/phpmyfaq/admin/password.php

https://github.com/max-koehler/phpMyFAQ · PHP · 145 lines · 83 code · 23 blank · 39 comment · 16 complexity · b9637503ddddbdc7efa31d496b747586 MD5 · raw file 

    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Reset a forgotten password to a new one.
    4. 

  4.  *
    5. 

  5.  * @package    phpMyFAQ
    6. 

  6.  * @subpackage Administration 
    7. 

  7.  * @author     Thorsten Rinne <thorsten@phpmyfaq.de>
    8. 

  8.  * @since      2004-05-11
    9. 

  9.  * @version    SVN: $Id$ 
    10. 

  10.  * @copyright  2004-2009 phpMyFAQ Team
    11. 

  11.  *
    12. 

  12.  * The contents of this file are subject to the Mozilla Public License
    13. 

  13.  * Version 1.1 (the "License"); you may not use this file except in
    14. 

  14.  * compliance with the License. You may obtain a copy of the License at
    15. 

  15.  * http://www.mozilla.org/MPL/
    16. 

  16.  *
    17. 

  17.  * Software distributed under the License is distributed on an "AS IS"
    18. 

  18.  * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
    19. 

  19.  * License for the specific language governing rights and limitations
    20. 

  20.  * under the License.
    21. 

  21.  */
    22. 

  22. 

  23. define('PMF_ROOT_DIR', dirname(dirname(__FILE__)));
    24. 

  24. 

  25. //
    26. 

  26. // Check if config/database.php exist -> if not, redirect to installer
    27. 

  27. //
    28. 

  28. if (!file_exists(PMF_ROOT_DIR . '/config/database.php')) {
    29. 

  29.     header("Location: ".str_replace('admin/index.php', '', $_SERVER["PHP_SELF"])."install/setup.php");
    30. 

  30.     exit();
    31. 

  31. }
    32. 

  32. 

  33. //
    34. 

  34. // Define the named constant used as a check by any included PHP file
    35. 

  35. //
    36. 

  36. define('IS_VALID_PHPMYFAQ_ADMIN', null);
    37. 

  37. 

  38. //
    39. 

  39. // Autoload classes, prepend and start the PHP session
    40. 

  40. //
    41. 

  41. require_once PMF_ROOT_DIR.'/inc/Init.php';
    42. 

  42. PMF_Init::cleanRequest();
    43. 

  43. session_name(PMF_COOKIE_NAME_AUTH.trim($faqconfig->get('main.phpMyFAQToken')));
    44. 

  44. session_start();
    45. 

  45. 

  46. //
    47. 

  47. // get language (default: english)
    48. 

  48. //
    49. 

  49. $Language = new PMF_Language();
    50. 

  50. $LANGCODE = $Language->setLanguage($faqconfig->get('main.languageDetection'), $faqconfig->get('main.language'));
    51. 

  51. 

  52. // Preload English strings
    53. 

  53. require_once PMF_ROOT_DIR.'/lang/language_en.php';
    54. 

  54. 

  55. if (isset($LANGCODE) && PMF_Language::isASupportedLanguage($LANGCODE)) {
    56. 

  56.     // Overwrite English strings with the ones we have in the current language
    57. 

  57.     require_once PMF_ROOT_DIR.'/lang/language_'.$LANGCODE.'.php';
    58. 

  58. } else {
    59. 

  59.     $LANGCODE = 'en';
    60. 

  60. }
    61. 

  61. 

  62. //
    63. 

  63. // Initalizing static string wrapper
    64. 

  64. //
    65. 

  65. PMF_String::init($LANGCODE);
    66. 

  66. 

  67. /* header of the admin page */
    68. 

  68. require_once ("header.php");
    69. 

  69. ?>
    70. 

  70. </div>
    71. 

  71. <div id="bodyText">
    72. 

  72. <?php
    73. 

  73. 

  74. $action = PMF_Filter::filterInput(INPUT_GET, 'action', FILTER_SANITIZE_STRING);
    75. 

  75. 

  76. if ($action == "sendmail") {
    77. 

  77. 	
    78. 

  78. 	$username = PMF_Filter::filterInput(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
    79. 

  79. 	$email    = PMF_Filter::filterInput(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
    80. 

  80. 	
    81. 

  81.         if (!is_null($username) && !is_null($email)) {
    82. 

