Development

Wiki Start
Wishlist
Timeline
Roadmap
Browse Source
New Ticket
View Tickets

root/tags/omega-1.0.0-rc3/gui/lostpassword.php

Revision 849, 4.4 kB (checked in by raphael, 1 year ago)

Generate database keys at setup time (fix for Debian packaging)
Added ispCP config (/etc/ispcp) and database backup system
LSB compatiblity for installing/removing init scripts
Added BACKUP_DOMAINS yes/no switch to enable/disable customer backups
Made ispcp_network and ispcp_daemon more or less LSB compatible
Fixed #688: updated ispcp_network in all distros (including fedora)
Fixed #645: improve welcome emails messages
Fixed #758: phpMyAdmin Security vulnerability
Added different message levels to be used with write_log to reduce verbosity of emails sent
Fixed some Makefiles which were replacing files in the local copy rather than in the installation

Line 
1 <?php
2 /**
3  *  ispCP ω (OMEGA) a Virtual Hosting Control System
4  *
5  *  @copyright     2001-2006 by moleSoftware GmbH
6  *  @copyright     2006-2007 by ispCP | http://isp-control.net
7  *  @link         http://isp-control.net
8  *  @author        ispCP Team (2007)
9  *
10  *  @license
11  *  This program is free software; you can redistribute it and/or modify it under
12  *  the terms of the MPL General Public License as published by the Free Software
13  *  Foundation; either version 1.1 of the License, or (at your option) any later
14  *  version.
15  *  You should have received a copy of the MPL Mozilla Public License along with
16  *  this program; if not, write to the Open Source Initiative (OSI)
17  *  http://opensource.org | osi@opensource.org
18  **/
19
20 require 'include/ispcp-lib.php';
21
22
23 if (!$cfg['LOSTPASSWORD']) {
24     system_message(tr('Retrieving lost passwords is currently not possible'));
25     die();
26 }
27
28 // check for gd >= 2.x
29 if (check_gd() == false)
30     system_message("ERROR: php-extension 'gd' not loaded !");
31
32 if (captcha_fontfile_exists() == false)
33     system_message("ERROR: captcha fontfile not found !");
34
35 // remove old uniqkeys
36 removeOldKeys($cfg['LOSTPASSWORD_TIMEOUT']);
37
38 if (isset($_SESSION['user_theme'])) {
39     $theme_color = $_SESSION['user_theme'];
40 } else {
41     $theme_color = $cfg['USER_INITIAL_THEME'];
42 }
43
44 if (isset($_GET['key'])) {
45     if ($_GET['key'] != "") {
46
47         check_input($_GET['key']);
48
49         $tpl = new pTemplate();
50         $tpl->define('page', $cfg['LOGIN_TEMPLATE_PATH'].'/lostpassword_message.tpl');
51         $tpl->assign(array(
52                             'TR_MAIN_INDEX_PAGE_TITLE' => tr('ispCP - Virtual Hosting Control System'),
53                             'THEME_COLOR_PATH' => "themes/$theme_color",
54                             'THEME_CHARSET' => tr('encoding')
55                             )
56                         );
57
58         if (sendpassword($_GET['key'])) {
59             $tpl->assign(array(
60                                 'TR_MESSAGE' => tr('Password sent'),
61                                 'TR_LINK' => "<a class=\"link\" href=\"index.php\">".tr('Login')."</a>"
62                                 )
63                             );
64
65         } else {
66             $tpl->assign(array(
67                                 'TR_MESSAGE' => tr('ERROR: Password was not sent'),
68                                 'TR_LINK' => "<a class=\"link\" href=\"index.php\">".tr('Login')."</a>"
69                                 )
70                             );
71         }
72
73         $tpl->parse('PAGE', 'page');
74         $tpl->prnt();
75
76         if ($cfg['DUMP_GUI_DEBUG']) dump_gui_debug();
77         exit(0);
78     }
79 }
80
81 if (isset($_POST['uname'])) {
82
83     check_ipaddr(getipaddr(), 'captcha');
84
85     if (($_POST['uname'] != "") AND isset($_SESSION['image']) AND isset($_POST['capcode'])) {
86
87         check_input($_POST['uname']);
88         check_input($_POST['capcode']);
89
90         $tpl = new pTemplate();
91         $tpl -> define('page', $cfg['LOGIN_TEMPLATE_PATH'].'/lostpassword_message.tpl');
92         $tpl -> assign(array(
93                             'TR_MAIN_INDEX_PAGE_TITLE' => tr('ispCP - Virtual Hosting Control System'),
94                             'THEME_COLOR_PATH' => "themes/$theme_color",
95                             'THEME_CHARSET' => tr('encoding')
96                             )
97                         );
98
99         if ($_SESSION['image'] == $_POST['capcode']) {
100             if (requestpassword($_POST['uname'])) {
101                 $tpl -> assign(array(
102                                     'TR_MESSAGE' => tr('The password was requested'),
103                                     'TR_LINK' => "<a class=\"link\" href=\"index.php\">".tr('Back')."</a>"
104                                     )
105                                 );
106             } else {
107                 $tpl -> assign(array(
108                                     'TR_MESSAGE' => tr('ERROR: Unknown user'),
109                                     'TR_LINK' => "<a class=\"link\" href=\"lostpassword.php\">".tr('Retry')."</a>"
110                                     )
111                                 );
112             }
113         } else {
114             $tpl -> assign(array(
115                                 'TR_MESSAGE' => tr('ERROR: Security code was not correct!').' '. $_SESSION['image'],
116                                 'TR_LINK' => "<a class=\"link\" href=\"lostpassword.php\">".tr('Retry')."</a>"
117                                 )
118                             );
119         }
120
121         $tpl -> parse('PAGE', 'page');
122         $tpl -> prnt();
123
124         if ($cfg['DUMP_GUI_DEBUG']) dump_gui_debug();
125         exit(0);
126     }
127 }
128
129 unblock($cfg['BRUTEFORCE_BLOCK_TIME'], 'captcha');
130 is_ipaddr_blocked(null, 'captcha', true);
131
132 $tpl = new pTemplate();
133 $tpl->define('page', $cfg['LOGIN_TEMPLATE_PATH'].'/lostpassword.tpl');
134 $tpl->assign(
135                 array(
136                     'TR_MAIN_INDEX_PAGE_TITLE' => tr('ispCP - Virtual Hosting Control System'),
137                     'THEME_COLOR_PATH' => $cfg['LOGIN_TEMPLATE_PATH'],
138                     'THEME_CHARSET' => tr('encoding'),
139                     'TR_CAPCODE' => tr('Security code'),
140                     'TR_IMGCAPCODE_DESCRIPTION' => tr('(To avoid abuse, we ask you to write the combination of letters on the above picture into the field "Security code")'),
141                     'TR_IMGCAPCODE' => "<img src=\"imagecode.php\" border=\"0\" nosave alt=\"\">",
142                     'TR_USERNAME' => tr('Username'),
143                     'TR_SEND' => tr('Request password'),
144                     'TR_BACK' => tr('Back')
145                     )
146                 );
147
148 $tpl->parse('PAGE', 'page');
149 $tpl->prnt();
150
151 if ($cfg['DUMP_GUI_DEBUG']) dump_gui_debug();
152
153 ?>
Note: See TracBrowser for help on using the browser.