diff --git a/main/auth/lostPassword.php b/main/auth/lostPassword.php index 7dd2e6327d..293d586635 100644 --- a/main/auth/lostPassword.php +++ b/main/auth/lostPassword.php @@ -23,7 +23,6 @@ $language_file = array('registration', 'index'); require_once '../inc/global.inc.php'; require_once api_get_path(LIBRARY_PATH).'login.lib.php'; require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php'; -//require_once api_get_path(LIBRARY_PATH).'custompages.lib.php';moved to autoload // Custom pages // Had to move the form handling in here, because otherwise there would diff --git a/main/auth/lost_password.lib.php b/main/auth/lost_password.lib.php deleted file mode 100755 index 3af9b20ec6..0000000000 --- a/main/auth/lost_password.lib.php +++ /dev/null @@ -1,214 +0,0 @@ -, Ghent University - */ -/* -function get_email_headers() { - $emailHeaders = "From: \"".addslashes(api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS))."\" <".api_get_setting('emailAdministrator').">\n"; - $emailHeaders .= "Reply-To: ".api_get_setting('emailAdministrator')."\n"; - $emailHeaders .= "Return-Path: ".api_get_setting('emailAdministrator')."\n"; - $emailHeaders .= "X-Sender: ".api_get_setting('emailAdministrator')."\n"; - $emailHeaders .= "X-Mailer: PHP / ".phpversion()."\n"; - $emailHeaders .= "Content-Type: text/plain;\n\tcharset=\"".api_get_system_encoding()."\"\n"; - $emailHeaders .= "Mime-Version: 1.0"; - return $emailHeaders; -} -*/ - -/** - * Get list of user accounts with a reset link for each - * @param unknown_type $user - * @param boolean $reset - * @param boolean $by_username - * @return unknown - * @author Olivier Cauberghe , Ghent University - */ -function get_user_account_list($user, $reset = false, $by_username = false) { - global $_configuration; - $portal_url = api_get_path(WEB_PATH); - if ($_configuration['multiple_access_urls']) { - $access_url_id = api_get_current_access_url_id(); - if ($access_url_id != -1 ) { - $url = api_get_access_url($access_url_id); - $portal_url = $url['url']; - } - } - - if ($reset) { - - if ($by_username) { - - $secret_word = get_secret_word($user['email']); - if ($reset) { - $reset_link = $portal_url."main/auth/lostPassword.php?reset=".$secret_word."&id=".$user['uid']; - } else { - $reset_link = get_lang('Pass')." : $user[password]"; - } - $user_account_list = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".get_lang('ResetLink').' : '.$reset_link.''; - - if ($user_account_list) { - $user_account_list = "\n------------------------\n" . $user_account_list; - } - - } else { - - foreach ($user as $this_user) { - $secret_word = get_secret_word($this_user['email']); - if ($reset) { - $reset_link = $portal_url."main/auth/lostPassword.php?reset=".$secret_word."&id=".$this_user['uid']; - } else { - $reset_link = get_lang('Pass')." : $this_user[password]"; - } - $user_account_list[] = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$this_user['loginName']."\n".get_lang('ResetLink').' : '.$reset_link.''; - } - - if ($user_account_list) { - $user_account_list = implode("\n------------------------\n", $user_account_list); - } - } - - } else { - - if (!$by_username) { - $user = $user[0]; - } - $reset_link = get_lang('Pass')." : $user[password]"; - $user_account_list = get_lang('YourRegistrationData')." : \n".get_lang('UserName').' : '.$user['loginName']."\n".$reset_link.''; - - } - return $user_account_list; -} - -/** - * This function sends the actual password to the user - * - * @param unknown_type $user - * @author Olivier Cauberghe , Ghent University - */ -function send_password_to_user($user, $by_username = false) { - - global $_configuration; - /* - $emailHeaders = get_email_headers(); // Email Headers - */ - $email_subject = "[".api_get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT - - if ($by_username) { // Show only for lost password - $user_account_list = get_user_account_list($user, false, $by_username); // BODY - $email_to = $user['email']; - } else { - $user_account_list = get_user_account_list($user); // BODY - $email_to = $user[0]['email']; - } - - $portal_url = $_configuration['root_web']; - if ($_configuration['multiple_access_urls']) { - $access_url_id = api_get_current_access_url_id(); - if ($access_url_id != -1 ) { - $url = api_get_access_url($access_url_id); - $portal_url = $url['url']; - } - } - - $email_body = get_lang('YourAccountParam')." ".$portal_url."\n\n$user_account_list \n\n"; - $emailBody .= get_lang('Formula').",\n".api_get_setting('administratorName')." ".api_get_setting('administratorSurname')."\n".get_lang('PlataformAdmin')." ".api_get_setting('siteName'); - // SEND MESSAGE - $sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS); - $email_admin = api_get_setting('emailAdministrator'); - - if (@api_mail('', $email_to, $email_subject, $email_body, $sender_name, $email_admin) == 1) { - Display::display_confirmation_message(get_lang('YourPasswordHasBeenEmailed')); - } else { - $message = get_lang('SystemUnableToSendEmailContact').' '.Display :: encrypted_mailto_link(api_get_setting('emailAdministrator'), get_lang('PlatformAdmin')).".

