$mesg)); } //Check email/username and do the right thing if (isset ($_POST['user']) && isset ($_POST['email'])) { $user = $_POST['user']; $email = $_POST['email']; $condition = ''; if (!empty($email)) { $condition = " AND LOWER(email) = '".Database::escape_string($email)."' "; } $tbl_user = Database :: get_main_table(TABLE_MAIN_USER); $query = " SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, username AS loginName, password, email, status AS status, official_code, phone, picture_uri, creator_id FROM ".$tbl_user." WHERE ( username = '".Database::escape_string($user)."' $condition ) "; $result = Database::query($query); $num_rows = Database::num_rows($result); if ($result && $num_rows > 0) { if ($num_rows > 1) { $by_username = false; // more than one user while ($data = Database::fetch_array($result)) { $user[] = $data; } } else { $by_username = true; // single user (valid user + email) $user = Database::fetch_array($result); } if ($_configuration['password_encryption'] != 'none') { //Send email with secret link to user Login::handle_encrypted_password($user, $by_username); } else { Login::send_password_to_user($user, $by_username); } } else { CustomPages::displayPage('lostpassword',array('error' => get_lang('NoUserAccountWithThisEmailAddress'))); } } else { CustomPages::displayPage('lostpassword'); } CustomPages::displayPage('index-unlogged', array('info' => get_lang('YourPasswordHasBeenEmailed'))); } $tool_name = get_lang('LostPassword'); Display :: display_header($tool_name); $this_section = SECTION_CAMPUS; $tool_name = get_lang('LostPass'); // Forbidden to retrieve the lost password if (api_get_setting('allow_lostpassword') == 'false') { api_not_allowed(); } if (isset ($_GET['reset']) && isset ($_GET['id'])) { //$msg = Login::reset_password($_GET["reset"], $_GET["id"], true); $msg1= ''.get_lang('Back').''; echo '

'.$msg1.'

'; } else { $form = new FormValidator('lost_password'); $form->addElement('header', $tool_name); $form->addElement('text', 'user', array(get_lang('LoginOrEmailAddress'), get_lang('EnterEmailUserAndWellSendYouPassword')), array('size'=>'40')); //$form->applyFilter('email','strtolower'); $form->addElement('style_submit_button', 'submit', get_lang('Send'),'class="btn"'); // setting the rules $form->addRule('user', get_lang('ThisFieldIsRequired'), 'required'); if ($form->validate()) { $values = $form->exportValues(); if(strpos($values['user'],'@')){ $user = strtolower($values['user']); $email = TRUE; } else { $user = strtolower($values['user']); $email = FALSE; } $condition = ''; if ($email) { $condition = "LOWER(email) = '".Database::escape_string($user)."' "; } else { $condition = "LOWER(username) = '".Database::escape_string($user)."'"; } $tbl_user = Database :: get_main_table(TABLE_MAIN_USER); $query = "SELECT user_id AS uid, lastname AS lastName, firstname AS firstName, ". "username AS loginName, password, email, status AS status, ". "official_code, phone, picture_uri, creator_id ". "FROM ".$tbl_user." ". "WHERE ( $condition ) "; $result = Database::query($query); $num_rows = Database::num_rows($result); if ($result && $num_rows > 0) { $by_username = true; $users = Database::store_result($result); foreach( $users as $user ) { if ($_configuration['password_encryption'] != 'none') { Login::handle_encrypted_password($user, $by_username); } else { Login::send_password_to_user($user, $by_username); } } } else { Display::display_warning_message(get_lang('NoUserAccountWithThisEmailAddress')); } } else { $form->display(); } } Display::display_footer();