server/core/lostpassword/index.php

43 lines
1.8 KiB
PHP
Raw Normal View History

2011-09-25 21:33:22 +00:00
<?php
/**
2012-05-26 17:14:24 +00:00
* Copyright (c) 2012 Frank Karlitschek frank@owncloud.org
2011-09-25 21:33:22 +00:00
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
$RUNTIME_NOAPPS = TRUE; //no apps
2011-10-03 18:41:52 +00:00
require_once('../../lib/base.php');
2011-09-25 21:33:22 +00:00
2012-04-26 17:35:33 +00:00
2011-09-25 21:33:22 +00:00
// Someone lost their password:
if (isset($_POST['user'])) {
if (OC_User::userExists($_POST['user'])) {
2012-04-04 13:17:03 +00:00
$token = sha1($_POST['user'].md5(uniqid(rand(), true)));
2011-09-25 21:33:22 +00:00
OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
2012-04-26 17:35:33 +00:00
if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) {
$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php').'?user='.urlencode($_POST['user']).'&token='.$token;
2011-10-03 18:41:52 +00:00
$tmpl = new OC_Template('core/lostpassword', 'email');
$tmpl->assign('link', $link);
$msg = $tmpl->fetchPage();
2012-04-14 14:44:15 +00:00
$l = OC_L10N::get('core');
$from = 'lostpassword-noreply@' . OCP\Util::getServerHost();
2012-04-26 17:35:33 +00:00
OC_MAIL::send($email,$_POST['user'],$l->t('ownCloud password reset'),$msg,$from,'ownCloud');
echo('sent');
}
2012-04-26 17:35:33 +00:00
$sectoken=rand(1000000,9999999);
$_SESSION['sectoken']=$sectoken;
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true, 'sectoken' => $sectoken));
2011-09-25 21:33:22 +00:00
} else {
2012-04-26 17:35:33 +00:00
$sectoken=rand(1000000,9999999);
$_SESSION['sectoken']=$sectoken;
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false, 'sectoken' => $sectoken));
2011-09-25 21:33:22 +00:00
}
} else {
2012-04-26 17:35:33 +00:00
$sectoken=rand(1000000,9999999);
$_SESSION['sectoken']=$sectoken;
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false, 'sectoken' => $sectoken));
2011-09-25 21:33:22 +00:00
}