"; - } -} - -/** - * Enter description here... - * - * @param unknown_type $user - * @param bool $by_username - * @return unknown - * - * @author Olivier Cauberghe , Ghent University - */ -function handle_encrypted_password($user, $by_username = false) { - - global $_configuration; - - /* - $emailHeaders = get_email_headers(); // Email Headers - */ - $email_subject = "[".api_get_setting('siteName')."] ".get_lang('LoginRequest'); // SUBJECT - - if ($by_username) { // Show only for lost password - $user_account_list = get_user_account_list($user, true, $by_username); // BODY - $email_to = $user['email']; - } else { - $user_account_list = get_user_account_list($user, true); // BODY - $email_to = $user[0]['email']; - } - - $secret_word = get_secret_word($email_to); - $email_body = get_lang('DearUser')." :\n".get_lang('password_request')."\n\n"; - $email_body .= "-----------------------------------------------\n".$user_account_list."\n-----------------------------------------------\n\n"; - $email_body .= get_lang('PasswordEncryptedForSecurity'); - $emailBody .= " \n\n"; - $emailBody .= get_lang('Formula').",\n".api_get_setting('administratorName')." ".api_get_setting('administratorSurname')."\n".get_lang('PlataformAdmin')." ".api_get_setting('siteName'); - $sender_name = api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'), null, PERSON_NAME_EMAIL_ADDRESS); - $email_admin = api_get_setting('emailAdministrator'); - - if (@api_mail('', $email_to, $email_subject, $email_body, $sender_name, $email_admin) == 1) { - Display::display_confirmation_message(get_lang('YourPasswordHasBeenEmailed')); - } else { - $message = get_lang('SystemUnableToSendEmailContact').' '.Display :: encrypted_mailto_link(api_get_setting('emailAdministrator'), get_lang('PlatformAdmin')).".

"; - Display::display_error_message($message, false); - } -} - -/** - * Enter description here... - * @author Olivier Cauberghe , Ghent University - */ -function get_secret_word($add) { - global $_configuration; - return $secret_word = md5($_configuration['security_key'].$add); -} - -/** - * Enter description here... - * @author Olivier Cauberghe , Ghent University - */ -function reset_password($secret, $id, $by_username = false) { - $tbl_user = Database::get_main_table(TABLE_MAIN_USER); - $id = intval($id); - $sql = "SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, username AS loginName, password, email FROM ".$tbl_user." WHERE user_id=$id"; - $result = Database::query($sql); - $num_rows = Database::num_rows($result); - - if ($result && $num_rows > 0) { - $user = Database::fetch_array($result); - } else { - return 'Could not reset password.'; // TODO: This message has to be translated. - } - - if (get_secret_word($user['email']) == $secret) { // OK, secret word is good. Now change password and mail it. - $user['password'] = api_generate_password(); - $crypted = $user['password']; - $crypted = api_get_encrypted_password($crypted); - $sql = "UPDATE ".$tbl_user." SET password='$crypted' WHERE user_id=$id"; - $result = Database::query($sql); - return send_password_to_user($user, $by_username); - } else { - return 'Not allowed.'; // TODO: This message has to be translated. - } -} diff --git a/main/inc/lib/login.lib.php b/main/inc/lib/login.lib.php index d5236b4106..ae828786f0 100644 --- a/main/inc/lib/login.lib.php +++ b/main/inc/lib/login.lib.php @@ -83,8 +83,7 @@ class Login * @param int $user * @author Olivier Cauberghe , Ghent University */ - public static function send_password_to_user($user, $by_username = false) - { + public static function send_password_to_user($user, $by_username = false) { global $_configuration; $email_subject = "[" . api_get_setting('siteName') . "] " . get_lang('LoginRequest'); // SUBJECT @@ -96,7 +95,7 @@ class Login $email_to = $user[0]['email']; } - $portal_url = $_configuration['root_web']; + $portal_url = api_get_path(WEB_PATH); if ($_configuration['multiple_access_urls']) { $access_url_id = api_get_current_access_url_id(); if ($access_url_id != -1) { diff --git a/tests/main/inc/lib/legal.lib.test.php b/tests/main/inc/lib/legal.lib.test.php index aa7e1562bf..a49abfffab 100755 --- a/tests/main/inc/lib/legal.lib.test.php +++ b/tests/main/inc/lib/legal.lib.test.php @@ -1,5 +1,5 @@ UnitTestCase('Lost password library - main/auth/lost_password.lib.test.php'); @@ -80,5 +80,4 @@ class TestLostPassword extends UnitTestCase { ob_end_clean(); //var_dump($res); } -} -?> +} \ No newline at end of file