// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
// //
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// You may not change or alter any portion of this comment or credits //
// of supporting developers from this source code or any supporting //
// source code which is considered copyrighted (c) material of the //
// original comment or credit authors. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details. //
// //
// You should have received a copy of the GNU General Public License //
// along with this program; if not, write to the Free Software //
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
// ------------------------------------------------------------------------ //
/**
* All functions for lost password generator are going through here.
*
* Form and process for sending a new password to a user
*
* @copyrighthttp://www.xoops.org/ The XOOPS Project
* @copyrighthttp://www.impresscms.org/ The ImpressCMS Project
* @licensehttp://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU General Public License (GPL)
* @packageMember
* @subpackageUsers
* @sinceXOOPS
*/
$xoopsOption['pagetype'] = 'user';
/* $_POST parameters
*
*$_GET parameters
*code
*/
/* set default value for $code */
$code = '';
$filter_get = $filter_post = array('email' => array('email', 'options' => array(0, 0)));
/* set default value for parameters */
$code = '';
if (!empty($_GET)) {
$clean_GET = icms_core_DataFilter::checkVarArray($_GET, $filter_get, false);
extract($clean_GET);
}
if (!empty($_POST)) {
$clean_POST = icms_core_DataFilter::checkVarArray($_POST, $filter_post, false);
extract($clean_POST);
}
if ($email == '') {
redirect_header('user.php', 2, _US_SORRYNOTFOUND);
}
$member_handler = icms::handler('icms_member');
$criteria = new icms_db_criteria_Compo();
$criteria->add(new icms_db_criteria_Item('email', $email));
$criteria->add(new icms_db_criteria_Item('level', '-1', '!='));
$getuser = & $member_handler->getUsers($criteria);
if (empty($getuser)) {
$msg = _US_SORRYNOTFOUND;
redirect_header('user.php', 2, $msg);
} else {
$icmspass = new icms_core_Password();
$areyou = substr($getuser[0]->pass, 0, 5);
if ($code != '' && $areyou == $code) {
$newpass = (new \RandomLib\Factory())->->getGenerator(
new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM)
)->generateString(8,'0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
$pass = $icmspass->encryptPass($newpass);
$mailer = new icms_messaging_Handler();
$mailer->useMail();
$mailer->setTemplate('lostpass2.tpl');
$mailer->assign('SITENAME', $icmsConfig['sitename']);
$mailer->assign('ADMINMAIL', $icmsConfig['adminmail']);
$mailer->assign('SITEURL', ICMS_URL . '/');
$mailer->assign('IP', $_SERVER['REMOTE_ADDR']);
$mailer->assign('NEWPWD', $newpass);
$mailer->setToUsers($getuser[0]);
$mailer->setFromEmail($icmsConfig['adminmail']);
$mailer->setFromName($icmsConfig['sitename']);
$mailer->setSubject(sprintf(_US_NEWPWDREQ, ICMS_URL));
if (!$mailer->send()) {
echo $mailer->getErrors();
}
// Next step: add the new password to the database
$sql = sprintf("UPDATE %s SET pass = '%s', pass_expired = '%u' WHERE uid = '%u'",
icms::$xoopsDB->prefix('users'), $pass, 1, (int) $getuser[0]->uid);
if (!icms::$xoopsDB->queryF($sql)) {
/** Include header.php to start page rendering */
include 'header.php';
echo _US_MAILPWDNG;
/** Include footer.php to complete page rendering */
include 'footer.php';
exit();
}
redirect_header('user.php', 3, sprintf(_US_PWDMAILED, $getuser[0]->uname), false);
// If no Code, send it
} else {
$mailer = new icms_messaging_Handler();
$mailer->useMail();
$mailer->setTemplate('lostpass1.tpl');
$mailer->assign('SITENAME', $icmsConfig['sitename']);
$mailer->assign('ADMINMAIL', $icmsConfig['adminmail']);
$mailer->assign('SITEURL', ICMS_URL . '/');
$mailer->assign('IP', $_SERVER['REMOTE_ADDR']);
$mailer->assign('NEWPWD_LINK', ICMS_URL . '/lostpass.php?email=' . $email . '&code=' . $areyou);
$mailer->setToUsers($getuser[0]);
$mailer->setFromEmail($icmsConfig['adminmail']);
$mailer->setFromName($icmsConfig['sitename']);
$mailer->setSubject(sprintf(_US_NEWPWDREQ, $icmsConfig['sitename']));
/** Include header.php to start page rendering */
include 'header.php';
if (!$mailer->send()) {
echo $mailer->getErrors();
}
echo '
';
printf(_US_CONFMAIL, $getuser[0]->uname);
echo '';
/** Include footer.php to complete page rendering */
include 'footer.php';
}
}
一键复制
编辑
Web IDE
原始数据
按行查看
历史
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
