php-phpbb/phpBB/ucp/usercp_sendpasswd.php

<?php
/***************************************************************************
 *                           usercp_sendpasswd.php
 *                            -------------------
 *   begin                : Saturday, Feb 13, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id$
 *
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 *
 ***************************************************************************/

if ( !defined('IN_PHPBB') )
{
	die('Hacking attempt');
	exit;
}

//
// The User Control Panel uses Barts 'neat-o-module' system (tm) system to handle the tabs.
// This block specifies the tabs and sub tabs for this section.
//
if( !empty($setmodules) )
{
	$filename = str_replace(".$phpEx", '', basename(__FILE__));

	return;
}
//
// End Modules setup
//


if ( isset($HTTP_POST_VARS['submit']) )
{
	$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';
	$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';

	$sql = "SELECT user_id, username, user_email, user_active, user_lang
		FROM " . USERS_TABLE . "
		WHERE user_email = '" . str_replace("\'", "''", $email) . "'
			AND username = '" . str_replace("\'", "''", $username) . "'";
	if ( $result = $db->sql_query($sql) )
	{
		if ( $row = $db->sql_fetchrow($result) )
		{
			if ( !$row['user_active'] )
			{
				message_die(GENERAL_MESSAGE, $lang['No_send_account_inactive']);
			}

			$username = $row['username'];

			$user_actkey = gen_rand_string(true);
			$key_len = 54 - strlen($server_url);
			$key_len = ( $str_len > 6 ) ? $key_len : 6;
			$user_actkey = substr($user_actkey, 0, $key_len);
			$user_password = gen_rand_string(false);

			$sql = "UPDATE " . USERS_TABLE . "
				SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey'
				WHERE user_id = " . $row['user_id'];
			if ( !$db->sql_query($sql) )
			{
				message_die(GENERAL_ERROR, 'Could not update new password information', '', __LINE__, __FILE__, $sql);
			}

			include($phpbb_root_path . 'includes/emailer.'.$phpEx);
			$emailer = new emailer($config['smtp_delivery']);

			$email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";

			$emailer->use_template('user_activate_passwd', $row['user_lang']);
			$emailer->email_address($row['user_email']);
			$emailer->set_subject();//$lang['New_password_activation']
			$emailer->extra_headers($email_headers);

			$emailer->assign_vars(array(
				'SITENAME' => $config['sitename'],
				'USERNAME' => $username,
				'PASSWORD' => $user_password,
				'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),

				'U_ACTIVATE' => $server_url . "?mode=activate&act_key=$user_actkey")
			);
			$emailer->send();
			$emailer->reset();

			$template->assign_vars(array(
				'META' => '<meta http-equiv="refresh" content="15;url=' . append_sid("index.$phpEx") . '">')
			);

			$message = $lang['Password_updated'] . '<br /><br />' . sprintf($lang['Click_return_index'],  '<a href="' . append_sid("index.$phpEx") . '">', '</a>');

			message_die(GENERAL_MESSAGE, $message);
		}
		else
		{
			message_die(GENERAL_MESSAGE, $lang['No_email_match']);
		}
	}
	else
	{
		message_die(GENERAL_ERROR, 'Could not obtain user information for sendpassword', '', __LINE__, __FILE__, $sql);
	}
}
else
{
	$username = '';
	$email = '';
}

//
// Output basic page
//
include($phpbb_root_path . 'includes/page_header.'.$phpEx);

$template->set_filenames(array(
	'body' => 'profile_send_pass.tpl')
);
make_jumpbox('viewforum.'.$phpEx);

$template->assign_vars(array(
	'USERNAME' => $username,
	'EMAIL' => $email,

	'L_SEND_PASSWORD' => $lang['Send_password'],
	'L_ITEMS_REQUIRED' => $lang['Items_required'],
	'L_EMAIL_ADDRESS' => $lang['Email_address'],
	'L_SUBMIT' => $lang['Submit'],
	'L_RESET' => $lang['Reset'])
);

$template->pparse('body');

include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

?>
Moved user cp files to /ucp insted of includes/ucp, easier to handle this way with phudo-module system git-svn-id: file:///svn/phpbb/trunk@3427 89ea8834-ac86-4346-8a33-228a782c2dd0 2003-01-30 19:57:19 +00:00			`<?php`
			`/***************************************************************************`
			`* usercp_sendpasswd.php`
			`* -------------------`
			`* begin : Saturday, Feb 13, 2001`
			`* copyright : (C) 2001 The phpBB Group`
			`* email : support@phpbb.com`
			`*`
			`* $Id$`
			`*`
			`*`
			`***************************************************************************/`

