Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

FIX Must use external link into a forged email content.

Browse Source
This commit is contained in:
Laurent Destailleur
2016-11-08 23:03:58 +01:00
parent bb5df3beeb
commit c45c24f80c
3 changed files with 19 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/langs/en_US/members.lang
View File

@@ -13,7 +13,7 @@ ListOfValidatedPublicMembers=List of validated public members
ErrorThisMemberIsNotPublic=This member is not public ErrorThisMemberIsNotPublic=This member is not public
ErrorMemberIsAlreadyLinkedToThisThirdParty=Another member (name: <b>%s</b>, login: <b>%s</b>) is already linked to a third party <b>%s</b>. Remove this link first because a third party can't be linked to only a member (and vice versa). ErrorMemberIsAlreadyLinkedToThisThirdParty=Another member (name: <b>%s</b>, login: <b>%s</b>) is already linked to a third party <b>%s</b>. Remove this link first because a third party can't be linked to only a member (and vice versa).
ErrorUserPermissionAllowsToLinksToItselfOnly=For security reasons, you must be granted permissions to edit all users to be able to link a member to a user that is not yours. ErrorUserPermissionAllowsToLinksToItselfOnly=For security reasons, you must be granted permissions to edit all users to be able to link a member to a user that is not yours.
ThisIsContentOfYourCard=This is details of your card ThisIsContentOfYourCard=Hi.<br><br>This is a remind of the information we get about you. Feel free to contact us if something looks wrong.<br><br>
CardContent=Content of your member card CardContent=Content of your member card
SetLinkToUser=Link to a Dolibarr user SetLinkToUser=Link to a Dolibarr user
SetLinkToThirdParty=Link to a Dolibarr third party SetLinkToThirdParty=Link to a Dolibarr third party

2
htdocs/langs/en_US/users.lang
View File

@@ -8,7 +8,7 @@ EditPassword=Edit password
SendNewPassword=Regenerate and send password SendNewPassword=Regenerate and send password
ReinitPassword=Regenerate password ReinitPassword=Regenerate password
PasswordChangedTo=Password changed to: %s PasswordChangedTo=Password changed to: %s
SubjectNewPassword=Your new password for Dolibarr SubjectNewPassword=Your new password for %s
GroupRights=Group permissions GroupRights=Group permissions
UserRights=User permissions UserRights=User permissions
UserGUISetup=User display setup UserGUISetup=User display setup

24
htdocs/user/class/user.class.php
View File

@@ -1645,38 +1645,48 @@ class User extends CommonObject
$outputlangs->load("users"); $outputlangs->load("users");
$outputlangs->load("other"); $outputlangs->load("other");
$subject = $outputlangs->transnoentitiesnoconv("SubjectNewPassword"); $appli=constant('DOL_APPLICATION_TITLE');
if (!empty($conf->global->MAIN_APPLICATION_TITLE)) $appli=$conf->global->MAIN_APPLICATION_TITLE;
$subject = $outputlangs->transnoentitiesnoconv("SubjectNewPassword", $appli);
// Define $urlwithroot // Define $urlwithroot
//$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); //$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root));
//$urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
if (! $changelater) if (! $changelater)
{ {
$url = $urlwithroot.'/';
$mesg.= $outputlangs->transnoentitiesnoconv("RequestToResetPasswordReceived").".\n"; $mesg.= $outputlangs->transnoentitiesnoconv("RequestToResetPasswordReceived").".\n";
$mesg.= $outputlangs->transnoentitiesnoconv("NewKeyIs")." :\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("NewKeyIs")." :\n\n";
$mesg.= $outputlangs->transnoentitiesnoconv("Login")." = ".$this->login."\n"; $mesg.= $outputlangs->transnoentitiesnoconv("Login")." = ".$this->login."\n";
$mesg.= $outputlangs->transnoentitiesnoconv("Password")." = ".$password."\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("Password")." = ".$password."\n\n";
$mesg.= "\n"; $mesg.= "\n";
$url = $urlwithroot.'/';
$mesg.= $outputlangs->transnoentitiesnoconv("ClickHereToGoTo", $conf->global->MAIN_APPLICATION_TITLE).': '.$url."\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("ClickHereToGoTo", $appli).': '.$url."\n\n";
$mesg.= "--\n"; $mesg.= "--\n";
$mesg.= $user->getFullName($outputlangs); // Username that make then sending $mesg.= $user->getFullName($outputlangs); // Username that make then sending
dol_syslog(get_class($this)."::send_password changelater is off, url=".$url);
} }
else else
{ {
$url = $urlwithroot.'/user/passwordforgotten.php?action=validatenewpassword&username='.$this->login."&passwordhash=".dol_hash($password);
$mesg.= $outputlangs->transnoentitiesnoconv("RequestToResetPasswordReceived")."\n"; $mesg.= $outputlangs->transnoentitiesnoconv("RequestToResetPasswordReceived")."\n";
$mesg.= $outputlangs->transnoentitiesnoconv("NewKeyWillBe")." :\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("NewKeyWillBe")." :\n\n";
$mesg.= $outputlangs->transnoentitiesnoconv("Login")." = ".$this->login."\n"; $mesg.= $outputlangs->transnoentitiesnoconv("Login")." = ".$this->login."\n";
$mesg.= $outputlangs->transnoentitiesnoconv("Password")." = ".$password."\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("Password")." = ".$password."\n\n";
$mesg.= "\n"; $mesg.= "\n";
$mesg.= $outputlangs->transnoentitiesnoconv("YouMustClickToChange")." :\n"; $mesg.= $outputlangs->transnoentitiesnoconv("YouMustClickToChange")." :\n";
$url = $urlwithroot.'/user/passwordforgotten.php?action=validatenewpassword&username='.$this->login."&passwordhash=".dol_hash($password);
$mesg.= $url."\n\n"; $mesg.= $url."\n\n";
$mesg.= $outputlangs->transnoentitiesnoconv("ForgetIfNothing")."\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("ForgetIfNothing")."\n\n";
dol_syslog(get_class($this)."::send_password url=".$url);
dol_syslog(get_class($this)."::send_password changelater is on, url=".$url);
} }
$mailfile = new CMailFile( $mailfile = new CMailFile(
$subject, $subject,
$this->email, $this->email,