* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * $Id$ */ /** \file htdocs/user/passwordforgotten.php \brief Page demande nouveau mot de passe \version $Revision$ */ require("../master.inc.php"); require_once(DOL_DOCUMENT_ROOT."/contact.class.php"); require_once(DOL_DOCUMENT_ROOT."/lib/ldap.class.php"); require_once(DOL_DOCUMENT_ROOT."/lib/usergroups.lib.php"); require_once(DOL_DOCUMENT_ROOT.'/includes/cryptographp/cryptographp.fct.php'); $user->getrights('user'); $langs->load("main"); $langs->load("other"); $langs->load("users"); $langs->load("companies"); $langs->load("ldap"); $action=isset($_GET["action"])?$_GET["action"]:$_POST["action"]; $mode=$dolibarr_main_authentication; if (! $mode) $mode='http'; if ($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK) accessforbidden(); /** * Actions */ // Action modif mot de passe if ($_GET["action"] == 'validatenewpassword' && $_GET["username"] && $_GET["passwordmd5"]) { $edituser = new User($db); $result=$edituser->fetch($_GET["username"]); if ($result < 0) { $message = '
'.$langs->trans("ErrorLoginDoesNotExists",$_GET["username"]).'
'; } else { if (md5($edituser->pass_temp) == $_GET["passwordmd5"]) { $newpassword=$edituser->password($user,$edituser->pass_temp,$conf->password_encrypted,0); dolibarr_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database"); //session_start(); //$_SESSION["loginmesg"]=$langs->trans("PasswordChanged"); header("Location: ".DOL_URL_ROOT.'/'); exit; } else { $message = '
'.$langs->trans("ErrorFailedToValidatePassword").'
'; } } } // Action modif mot de passe if ($_POST["action"] == 'buildnewpassword' && $_POST["username"]) { // Verifie code if (function_exists("imagecreatefrompng") && ! chk_crypt($_POST['code'])) { $message = '
'.$langs->trans("ErrorBadValueForCode").'
'; } else { $edituser = new User($db); $result=$edituser->fetch($_POST["username"]); if ($result < 0) { $message = '
'.$langs->trans("ErrorLoginDoesNotExists",$_POST["username"]).'
'; $_POST["username"]=''; } else { if (! $edituser->email) { $message = '
'.$langs->trans("ErrorLoginHasNoEmail").'
'; } else { $newpassword=$edituser->password($user,'',$conf->password_encrypted,1); if ($newpassword < 0) { // Echec $message = '
'.$langs->trans("ErrorFailedToChangePassword").'
'; } else { // Succes if ($edituser->send_password($user,$newpassword,1) > 0) { $message = '
'.$langs->trans("PasswordChangeRequestSent",$edituser->login,$edituser->email).'
'; //$message.=$newpassword; $_POST["username"]=''; } else { //$message = '
'.$langs->trans("PasswordChangedTo",$newpassword).'
'; $message.= '
'.$edituser->error.'
'; } } } } } } /* * Affichage page */ $conf->css = "theme/".$conf->theme."/".$conf->theme.".css"; // Si feuille de style en php existe if (file_exists(DOL_DOCUMENT_ROOT.'/'.$conf->css.".php")) $conf->css.=".php"; header('Cache-Control: Public, must-revalidate'); print ''."\n"; // En tete html print "\n"; print "\n"; print ''."\n"; // Evite indexation par robots print "Dolibarr Authentification\n"; print ''."\n"; print ''."\n"; print ''."\n"; print ''."\n"; // Body print ''."\n"; // Form print '
'."\n"; print ''."\n"; // Table 1 print ''."\n"; if (file_exists(DOL_DOCUMENT_ROOT.'/logo.png')) { print ''."\n"; } else { print ''."\n"; } print '
'; print '
Dolibarr '.DOL_VERSION.'
'."\n"; print '
'."\n"; // Send password button enabled ? $disabled='disabled'; if ($mode == 'dolibarr' || $mode == 'dolibarr_mdb2') $disabled=''; if ($conf->global->MAIN_SECURITY_ENABLE_SENDPASSWORD) $disabled=''; // To force button enabled // Table 2 print ''."\n"; print ''."\n"; print ''; print ''; $title=''; // Show logo (search in order: small company logo, large company logo, theme logo, common logo) $width=0; $urllogo=DOL_URL_ROOT.'/theme/login_logo.png'; if (is_readable($conf->societe->dir_logos.'/thumbs/'.$mysoc->logo_small)) { $urllogo=DOL_URL_ROOT.'/viewimage.php?modulepart=companylogo&file='.urlencode('/thumbs/'.$mysoc->logo_small); } elseif (is_readable($conf->societe->dir_logos.'/'.$mysoc->logo)) { $urllogo=DOL_URL_ROOT.'/viewimage.php?modulepart=companylogo&file='.urlencode($mysoc->logo); $width=96; } elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/img/login_logo.png')) { $urllogo=DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/login_logo.png'; } print ''; print ''."\n"; if (function_exists("imagecreatefrompng") && ! $disabled) { //print "Info session: ".session_name().session_id();print_r($_SESSION); $cryptinstall = DOL_URL_ROOT.'/includes/cryptographp'; print ''; print ''; print ''; print ''; } print "".''."\n"; print "
 
  '.$langs->trans("Login").'  
  '.$langs->trans("SecurityCode").''; dsp_crypt('dolibarr.cfg.php',1); print '
"."\n"; print "
"."\n"; print '
'."\n"; print '
'; if (($mode == 'dolibarr' || $mode == 'dolibarr_mdb2') || (! $disabled)) { print ''.$langs->trans("SendNewPasswordDesc").''."\n"; } else { print '
'.$langs->trans("AuthenticationDoesNotAllowSendNewPassword",$mode).'
'."\n"; } print '

'; if ($message) { print '
'; print $message.'

'; } print '
'."\n"; print ''.$langs->trans("BackToLoginPage").''; print '
'."\n"; print "
"; print "
"; // Fin entete html print "\n\n"; ?>