2011-09-26 01:33:22 +04:00
|
|
|
<?php
|
|
|
|
/**
|
2012-05-26 21:14:24 +04:00
|
|
|
* Copyright (c) 2012 Frank Karlitschek frank@owncloud.org
|
2011-09-26 01:33:22 +04:00
|
|
|
* This file is licensed under the Affero General Public License version 3 or
|
|
|
|
* later.
|
|
|
|
* See the COPYING-README file.
|
|
|
|
*/
|
|
|
|
|
|
|
|
$RUNTIME_NOAPPS = TRUE; //no apps
|
2012-09-04 14:08:55 +04:00
|
|
|
require_once '../../lib/base.php';
|
2011-09-26 01:33:22 +04:00
|
|
|
|
2012-04-26 21:35:33 +04:00
|
|
|
|
2011-09-26 01:33:22 +04:00
|
|
|
// Someone lost their password:
|
|
|
|
if (isset($_POST['user'])) {
|
|
|
|
if (OC_User::userExists($_POST['user'])) {
|
2012-04-04 17:17:03 +04:00
|
|
|
$token = sha1($_POST['user'].md5(uniqid(rand(), true)));
|
2011-09-26 01:33:22 +04:00
|
|
|
OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
|
2011-12-19 02:08:00 +04:00
|
|
|
$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
|
2012-04-26 21:35:33 +04:00
|
|
|
if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) {
|
2012-09-03 21:12:52 +04:00
|
|
|
$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => urlencode($_POST['user']), 'token' => $token));
|
2011-10-03 22:41:52 +04:00
|
|
|
$tmpl = new OC_Template('core/lostpassword', 'email');
|
2012-07-27 17:35:36 +04:00
|
|
|
$tmpl->assign('link', $link, false);
|
2011-09-26 23:11:50 +04:00
|
|
|
$msg = $tmpl->fetchPage();
|
2012-04-14 18:44:15 +04:00
|
|
|
$l = OC_L10N::get('core');
|
2012-05-31 22:26:09 +04:00
|
|
|
$from = 'lostpassword-noreply@' . OCP\Util::getServerHost();
|
2012-09-04 14:08:55 +04:00
|
|
|
OC_MAIL::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud');
|
2012-04-26 21:35:33 +04:00
|
|
|
echo('sent');
|
2012-04-20 22:49:35 +04:00
|
|
|
|
2011-09-26 23:11:50 +04:00
|
|
|
}
|
2012-09-04 14:08:55 +04:00
|
|
|
$sectoken=rand(1000000, 9999999);
|
2012-04-26 21:35:33 +04:00
|
|
|
$_SESSION['sectoken']=$sectoken;
|
|
|
|
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true, 'sectoken' => $sectoken));
|
2011-09-26 01:33:22 +04:00
|
|
|
} else {
|
2012-09-04 14:08:55 +04:00
|
|
|
$sectoken=rand(1000000, 9999999);
|
2012-04-26 21:35:33 +04:00
|
|
|
$_SESSION['sectoken']=$sectoken;
|
|
|
|
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false, 'sectoken' => $sectoken));
|
2011-09-26 01:33:22 +04:00
|
|
|
}
|
|
|
|
} else {
|
2012-09-04 14:08:55 +04:00
|
|
|
$sectoken=rand(1000000, 9999999);
|
2012-04-26 21:35:33 +04:00
|
|
|
$_SESSION['sectoken']=$sectoken;
|
|
|
|
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false, 'sectoken' => $sectoken));
|
2011-09-26 01:33:22 +04:00
|
|
|
}
|