nextcloud/core/lostpassword/index.php

36 lines
1.5 KiB
PHP
Raw Normal View History

2011-09-26 01:33:22 +04:00
<?php
/**
2012-05-26 21:14:24 +04:00
* Copyright (c) 2012 Frank Karlitschek frank@owncloud.org
2011-09-26 01:33:22 +04:00
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
$RUNTIME_NOAPPS = true; //no apps
require_once '../../lib/base.php';
2011-09-26 01:33:22 +04:00
2012-04-26 21:35:33 +04:00
2011-09-26 01:33:22 +04:00
// Someone lost their password:
if (isset($_POST['user'])) {
if (OC_User::userExists($_POST['user'])) {
$token = hash("sha256", OC_Util::generate_random_bytes(30).OC_Config::getValue('passwordsalt', ''));
OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash("sha256", $token)); // Hash the token again to prevent timing attacks
$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
if (!empty($email)) {
2012-09-29 00:27:52 +04:00
$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => $_POST['user'], 'token' => $token));
2011-10-03 22:41:52 +04:00
$tmpl = new OC_Template('core/lostpassword', 'email');
$tmpl->assign('link', $link, false);
$msg = $tmpl->fetchPage();
2012-04-14 18:44:15 +04:00
$l = OC_L10N::get('core');
$from = 'lostpassword-noreply@' . OCP\Util::getServerHost();
OC_MAIL::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud');
2012-04-26 21:35:33 +04:00
echo('sent');
}
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true));
2011-09-26 01:33:22 +04:00
} else {
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false));
2011-09-26 01:33:22 +04:00
}
} else {
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false));
2011-09-26 01:33:22 +04:00
}