3 * Recover lost password page
5 * This page is accessed via confirmation URL in email
7 * Copyright 1999-2001 (c) VA Linux Systems
8 * Copyright 2010 (c) Franck Villaume
10 * This file is part of FusionForge.
12 * FusionForge is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2 of the License, or
15 * (at your option) any later version.
17 * FusionForge is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with FusionForge; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
27 require_once('../env.inc.php');
28 require_once $gfcommon.'include/pre.php';
29 require_once $gfcommon.'include/account.php';
31 $passwd = getStringFromRequest('passwd');
32 $passwd2 = getStringFromRequest('passwd2');
33 $confirm_hash = getStringFromRequest('confirm_hash');
36 $confirm_hash = getStringFromRequest('ch');
39 exit_missing_param('',array(_('Confirm Hash')),'my');
41 // Remove noise from hash produced by buggy mail clients
42 $confirm_hash = html_clean_hash_string($confirm_hash);
44 $res_user = db_query_params ('SELECT * FROM users WHERE confirm_hash=$1',
45 array($confirm_hash)) ;
47 if (db_numrows($res_user) > 1) {
48 exit_error(_('This confirm hash exists more than once.'),'my');
50 if (db_numrows($res_user) < 1) {
51 exit_error(_('Invalid confirmation hash'),'my');
53 $u =& user_get_object(db_result($res_user, 0, 'user_id'), $res_user);
54 if (!$u || !is_object($u)) {
55 exit_error(_('Could Not Get User'),'home');
56 } elseif ($u->isError()) {
57 exit_error($u->getErrorMessage(),'my');
60 if (getStringFromRequest("submit")) {
62 if (strlen($passwd)<6) {
63 exit_error(_('You must supply valid password (at least 6 chars).'),'my');
66 if ($passwd != $passwd2) {
67 exit_error(_('New passwords do not match.'),'my');
70 if ($u->setPasswd($passwd)) {
72 // Invalidate confirm hash
73 $u->setNewEmailAndHash('', 0);
75 $HTML->header(array('title'=>"Password changed"));
76 print '<h2>' . _('Password changed') . '</h2>';
78 printf (_('Congratulations, you have re-set your account password. You may <a href="%1$s">login</a> to the site now.'),
79 util_make_url ("/account/login.php"));
81 $HTML->footer(array());
85 $error_msg = _('ERROR').': '.$u->getErrorMessage();
88 $title = _("Lost Password Login") ;
89 $HTML->header(array('title'=>$title));
91 printf (_('Welcome, %s. You may now change your password.'),$u->getUnixName());
95 <form action="<?php echo util_make_url('/account/lostlogin.php'); ?>" method="post">
96 <p><?php echo _('New Password (min. 6 chars)'); ?>:
97 <br /><input type="password" name="passwd" /></p>
98 <p><?php echo _('New Password (repeat)'); ?>:
99 <br /><input type="password" name="passwd2" />
100 <input type="hidden" name="confirm_hash" value="<?php print $confirm_hash; ?>" /></p>
101 <p><input type="submit" name="submit" value="<?php echo _('Update'); ?>" /></p>
106 $HTML->footer(array());
110 // c-file-style: "bsd"