You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
  1. <?php
  2. /**
  3. * Postfix Admin
  4. *
  5. * LICENSE
  6. * This source file is subject to the GPL license that is bundled with
  7. * this package in the file LICENSE.TXT.
  8. *
  9. * Further details on the project are available at http://postfixadmin.sf.net
  10. *
  11. * @version $Id$
  12. * @license GNU GPL v2 or later.
  13. *
  14. * File: password-change.php
  15. * Used by users and admins to change their forgotten login password.
  16. * Template File: password-change.tpl
  17. *
  18. * Template Variables:
  19. *
  20. * tUsername
  21. * tCode
  22. *
  23. * Form POST \ GET Variables:
  24. *
  25. * fUsername
  26. */
  27. if (preg_match('/\/users\//', $_SERVER['REQUEST_URI'])) {
  28. $rel_path = '../';
  29. $context = 'users';
  30. } else {
  31. $rel_path = './';
  32. $context = 'admin';
  33. }
  34. require_once($rel_path . 'common.php');
  35. if ($context === 'admin' && !Config::read('forgotten_admin_password_reset') || $context === 'users' && !Config::read('forgotten_user_password_reset')) {
  36. die('Password reset is disabled by configuration option: forgotten_admin_password_reset');
  37. }
  38. if ($_SERVER['REQUEST_METHOD'] === 'GET') {
  39. $tUsername = safeget('username');
  40. $tCode = safeget('code');
  41. }
  42. if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  43. if (safepost('fCancel')) {
  44. header('Location: main.php');
  45. exit(0);
  46. }
  47. $fPassword = safepost('fPassword');
  48. $fPassword2 = safepost('fPassword2');
  49. $tUsername = safepost('fUsername');
  50. $tCode = trim(safepost('fCode'));
  51. if (empty($fPassword) or ($fPassword != $fPassword2)) {
  52. $error = true;
  53. flash_error(Config::lang('pPassword_password_text_error'));
  54. } else {
  55. $handler = $context === 'admin' ? new AdminHandler : new MailboxHandler;
  56. if (!$handler->checkPasswordRecoveryCode($tUsername, $tCode)) {
  57. flash_error(Config::lang('pPassword_code_text_error'));
  58. } else {
  59. init_session($tUsername, $context === 'admin');
  60. if (!$handler->init($tUsername)) {
  61. flash_error($handler->errormsg);
  62. } else {
  63. $values = $handler->result;
  64. $values['password'] = $fPassword;
  65. $values['password2'] = $fPassword2;
  66. if ($handler->set($values) && $handler->store()) {
  67. flash_info(Config::lang_f('pPassword_result_success', $tUsername));
  68. header('Location: main.php');
  69. exit(0);
  70. } else {
  71. foreach ($handler->errormsg as $msg) {
  72. flash_error($msg);
  73. }
  74. }
  75. }
  76. }
  77. }
  78. }
  79. $smarty->assign('language_selector', language_selector(), false);
  80. $smarty->assign('tUsername', @$tUsername);
  81. $smarty->assign('tCode', @$tCode);
  82. $smarty->assign('smarty_template', 'password-change');
  83. $smarty->display('index.tpl');
  84. /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */