Show lostPassword.php syntax highlighted
<?php
// $Id: lostPassword.php 2 2005-07-15 13:01:38Z roane $
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004 Dokeos S.A.
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
Copyright (c) various contributors
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, 181 rue Royale, B-1000 Brussels, Belgium, info@dokeos.com
==============================================================================
*/
/**
==============================================================================
* SCRIPT PURPOSE :
*
* This script allows users to retrieve the password of their profile(s)
* on the basis of their e-mail address. The password is send via email
* to the user.
*
* Special case : If the password are encrypted in the database, we have
* to generate a new one.
*
* @todo refactor, move relevant functions to code libraries
*
* @package dokeos.auth
==============================================================================
*/
$langFile = "registration";
require ('../inc/claro_init_global.inc.php');
require_once('lost_password.lib.php');
$nameTools = get_lang('_lost_password');
Display::display_header($nameTools);
$searchPassword = $_POST['searchPassword'];
$Femail = $_POST['Femail'];
// Forbidden to retrieve the lost password
if (get_setting('allow_lostpassword') == "false")
{
api_not_allowed();
}
else
{
api_display_tool_title($nameTools);
//$tbl_user=$mysqlMainDb."`.`user";
$tbl_user = Database :: get_main_table(MAIN_USER_TABLE);
if (isset ($_GET["reset"]) && isset ($_GET["id"]))
{
$msg = reset_password($_GET["reset"], $_GET["id"]);
$msg .= '. <br/>'.get_lang('_your_password_has_been_emailed_to_you');
$msg .= '<br/><br/><a href="'.api_get_path(WEB_PATH).'claroline/auth/lostPassword.php"><< '.get_lang('Back').'</a>';
$passwordFound = true;
}
else
if ($searchPassword)
{
$Femail = strtolower(trim($Femail));
$result = api_sql_query("SELECT user_id AS uid, lastname AS lastName, firstname AS firstName,
username AS loginName, password, email, status AS status,
official_code, phone, picture_uri, creator_id
FROM ".$tbl_user."
WHERE LOWER(email) = '".$Femail."'
AND email != '' ",__FILE__,__LINE__);
if ($result && mysql_num_rows($result))
{
$passwordFound = true;
while ($data = mysql_fetch_array($result))
$user[] = $data;
if ($userPasswordCrypted)
$msg = handle_encrypted_password($user);
else
$msg = send_password_to_user($user, get_lang('_your_password_has_been_emailed_to_you'));
}
else
$msg =get_lang('_no_user_account_with_this_email_address');
$msg .= '<br/><br/><a href="'.api_get_path(WEB_PATH).'claroline/auth/lostPassword.php"><< '.get_lang('Back').'</a>';
}
else
{
$msg = get_lang('_enter_email_and_well_send_you_password');
}
if ($msg)
echo "<p>", $msg, "</p>";
if (!$passwordFound)
{
?>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<input type="hidden" name="searchPassword" value="1" />
<?php echo get_lang("Email") ;?> :
<input type="text" name="Femail" size="50" maxlength="100" value="<?php echo $Femail; ?>" />
<input type="submit" name="retrieve" value="<?php echo get_lang("Ok"); ?>" />
</form>
<a href="<?php echo api_get_path(WEB_PATH); ?>"><< <?php echo get_lang('Back'); ?></a>
<?php
}
} // else if (get_setting('allow_lostpassword')=="false")
Display::display_footer();
//////////////////////////////////////////////////////////////////////////////
?>
See more files for this project here