			`/***************************************************************************`
			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation; either version 2 of the License, or`
			`* (at your option) any later version.`
			`*`
			`*`
			`***************************************************************************/`

			`if ( !defined('IN_PHPBB') )`
			`{`
			`die('Hacking attempt');`
			`exit;`
			`}`

			`//`
			`// The User Control Panel uses Barts 'neat-o-module' system (tm) system to handle the tabs.`
			`// This block specifies the tabs and sub tabs for this section.`
			`//`
			`if( !empty($setmodules) )`
			`{`
			`$filename = str_replace(".$phpEx", '', basename(__FILE__));`

			`return;`
			`}`
			`//`
			`// End Modules setup`
			`//`


			`if ( isset($HTTP_POST_VARS['submit']) )`
			`{`
			`$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';`
			`$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';`

			`$sql = "SELECT user_id, username, user_email, user_active, user_lang`
			`FROM " . USERS_TABLE . "`
			`WHERE user_email = '" . str_replace("\'", "''", $email) . "'`
			`AND username = '" . str_replace("\'", "''", $username) . "'";`
			`if ( $result = $db->sql_query($sql) )`
			`{`
			`if ( $row = $db->sql_fetchrow($result) )`
			`{`
			`if ( !$row['user_active'] )`
			`{`
			`message_die(GENERAL_MESSAGE, $lang['No_send_account_inactive']);`
			`}`

			`$username = $row['username'];`

			`$user_actkey = gen_rand_string(true);`
			`$key_len = 54 - strlen($server_url);`
			`$key_len = ( $str_len > 6 ) ? $key_len : 6;`
			`$user_actkey = substr($user_actkey, 0, $key_len);`
			`$user_password = gen_rand_string(false);`

			`$sql = "UPDATE " . USERS_TABLE . "`
			`SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey'`
			`WHERE user_id = " . $row['user_id'];`
			`if ( !$db->sql_query($sql) )`
			`{`
			`message_die(GENERAL_ERROR, 'Could not update new password information', '', __LINE__, __FILE__, $sql);`
			`}`

			`include($phpbb_root_path . 'includes/emailer.'.$phpEx);`
			`$emailer = new emailer($config['smtp_delivery']);`

			`$email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";`

			`$emailer->use_template('user_activate_passwd', $row['user_lang']);`
			`$emailer->email_address($row['user_email']);`
			`$emailer->set_subject();//$lang['New_password_activation']`
			`$emailer->extra_headers($email_headers);`

			`$emailer->assign_vars(array(`
			`'SITENAME' => $config['sitename'],`
			`'USERNAME' => $username,`
			`'PASSWORD' => $user_password,`
			`'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),`

			`'U_ACTIVATE' => $server_url . "?mode=activate&act_key=$user_actkey")`
			`);`
			`$emailer->send();`
			`$emailer->reset();`

			`$template->assign_vars(array(`
			`'META' => '<meta http-equiv="refresh" content="15;url=' . append_sid("index.$phpEx") . '">')`
			`);`

			`$message = $lang['Password_updated'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');`

			`message_die(GENERAL_MESSAGE, $message);`
			`}`
			`else`
			`{`
			`message_die(GENERAL_MESSAGE, $lang['No_email_match']);`
			`}`
			`}`
			`else`
			`{`
			`message_die(GENERAL_ERROR, 'Could not obtain user information for sendpassword', '', __LINE__, __FILE__, $sql);`
			`}`
			`}`
			`else`
			`{`
			`$username = '';`
			`$email = '';`
			`}`

			`//`
			`// Output basic page`
			`//`
			`include($phpbb_root_path . 'includes/page_header.'.$phpEx);`

			`$template->set_filenames(array(`
			`'body' => 'profile_send_pass.tpl')`
			`);`
			`make_jumpbox('viewforum.'.$phpEx);`

			`$template->assign_vars(array(`
			`'USERNAME' => $username,`
			`'EMAIL' => $email,`

			`'L_SEND_PASSWORD' => $lang['Send_password'],`
			`'L_ITEMS_REQUIRED' => $lang['Items_required'],`
			`'L_EMAIL_ADDRESS' => $lang['Email_address'],`
			`'L_SUBMIT' => $lang['Submit'],`
			`'L_RESET' => $lang['Reset'])`
			`);`

			`$template->pparse('body');`

			`include($phpbb_root_path . 'includes/page_tail.'.$phpEx);`

			`?>`