From 9b3b9e075b1c3fcce2acce2554235408c5bc31e2 Mon Sep 17 00:00:00 2001 From: the_systech Date: Tue, 19 Mar 2002 20:47:59 +0000 Subject: [PATCH] Well.... I hope this is right... It works at least. Can't seem to reach Paul currently, and I don't want this to slip through for RC-4, so for now I copied the old stuff from a previous revision of profile, and pasted it in here... Tested to work on my local machine... (if you had something else in mind Paul feel free to overwrite my version) git-svn-id: file:///svn/phpbb/trunk@2357 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/usercp_sendpasswd.php | 231 ++++++++++----------------- 1 file changed, 84 insertions(+), 147 deletions(-) diff --git a/phpBB/includes/usercp_sendpasswd.php b/phpBB/includes/usercp_sendpasswd.php index 779b898f94..c5b810faf5 100644 --- a/phpBB/includes/usercp_sendpasswd.php +++ b/phpBB/includes/usercp_sendpasswd.php @@ -1,6 +1,6 @@ sql_query($sql) ) -{ - $row = $db->sql_fetchrow($result); - - $username = $row['username']; - $user_email = $row['user_email']; - $user_lang = $row['user_lang']; - - if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN ) + $sql = "SELECT user_id, username, user_email, user_active, user_lang + FROM " . USERS_TABLE . " + WHERE user_email = '" . str_replace("\'", "''", $email) . "' + AND username = '" . str_replace("\'", "''", $username) . "'"; + if ( $result = $db->sql_query($sql) ) { - if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] ) + if ( $row = $db->sql_fetchrow($result) ) { - message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']); - } - - if ( isset($HTTP_POST_VARS['submit']) ) - { - $error = FALSE; - - if ( !empty($HTTP_POST_VARS['subject']) ) + if ( $row['user_active'] == 0 ) { - $subject = trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))); - } - else - { - $error = TRUE; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['Empty_subject_email'] : $lang['Empty_subject_email']; + message_die(GENERAL_MESSAGE, $lang['No_send_account_inactive']); } - if ( !empty($HTTP_POST_VARS['message']) ) + $username = $row['username']; + + $user_actkey = gen_rand_string(true); + $user_password = gen_rand_string(false); + + $sql = "UPDATE " . USERS_TABLE . " + SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey' + WHERE user_id = " . $row['user_id']; + if ( !$result = $db->sql_query($sql) ) { - $message = trim(strip_tags(stripslashes($HTTP_POST_VARS['message']))); - } - else - { - $error = TRUE; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['Empty_message_email'] : $lang['Empty_message_email']; + message_die(GENERAL_ERROR, "Couldn't update new password information", "", __LINE__, __FILE__, $sql); } - if ( !$error ) - { - $sql = "UPDATE " . USERS_TABLE . " - SET user_emailtime = " . time() . " - WHERE user_id = " . $userdata['user_id']; - if ( $result = $db->sql_query($sql) ) - { - include($phpbb_root_path . 'includes/emailer.'.$phpEx); - $emailer = new emailer($board_config['smtp_delivery']); + include($phpbb_root_path . 'includes/emailer.'.$phpEx); + $emailer = new emailer($board_config['smtp_delivery']); - $email_headers = "From: " . $userdata['user_email'] . "\n"; - if ( !empty($HTTP_POST_VARS['cc_email']) ) - { - $email_headers .= "Cc: " . $userdata['user_email'] . "\n"; - } - $email_headers .= "Return-Path: " . $userdata['user_email'] . "\n"; - $email_headers .= "X-AntiAbuse: Board servername - " . $server_name . "\n"; - $email_headers .= "X-AntiAbuse: User_id - " . $userdata['user_id'] . "\n"; - $email_headers .= "X-AntiAbuse: Username - " . $userdata['username'] . "\n"; - $email_headers .= "X-AntiAbuse: User IP - " . decode_ip($user_ip) . "\r\n"; + $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n"; - $emailer->use_template("profile_send_email", $user_lang); - $emailer->email_address($user_email); - $emailer->set_subject($subject); - $emailer->extra_headers($email_headers); + $emailer->use_template("user_activate_passwd", $row['user_lang']); + $emailer->email_address($row['user_email']); + $emailer->set_subject();//$lang['New_password_activation'] + $emailer->extra_headers($email_headers); - $emailer->assign_vars(array( - "SITENAME" => $board_config['sitename'], - "BOARD_EMAIL" => $board_config['board_email'], - "FROM_USERNAME" => $userdata['username'], - "TO_USERNAME" => $username, - "MESSAGE" => $message) - ); - $emailer->send(); - $emailer->reset(); + $emailer->assign_vars(array( + "SITENAME" => $board_config['sitename'], + "USERNAME" => $username, + "PASSWORD" => $user_password, + "EMAIL_SIG" => str_replace("
