
// Display the template
$gBitSystem->display( 'bitpackage:users/remind_password.tpl', $pageTitle, [ 'display_mode' => 'display' ]);
generated by cgit v1.3 (git 2.53.0) at 2026-06-29 19:36:18 +0000