aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Lostpass.php
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2022-10-21 11:20:23 +0200
committerMario <mario@mariovavti.com>2022-10-21 11:20:23 +0200
commit5edd13c6bb89c7434d8437f8cc74c038371fdbf8 (patch)
treebc7f29762e9aa306f80b4881128607a49b5bb74f /Zotlabs/Module/Lostpass.php
parent7ca289edd0d568a51dfdf225a5ef0e9663c38838 (diff)
downloadvolse-hubzilla-5edd13c6bb89c7434d8437f8cc74c038371fdbf8.tar.gz
volse-hubzilla-5edd13c6bb89c7434d8437f8cc74c038371fdbf8.tar.bz2
volse-hubzilla-5edd13c6bb89c7434d8437f8cc74c038371fdbf8.zip
fix various issues
Diffstat (limited to 'Zotlabs/Module/Lostpass.php')
-rw-r--r--Zotlabs/Module/Lostpass.php66
1 files changed, 33 insertions, 33 deletions
diff --git a/Zotlabs/Module/Lostpass.php b/Zotlabs/Module/Lostpass.php
index 072657d7b..83478bb10 100644
--- a/Zotlabs/Module/Lostpass.php
+++ b/Zotlabs/Module/Lostpass.php
@@ -6,32 +6,32 @@ namespace Zotlabs\Module;
class Lostpass extends \Zotlabs\Web\Controller {
function post() {
-
+
$loginame = notags(trim($_POST['login-name']));
if(! $loginame)
goaway(z_root());
-
+
$r = q("SELECT * FROM account WHERE account_email = '%s' LIMIT 1",
dbesc($loginame)
);
-
+
if(! $r) {
notice( t('No valid account found.') . EOL);
goaway(z_root());
}
-
+
$aid = $r[0]['account_id'];
$email = $r[0]['account_email'];
-
+
$hash = random_string();
-
+
$r = q("UPDATE account SET account_reset = '%s' WHERE account_id = %d",
dbesc($hash),
intval($aid)
);
if($r)
info( t('Password reset request issued. Check your email.') . EOL);
-
+
$email_tpl = get_intltext_template("lostpass_eml.tpl");
$message = replace_macros($email_tpl, array(
'$sitename' => get_config('system','sitename'),
@@ -40,11 +40,11 @@ class Lostpass extends \Zotlabs\Web\Controller {
'$email' => $email,
'$reset_link' => z_root() . '/lostpass?verify=' . $hash
));
-
+
$subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8');
-
+
$res = z_mail(
- [
+ [
'toEmail' => $email,
'messageSubject' => sprintf( t('Password reset requested at %s'), get_config('system','sitename')),
'textVersion' => $message,
@@ -53,14 +53,14 @@ class Lostpass extends \Zotlabs\Web\Controller {
goaway(z_root());
}
-
-
+
+
function get() {
-
-
+
+
if(x($_GET,'verify')) {
$verify = $_GET['verify'];
-
+
$r = q("SELECT * FROM account WHERE account_reset = '%s' LIMIT 1",
dbesc($verify)
);
@@ -69,22 +69,22 @@ class Lostpass extends \Zotlabs\Web\Controller {
goaway(z_root());
return;
}
-
+
$aid = $r[0]['account_id'];
$email = $r[0]['account_email'];
-
+
$new_password = autoname(6) . mt_rand(100,9999);
-
+
$salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $new_password);
-
+
$r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '', account_flags = (account_flags & ~%d) where account_id = %d",
dbesc($salt),
dbesc($password_encoded),
intval(ACCOUNT_UNVERIFIED),
intval($aid)
);
-
+
if($r) {
$tpl = get_markup_template('pwdreset.tpl');
$o .= replace_macros($tpl,array(
@@ -96,23 +96,23 @@ class Lostpass extends \Zotlabs\Web\Controller {
'$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'),
'$newpass' => $new_password,
'$baseurl' => z_root()
-
+
));
-
+
info("Your password has been reset." . EOL);
-
+
$email_tpl = get_intltext_template("passchanged_eml.tpl");
$message = replace_macros($email_tpl, array(
'$sitename' => \App::$config['sitename'],
'$siteurl' => z_root(),
'$username' => sprintf( t('Site Member (%s)'), $email),
'$email' => $email,
- '$new_password' => $new_password,
- '$uid' => $newuid )
+ '$new_password' => $new_password
+ )
);
-
+
$res = z_mail(
- [
+ [
'toEmail' => $email,
'messageSubject' => sprintf( t('Your password has changed at %s'), get_config('system','sitename')),
'textVersion' => $message,
@@ -121,21 +121,21 @@ class Lostpass extends \Zotlabs\Web\Controller {
return $o;
}
-
+
}
else {
$tpl = get_markup_template('lostpass.tpl');
-
+
$o .= replace_macros($tpl,array(
'$title' => t('Forgot your Password?'),
'$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'),
'$name' => t('Email Address'),
- '$submit' => t('Reset')
+ '$submit' => t('Reset')
));
-
+
return $o;
}
-
+
}
-
+
}