", "\n", "-- \n" . $board_config['board_email_sig']), - $template->assign_vars(array( - "META" => '') - ); - - $message = $lang['Email_sent'] . "

" . sprintf($lang['Click_return_index'], '', ''); - - message_die(GENERAL_MESSAGE, $message); - } - else - { - message_die(GENERAL_ERROR, "Couldn't update last email time", "", __LINE__, __FILE__, $sql); - } - } - } - - include($phpbb_root_path . 'includes/page_header.'.$phpEx); - - $template->set_filenames(array( - "body" => "profile_send_email.tpl", - "jumpbox" => "jumpbox.tpl") - ); - - $jumpbox = make_jumpbox(); - $template->assign_vars(array( - "L_GO" => $lang['Go'], - "L_JUMP_TO" => $lang['Jump_to'], - "L_SELECT_FORUM" => $lang['Select_forum'], - - "S_JUMPBOX_LIST" => $jumpbox, - "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx")) - ); - $template->assign_var_from_handle("JUMPBOX", "jumpbox"); - - if ( $error ) - { - $template->set_filenames(array( - "reg_header" => "error_body.tpl") + "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey") ); + $emailer->send(); + $emailer->reset(); + $template->assign_vars(array( - "ERROR_MESSAGE" => $error_msg) + "META" => '') ); - $template->assign_var_from_handle("ERROR_BOX", "reg_header"); - } - if ( $userdata['user_sig'] != "" ) + $message = $lang['Password_updated'] . "

" . sprintf($lang['Click_return_index'], "", ""); + + message_die(GENERAL_MESSAGE, $message); + } + else { - $template->assign_block_vars("signature_checkbox", array()); + message_die(GENERAL_MESSAGE, $lang['No_email_match']); } - - $template->assign_vars(array( - "USERNAME" => $username, - - "S_SIGNATURE_CHECKED" => ( $attach_sig ) ? 'checked="checked"' : '', - "S_POST_ACTION" => append_sid("profile.$phpEx?&mode=email&" . POST_USERS_URL . "=$user_id"), - - "L_SEND_EMAIL_MSG" => $lang['Send_email_msg'], - "L_RECIPIENT" => $lang['Recipient'], - "L_SUBJECT" => $lang['Subject'], - "L_MESSAGE_BODY" => $lang['Message_body'], - "L_MESSAGE_BODY_DESC" => $lang['Email_message_desc'], - "L_OPTIONS" => $lang['Options'], - "L_CC_EMAIL" => $lang['CC_email'], - "L_NOTIFY_ON_REPLY" => $lang['Notify'], - "L_SPELLCHECK" => $lang['Spellcheck'], - "L_SEND_EMAIL" => $lang['Send_email']) - ); - - $template->pparse("body"); - - include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } else { - message_die(GENERAL_MESSAGE, $lang['User_prevent_email']); + message_die(GENERAL_ERROR, "Couldn't obtain user information for sendpassword", "", __LINE__, __FILE__, $sql); } } else { - message_die(GENERAL_MESSAGE, $lang['User_not_exist']); + $username = ""; + $email = ""; } -?> \ No newline at end of file +// +// Output basic page +// +include($phpbb_root_path . 'includes/page_header.'.$phpEx); + +$template->set_filenames(array( + "body" => "profile_send_pass.tpl", + "jumpbox" => "jumpbox.tpl") +); + +$jumpbox = make_jumpbox(); +$template->assign_vars(array( + "L_GO" => $lang['Go'], + "L_JUMP_TO" => $lang['Jump_to'], + "L_SELECT_FORUM" => $lang['Select_forum'], + + "S_JUMPBOX_LIST" => $jumpbox, + "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx")) +); +$template->assign_var_from_handle("JUMPBOX", "jumpbox"); + +$template->assign_vars(array( + "USERNAME" => $username, + "EMAIL" => $email, + + "L_SEND_PASSWORD" => $lang['Send_password'], + "L_ITEMS_REQUIRED" => $lang['Items_required'], + "L_EMAIL_ADDRESS" => $lang['Email_address'], + "L_SUBMIT" => $lang['Submit'], + "L_RESET" => $lang['Reset']) +); + +$template->pparse("body"); + +include($phpbb_root_path . 'includes/page_tail.'.$phpEx); +?>