Rev 1282 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1282 | Rev 1283 | ||
|---|---|---|---|
| Line 43... | Line 43... | ||
| 43 | 43 | ||
| 44 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
44 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
| 45 | 45 | ||
| 46 | OIDplus::logger()->log("V2:[WARN]RA(%1)", "A new password for '%1' was requested (forgot password)", $email); |
46 | OIDplus::logger()->log("V2:[WARN]RA(%1)", "A new password for '%1' was requested (forgot password)", $email); |
| 47 | 47 | ||
| 48 | $timestamp = time(); |
- | |
| 49 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:reset_password$'.$email.'$'.$timestamp.'$'.OIDplus::authUtils()->makeAuthKey('93a16dbe-f4fb-11ed-b67e-3c4a92df8582:'.$email.'/'.$timestamp)); |
48 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:reset_password$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email])); |
| 50 | 49 | ||
| 51 | $message = $this->getForgotPasswordText($params['email']); |
50 | $message = $this->getForgotPasswordText($params['email']); |
| 52 | $message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
51 | $message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
| 53 | 52 | ||
| 54 | OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Password reset request', $message); |
53 | OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Password reset request', $message); |
| Line 59... | Line 58... | ||
| 59 | 58 | ||
| 60 | _CheckParamExists($params, 'password1'); |
59 | _CheckParamExists($params, 'password1'); |
| 61 | _CheckParamExists($params, 'password2'); |
60 | _CheckParamExists($params, 'password2'); |
| 62 | _CheckParamExists($params, 'email'); |
61 | _CheckParamExists($params, 'email'); |
| 63 | _CheckParamExists($params, 'auth'); |
62 | _CheckParamExists($params, 'auth'); |
| 64 | _CheckParamExists($params, 'timestamp'); |
- | |
| 65 | 63 | ||
| 66 | $password1 = $params['password1']; |
64 | $password1 = $params['password1']; |
| 67 | $password2 = $params['password2']; |
65 | $password2 = $params['password2']; |
| 68 | $email = $params['email']; |
66 | $email = $params['email']; |
| 69 | $auth = $params['auth']; |
67 | $auth = $params['auth']; |
| 70 | $timestamp = $params['timestamp']; |
- | |
| 71 | 68 | ||
| 72 | if (!OIDplus::authUtils()->validateAuthKey('93a16dbe-f4fb-11ed-b67e-3c4a92df8582:'.$email.'/'.$timestamp, $auth)) { |
69 | if (!OIDplus::authUtils()->validateAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_pwd_reset_time',-1))) { |
| 73 | throw new OIDplusException(_L('Invalid auth key')); |
70 | throw new OIDplusException(_L('Invalid or expired authentication key')); |
| 74 | } |
- | |
| 75 | - | ||
| 76 | if ((OIDplus::config()->getValue('max_ra_pwd_reset_time') > 0) && (time()-$timestamp > OIDplus::config()->getValue('max_ra_pwd_reset_time'))) { |
- | |
| 77 | throw new OIDplusException(_L('Invitation expired!')); |
- | |
| 78 | } |
71 | } |
| 79 | 72 | ||
| 80 | if ($password1 !== $password2) { |
73 | if ($password1 !== $password2) { |
| 81 | throw new OIDplusException(_L('Passwords do not match')); |
74 | throw new OIDplusException(_L('Passwords do not match')); |
| 82 | } |
75 | } |
| Line 141... | Line 134... | ||
| 141 | } |
134 | } |
| 142 | } else if (explode('$',$id)[0] == 'oidplus:reset_password') { |
135 | } else if (explode('$',$id)[0] == 'oidplus:reset_password') { |
| 143 | $handled = true; |
136 | $handled = true; |
| 144 | 137 | ||
| 145 | $email = explode('$',$id)[1]; |
138 | $email = explode('$',$id)[1]; |
| 146 | $timestamp = explode('$',$id)[2]; |
- | |
| 147 | $auth = explode('$',$id)[3]; |
139 | $auth = explode('$',$id)[2]; |
| 148 | 140 | ||
| 149 | $out['title'] = _L('Reset password'); |
141 | $out['title'] = _L('Reset password'); |
| 150 | $out['icon'] = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/reset_password_icon.png'; |
142 | $out['icon'] = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/reset_password_icon.png'; |
| 151 | 143 | ||
| 152 | if (!OIDplus::authUtils()->validateAuthKey('reset_password;'.$email.';'.$timestamp, $auth)) { |
144 | if (!OIDplus::authUtils()->validateAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_pwd_reset_time',-1))) { |
| 153 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
145 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
| 154 | } else { |
146 | } else { |
| 155 | $out['text'] = '<p>'._L('E-Mail-Address: %1','<b>'.$email.'</b>').'</p> |
147 | $out['text'] = '<p>'._L('E-Mail-Address: %1','<b>'.$email.'</b>').'</p> |
| 156 | 148 | ||
| 157 | <form id="resetPasswordForm" action="javascript:void(0);" onsubmit="return OIDplusPagePublicForgotPassword.resetPasswordFormOnSubmit();"> |
149 | <form id="resetPasswordForm" action="javascript:void(0);" onsubmit="return OIDplusPagePublicForgotPassword.resetPasswordFormOnSubmit();"> |
| 158 | <input type="hidden" id="email" value="'.htmlentities($email).'"/> |
150 | <input type="hidden" id="email" value="'.htmlentities($email).'"/> |
| 159 | <input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/> |
- | |
| 160 | <input type="hidden" id="auth" value="'.htmlentities($auth).'"/> |
151 | <input type="hidden" id="auth" value="'.htmlentities($auth).'"/> |
| 161 | <div><label class="padding_label">'._L('New password').':</label><input type="password" id="password1" value=""/></div> |
152 | <div><label class="padding_label">'._L('New password').':</label><input type="password" id="password1" value=""/></div> |
| 162 | <div><label class="padding_label">'._L('Repeat').':</label><input type="password" id="password2" value=""/></div> |
153 | <div><label class="padding_label">'._L('Repeat').':</label><input type="password" id="password2" value=""/></div> |
| 163 | <br><input type="submit" value="'._L('Change password').'"> |
154 | <br><input type="submit" value="'._L('Change password').'"> |
| 164 | </form>'; |
155 | </form>'; |