3 * Request recovery of the lost password
5 * This page sends confirmation email with link to reset password
8 * Portions Copyright 1999-2001 (c) VA Linux Systems
9 * Copyright 2002-2004 (c) GForge Team
10 * Copyright 2010 (c) Franck Villaume
11 * http://fusionforge.org/
13 * This file is part of FusionForge. FusionForge is free software;
14 * you can redistribute it and/or modify it under the terms of the
15 * GNU General Public License as published by the Free Software
16 * Foundation; either version 2 of the Licence, or (at your option)
19 * FusionForge is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License along
25 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
26 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
30 require_once('../env.inc.php');
31 require_once $gfcommon.'include/pre.php';
33 if (getStringFromRequest('submit')) {
34 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
35 exit_form_double_submit('my');
38 $loginname = getStringFromRequest('loginname');
40 $u = user_get_object_by_name($loginname);
42 if (!$u || !is_object($u)){
43 form_release_key(getStringFromRequest('form_key'));
44 exit_error(_('That user does not exist.'),'my');
47 // First, we need to create new confirm hash
49 $confirm_hash = md5(forge_get_config('session_key') . strval(time()) . strval(util_randbytes()));
51 $u->setNewEmailAndHash($u->getEmail(), $confirm_hash);
53 form_release_key(getStringFromRequest('form_key'));
54 exit_error($u->getErrorMessage(),'my');
57 $message = sprintf(_('Someone (presumably you) on the %1$s site requested a
58 password change through email verification. If this was not you,
59 ignore this message and nothing will happen.
61 If you requested this verification, visit the following URL
62 to change your password:
67 '), forge_get_config ('forge_name'), util_make_url ("/account/lostlogin.php?ch=_".$confirm_hash));
69 util_send_message($u->getEmail(),sprintf(_('%1$s Verification'), forge_get_config ('forge_name')),$message);
71 $HTML->header(array('title'=>"Lost Password Confirmation"));
73 echo '<p>'.printf(_('An email has been sent to the address you have on file. Follow the instructions in the email to change your account password.').'</p><p><a href="%1$s">'._("Home").'</a>', util_make_url ('/')).'</p>';
75 $HTML->footer(array());
80 $HTML->header(array('title'=>"Lost Account Password"));
82 echo '<p>' . _('Hey... losing your password is serious business. It compromises the security of your account, your projects, and this site.') . '</p>';
83 echo '<p>' . _('Clicking "Send Lost PW Hash" below will email a URL to the email address we have on file for you. In this URL is a 128-bit confirmation hash for your account. Visiting the URL will allow you to change your password online and login.') . '</p>';
86 <form action="<?php echo util_make_url('/account/lostpw.php'); ?>" method="post">
87 <input type="hidden" name="form_key" value="<?php echo form_generate_key(); ?>"/> <p>
88 <?php echo _('Login name:'); ?>
90 <input type="text" name="loginname" />
93 <input type="submit" name="submit" value="<?php echo _('Send Lost PW Hash'); ?>" />
97 <p><?php echo util_make_link ("/", _('Return')); ?></p>
101 $HTML->footer(array());
105 // c-file-style: "bsd"