Rev 1282 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1282 | Rev 1283 | ||
---|---|---|---|
Line 43... | Line 43... | ||
43 | 43 | ||
44 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
44 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
45 | 45 | ||
46 | OIDplus::logger()->log("V2:[WARN]RA(%1)", "A new password for '%1' was requested (forgot password)", $email); |
46 | OIDplus::logger()->log("V2:[WARN]RA(%1)", "A new password for '%1' was requested (forgot password)", $email); |
47 | 47 | ||
48 | $timestamp = time(); |
- | |
49 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:reset_password$'.$email.'$'.$timestamp.'$'.OIDplus::authUtils()->makeAuthKey('93a16dbe-f4fb-11ed-b67e-3c4a92df8582:'.$email.'/'.$timestamp)); |
48 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:reset_password$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email])); |
50 | 49 | ||
51 | $message = $this->getForgotPasswordText($params['email']); |
50 | $message = $this->getForgotPasswordText($params['email']); |
52 | $message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
51 | $message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
53 | 52 | ||
54 | OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Password reset request', $message); |
53 | OIDplus::mailUtils()->sendMail($email, OIDplus::config()->getValue('system_title').' - Password reset request', $message); |
Line 59... | Line 58... | ||
59 | 58 | ||
60 | _CheckParamExists($params, 'password1'); |
59 | _CheckParamExists($params, 'password1'); |
61 | _CheckParamExists($params, 'password2'); |
60 | _CheckParamExists($params, 'password2'); |
62 | _CheckParamExists($params, 'email'); |
61 | _CheckParamExists($params, 'email'); |
63 | _CheckParamExists($params, 'auth'); |
62 | _CheckParamExists($params, 'auth'); |
64 | _CheckParamExists($params, 'timestamp'); |
- | |
65 | 63 | ||
66 | $password1 = $params['password1']; |
64 | $password1 = $params['password1']; |
67 | $password2 = $params['password2']; |
65 | $password2 = $params['password2']; |
68 | $email = $params['email']; |
66 | $email = $params['email']; |
69 | $auth = $params['auth']; |
67 | $auth = $params['auth']; |
70 | $timestamp = $params['timestamp']; |
- | |
71 | 68 | ||
72 | if (!OIDplus::authUtils()->validateAuthKey('93a16dbe-f4fb-11ed-b67e-3c4a92df8582:'.$email.'/'.$timestamp, $auth)) { |
69 | if (!OIDplus::authUtils()->validateAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_pwd_reset_time',-1))) { |
73 | throw new OIDplusException(_L('Invalid auth key')); |
70 | throw new OIDplusException(_L('Invalid or expired authentication key')); |
74 | } |
- | |
75 | - | ||
76 | if ((OIDplus::config()->getValue('max_ra_pwd_reset_time') > 0) && (time()-$timestamp > OIDplus::config()->getValue('max_ra_pwd_reset_time'))) { |
- | |
77 | throw new OIDplusException(_L('Invitation expired!')); |
- | |
78 | } |
71 | } |
79 | 72 | ||
80 | if ($password1 !== $password2) { |
73 | if ($password1 !== $password2) { |
81 | throw new OIDplusException(_L('Passwords do not match')); |
74 | throw new OIDplusException(_L('Passwords do not match')); |
82 | } |
75 | } |
Line 141... | Line 134... | ||
141 | } |
134 | } |
142 | } else if (explode('$',$id)[0] == 'oidplus:reset_password') { |
135 | } else if (explode('$',$id)[0] == 'oidplus:reset_password') { |
143 | $handled = true; |
136 | $handled = true; |
144 | 137 | ||
145 | $email = explode('$',$id)[1]; |
138 | $email = explode('$',$id)[1]; |
146 | $timestamp = explode('$',$id)[2]; |
- | |
147 | $auth = explode('$',$id)[3]; |
139 | $auth = explode('$',$id)[2]; |
148 | 140 | ||
149 | $out['title'] = _L('Reset password'); |
141 | $out['title'] = _L('Reset password'); |
150 | $out['icon'] = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/reset_password_icon.png'; |
142 | $out['icon'] = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/reset_password_icon.png'; |
151 | 143 | ||
152 | if (!OIDplus::authUtils()->validateAuthKey('reset_password;'.$email.';'.$timestamp, $auth)) { |
144 | if (!OIDplus::authUtils()->validateAuthKey(['93a16dbe-f4fb-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_pwd_reset_time',-1))) { |
153 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
145 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
154 | } else { |
146 | } else { |
155 | $out['text'] = '<p>'._L('E-Mail-Address: %1','<b>'.$email.'</b>').'</p> |
147 | $out['text'] = '<p>'._L('E-Mail-Address: %1','<b>'.$email.'</b>').'</p> |
156 | 148 | ||
157 | <form id="resetPasswordForm" action="javascript:void(0);" onsubmit="return OIDplusPagePublicForgotPassword.resetPasswordFormOnSubmit();"> |
149 | <form id="resetPasswordForm" action="javascript:void(0);" onsubmit="return OIDplusPagePublicForgotPassword.resetPasswordFormOnSubmit();"> |
158 | <input type="hidden" id="email" value="'.htmlentities($email).'"/> |
150 | <input type="hidden" id="email" value="'.htmlentities($email).'"/> |
159 | <input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/> |
- | |
160 | <input type="hidden" id="auth" value="'.htmlentities($auth).'"/> |
151 | <input type="hidden" id="auth" value="'.htmlentities($auth).'"/> |
161 | <div><label class="padding_label">'._L('New password').':</label><input type="password" id="password1" value=""/></div> |
152 | <div><label class="padding_label">'._L('New password').':</label><input type="password" id="password1" value=""/></div> |
162 | <div><label class="padding_label">'._L('Repeat').':</label><input type="password" id="password2" value=""/></div> |
153 | <div><label class="padding_label">'._L('Repeat').':</label><input type="password" id="password2" value=""/></div> |
163 | <br><input type="submit" value="'._L('Change password').'"> |
154 | <br><input type="submit" value="'._L('Change password').'"> |
164 | </form>'; |
155 | </form>'; |