  82. 

  83.             $user       = new PMF_User_CurrentUser();
    84. 

  84.             $loginExist = $user->getUserByLogin($username);
    85. 

  85. 

  86.             if ($loginExist && ($email == $user->getUserData('email'))) {
    87. 

  87.                 $consonants = array(
    88. 

  88.                     'b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z'
    89. 

  89.                 );
    90. 

  90.                 $vowels = array(
    91. 

  91.                     'a','e','i','o','u'
    92. 

  92.                 );
    93. 

  93.                 $newPassword = '';
    94. 

  94.                 srand((double)microtime()*1000000);
    95. 

  95.                 for ($i = 1; $i <= 4; $i++) {
    96. 

  96.                     $newPassword .= $consonants[rand(0,19)];
    97. 

  97.                     $newPassword .= $vowels[rand(0,4)];
    98. 

  98.                 }
    99. 

  99.                 $user->changePassword($newPassword);
    100. 

  100.                 $text = $PMF_LANG['lostpwd_text_1']."\nUsername: ".$username."\nNew Password: ".$newPassword."\n\n".$PMF_LANG["lostpwd_text_2"];
    101. 

  101. 

  102.                 $mail = new PMF_Mail();
    103. 

  103.                 $mail->addTo($email);
    104. 

  104.                 $mail->subject = '[%sitename%] Username / password request';
    105. 

  105.                 $mail->message = $text;
    106. 

  106.                 $result = $mail->send();
    107. 

  107.                 unset($mail);
    108. 

  108.                 // Trust that the email has been sent
    109. 

  109.                 print $PMF_LANG["lostpwd_mail_okay"];
    110. 

  110.                 print "<p><img src=\"images/arrow.gif\" width=\"11\" height=\"11\" alt=\"".$PMF_LANG["ad"]."\" border=\"0\" /> <a href=\"index.php\" title=\"".$PMF_LANG["ad"]."\">".$PMF_LANG["ad"]."</a></p>";
    111. 

  111.             } else {
    112. 

  112.                 print $PMF_LANG["lostpwd_err_1"];
    113. 

  113.             }
    114. 

  114.         } else {
    115. 

  115.             print $PMF_LANG["lostpwd_err_2"];
    116. 

  116.         }
    117. 

  117.     } else {
    118. 

  118. ?>
    119. 

  119.     <form action="?action=sendmail" method="post">
    120. 

  120.     <fieldset class="login">
    121. 

  121.         <legend class="login"><?php print $PMF_LANG["ad_passwd_cop"]; ?></legend>
    122. 

  122. 

  123.         <label class="left"><?php print $PMF_LANG["ad_auth_user"]; ?></label>
    124. 

  124.         <input type="text" name="username" size="30" /><br />
    125. 

  125. 

  126.         <label class="left"><?php print $PMF_LANG["ad_entry_email"]; ?></label>
    127. 

  127.         <input type="text"  name="email" size="30" /><br />
    128. 

  128. 

  129.         <input class="submit" type="submit" value="<?php print $PMF_LANG["msgNewContentSubmit"]; ?>" />
    130. 

  130. 

  131.         <p><img src="images/arrow.gif" width="11" height="11" alt="<?php print $PMF_LANG["ad_sess_back"]; ?> FAQ" border="0" /> <a href="index.php" title="<?php print $PMF_LANG["ad_sess_back"]; ?> FAQ"><?php print $PMF_LANG["ad_sess_back"]; ?></a></p>
    132. 

  132.         <p><img src="images/arrow.gif" width="11" height="11" alt="<?php print $faqconfig->get('main.titleFAQ'); ?> FAQ" border="0" /> <a href="../index.php" title="<?php print $faqconfig->get('main.titleFAQ'); ?> FAQ"><?php print $faqconfig->get('main.titleFAQ'); ?> FAQ</a></p>
    133. 

  133. 

  134.     </fieldset>
    135. 

  135.     </form>
    136. 

  136. <?php
    137. 

  137. }
    138. 

  138. 

  139. if (DEBUG) {
    140. 

  140.     print "\n<p>DEBUG INFORMATION:</p>\n";
    141. 

  141.     print "<p>".$db->sqllog()."</p>";
    142. 

  142. }
    143. 

  143. 

  144. require_once 'footer.php';
    145. 

  145. $db->dbclose();
    146.