|
|
@ -206,15 +206,10 @@ function users_list_controller() {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* User password recovery.
|
|
|
|
* Second step of password recovery: set a new password using the token link from email
|
|
|
|
* (By email)
|
|
|
|
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
function user_password_recovery_controller() {
|
|
|
|
function user_password_recovery_set_new_controller() {
|
|
|
|
if (isset($_REQUEST['token'])) {
|
|
|
|
|
|
|
|
$user_source = User_by_password_recovery_token($_REQUEST['token']);
|
|
|
|
$user_source = User_by_password_recovery_token($_REQUEST['token']);
|
|
|
|
if ($user_source === false) {
|
|
|
|
|
|
|
|
engelsystem_error("Unable to load user.");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($user_source == null) {
|
|
|
|
if ($user_source == null) {
|
|
|
|
error(_("Token is not correct."));
|
|
|
|
error(_("Token is not correct."));
|
|
|
|
redirect(page_link_to('login'));
|
|
|
|
redirect(page_link_to('login'));
|
|
|
@ -234,18 +229,19 @@ function user_password_recovery_controller() {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if ($valid) {
|
|
|
|
if ($valid) {
|
|
|
|
$result = set_password($user_source['UID'], $_REQUEST['password']);
|
|
|
|
set_password($user_source['UID'], $_REQUEST['password']);
|
|
|
|
if ($result === false) {
|
|
|
|
|
|
|
|
engelsystem_error(_("Password could not be updated."));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
success(_("Password saved."));
|
|
|
|
success(_("Password saved."));
|
|
|
|
redirect(page_link_to('login'));
|
|
|
|
redirect(page_link_to('login'));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return User_password_set_view();
|
|
|
|
return User_password_set_view();
|
|
|
|
} else {
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
|
|
* First step of password recovery: display a form that asks for your email and send email with recovery link
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
function user_password_recovery_start_controller() {
|
|
|
|
if (isset($_REQUEST['submit'])) {
|
|
|
|
if (isset($_REQUEST['submit'])) {
|
|
|
|
$valid = true;
|
|
|
|
$valid = true;
|
|
|
|
|
|
|
|
|
|
|
@ -253,9 +249,6 @@ function user_password_recovery_controller() {
|
|
|
|
$email = strip_request_item('email');
|
|
|
|
$email = strip_request_item('email');
|
|
|
|
if (check_email($email)) {
|
|
|
|
if (check_email($email)) {
|
|
|
|
$user_source = User_by_email($email);
|
|
|
|
$user_source = User_by_email($email);
|
|
|
|
if ($user_source === false) {
|
|
|
|
|
|
|
|
engelsystem_error("Unable to load user.");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($user_source == null) {
|
|
|
|
if ($user_source == null) {
|
|
|
|
$valid = false;
|
|
|
|
$valid = false;
|
|
|
|
error(_("E-mail address is not correct."));
|
|
|
|
error(_("E-mail address is not correct."));
|
|
|
@ -271,14 +264,7 @@ function user_password_recovery_controller() {
|
|
|
|
|
|
|
|
|
|
|
|
if ($valid) {
|
|
|
|
if ($valid) {
|
|
|
|
$token = User_generate_password_recovery_token($user_source);
|
|
|
|
$token = User_generate_password_recovery_token($user_source);
|
|
|
|
if ($token === false) {
|
|
|
|
engelsystem_email_to_user($user_source, _("Password recovery"), sprintf(_("Please visit %s to recover your password."), page_link_to_absolute('user_password_recovery') . '&token=' . $token));
|
|
|
|
engelsystem_error("Unable to generate password recovery token.");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
$result = engelsystem_email_to_user($user_source, _("Password recovery"), sprintf(_("Please visit %s to recover your password."), page_link_to_absolute('user_password_recovery') . '&token=' . $token));
|
|
|
|
|
|
|
|
if ($result === false) {
|
|
|
|
|
|
|
|
engelsystem_error("Unable to send password recovery email.");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
success(_("We sent an email containing your password recovery link."));
|
|
|
|
success(_("We sent an email containing your password recovery link."));
|
|
|
|
redirect(page_link_to('login'));
|
|
|
|
redirect(page_link_to('login'));
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -286,6 +272,17 @@ function user_password_recovery_controller() {
|
|
|
|
|
|
|
|
|
|
|
|
return User_password_recovery_view();
|
|
|
|
return User_password_recovery_view();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
|
|
* User password recovery in 2 steps.
|
|
|
|
|
|
|
|
* (By email)
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
function user_password_recovery_controller() {
|
|
|
|
|
|
|
|
if (isset($_REQUEST['token'])) {
|
|
|
|
|
|
|
|
return user_password_recovery_set_new_controller();
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
return user_password_recovery_start_controller();
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|