Sponsorenverwaltung - Team StarCraft e.V.
All
Data Structures
Files
Functions
Variables
forgot_password.php
Go to the documentation of this file.
1
<?php
2
/**
3
* @file forgot_password.php
4
*
5
* @brief This file handles lost password requests
6
*
7
* @details
8
* This file provides users with the ability to request a new password.
9
* If the request was successful an email with further information is sent.
10
* The user has the choice between accepting and denying the request. If he
11
* accepts the request a second email with a once usable password will be
12
* sent to him.
13
*
14
* @copyright (c) 2013, Team StarCraft e.V.
15
* @author Usercake (http://www.usercake.com)
16
* @author Alexander Vorndran
17
* @date 02.07.2013
18
*/
19
20
// include
21
include(
"inc/common.php"
);
22
23
// UserCake
24
if
(!
accessGranted
($_SERVER[
'PHP_SELF'
])) {
25
if
(
isUserLoggedIn
()) {
26
exitWithErrorTemplate
(array(
'Die angeforderte Seite ist gesperrt.'
));
27
}
else
{
28
exitWithErrorTemplateAndRedirect
(array(
'Die angeforderte Seite ist gesperrt oder geschützt.'
),
'login.php'
, 2);
29
}
30
}
31
32
// User has confirmed they want their password changed
33
if
(!empty($_GET[
"confirm"
])) {
34
$token = trim($_GET[
"confirm"
]);
35
acceptPasswordRequest
($token);
36
}
else
if
(!empty($_GET[
"deny"
])) {
37
//User has denied this request
38
$token = trim($_GET[
"deny"
]);
39
denyPasswordRequest
($token);
40
}
41
42
//Forms posted
43
if
(!empty($_POST)) {
44
$email = $_POST[
"email"
];
45
$username =
sanitize
($_POST[
"username"
]);
46
47
//Perform some validation
48
//Feel free to edit / change as required
49
50
if
(trim($email) ==
""
) {
51
$errors
[] =
lang
(
"ACCOUNT_SPECIFY_EMAIL"
);
52
}
53
//Check to ensure email is in the correct format / in the db
54
else
if
(!
isValidEmail
($email) || !
emailExists
($email)) {
55
$errors
[] =
lang
(
"ACCOUNT_INVALID_EMAIL"
);
56
}
57
58
if
(trim($username) ==
""
) {
59
$errors
[] =
lang
(
"ACCOUNT_SPECIFY_USERNAME"
);
60
}
else
if
(!
usernameExists
($username)) {
61
$errors
[] =
lang
(
"ACCOUNT_INVALID_USERNAME"
);
62
}
63
64
if
(count(
$errors
) == 0) {
65
//Check that the username / email are associated to the same account
66
if
(!
emailUsernameLinked
($email, $username)) {
67
$errors
[] =
lang
(
"ACCOUNT_USER_OR_EMAIL_INVALID"
);
68
}
else
{
69
//Check if the user has any outstanding lost password requests
70
$userdetails =
fetchUserDetails
($username);
71
if
($userdetails[
"lost_password_request"
] == 1 || $userdetails[
"lost_password_request"
] == 2) {
72
$errors
[] =
"Die letzte Anfrage nach einem neuen Passwort wurde noch nicht abgeschlossen."
;
73
}
else
if
(!
hasValidMail
($userdetails[
'id'
])) {
74
$errors
[] =
"Die E-Mail-Adresse ist nicht validiert. Es wird keine Anfrage gesendet. \nWenden Sie sich bitte an einen Administrator."
;
75
}
else
{
76
//Email the user asking to confirm this change password request
77
//We can use the template builder here
78
//We use the activation token again for the url key it gets regenerated everytime it's used.
79
80
$mail =
new
UserCakeMail
();
81
$confirm_url =
lang
(
"CONFIRM"
) .
"\n"
.
$websiteUrl
.
"forgot_password.php?confirm="
. $userdetails[
"activation_token"
];
82
$deny_url =
lang
(
"DENY"
) .
"\n"
.
$websiteUrl
.
"forgot_password.php?deny="
. $userdetails[
"activation_token"
];
83
84
//Setup our custom hooks
85
$hooks = array(
86
"searchStrs"
=> array(
"#CONFIRM-URL#"
,
"#DENY-URL#"
,
"#USERNAME#"
),
87
"subjectStrs"
=> array($confirm_url, $deny_url, $userdetails[
"user_name"
])
88
);
89
90
if
(!$mail->newTemplateMsg(
"lost-password-request.txt"
, $hooks)) {
91
$errors
[] =
"Beim Erstellen der E-Mail ist ein Fehler aufgetreten."
;
92
}
else
{
93
if
(!$mail->sendMail($userdetails[
"email"
],
"Neues Passwort"
)) {
94
$errors
[] =
"Beim Senden der E-Mail ist ein Fehler aufgetreten."
;
95
}
else
{
96
//Update the DB to show this account has an outstanding request
97
switch
($userdetails[
'lostPasswordRequest'
]) {
98
case
-3:
99
if
(!
flagPassword
($userdetails[
"id"
], 2)) {
100
$errors
[] =
lang
(
"SQL_ERROR"
);
101
}
else
{
102
$successes
[] =
"Eine E-Mail mit Anweisungen um das Passwort zurückzusetzen wurde versendet"
;
103
}
104
break
;
105
default
:
106
if
(!
flagPassword
($userdetails[
"id"
], 1)) {
107
$errors
[] =
lang
(
"SQL_ERROR"
);
108
}
else
{
109
$successes
[] =
"Eine E-Mail mit Anweisungen um das Passwort zurückzusetzen wurde versendet"
;
110
}
111
break
;
112
}
113
}
114
}
115
}
116
}
117
}
118
}
119
displayTemplateWithErrorsAndSuccesses
(
"Passwort zurücksetzen"
,
'forgot_password.tpl'
);
120
?>
forgot_password.php
Generated by
1.8.4