Index: branches/RC/core/units/users/users_tag_processor.php =================================================================== diff -u -r8929 -r9037 --- branches/RC/core/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 8929) +++ branches/RC/core/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 9037) @@ -27,49 +27,54 @@ function ConfirmPasswordLink($params) { - //global $m_var_list_update, $var_list_update, $objSession, $objConfig; + $code = $this->getCachedCode(); - $template = "forgotpw_reset_result"; + $fields_hash = Array ( + 'PwResetConfirm' => $code, + 'PwRequestTime' => adodb_mktime(), + ); - $tmp_user_id = $this->Application->RecallVar("tmp_user_id"); + $user_id = $this->Application->RecallVar('tmp_user_id'); + $this->Conn->doUpdate($fields_hash, TABLE_PREFIX.'PortalUser', 'PortalUserId = '.$user_id); - $saved_denerated_code = $this->Application->GetVar('saved_denerated_code'); - if ($saved_denerated_code){ - $code = $saved_denerated_code; - } - else { - $code = md5($this->GenerateCode()); - $this->Application->SetVar('saved_denerated_code', $code); - } + $params['user_key'] = $code; + if (!$this->SelectParam($params, 'template,t')) { + $params['template'] = $this->Application->GetVar('reset_confirm_template'); + } + return $this->Application->ProcessParsedTag('m', 'Link', $params); + } + /** + * Generates & caches code for password confirmation link + * + * @return string + */ + function getCachedCode() + { + static $code = null; - $sql = 'UPDATE '.TABLE_PREFIX.'PortalUser SET PwResetConfirm="'.$code.'", PwRequestTime='.adodb_mktime().' WHERE PortalUserId='.$tmp_user_id; + if (!isset($code)) { + $code = md5($this->GenerateCode()); + } - $this->Conn->Query($sql); - - $params = array_merge($params, array('pass'=>'m', 'user_key'=>$code)); - - $main_processor =& $this->Application->recallObject('m_TagProcessor'); - - return $main_processor->T($params); - + return $code; } function GenerateCode() { - list($usec, $sec) = explode(" ",microtime()); + list($usec, $sec) = explode(" ",microtime()); - $id_part_1 = substr($usec, 4, 4); - $id_part_2 = mt_rand(1,9); - $id_part_3 = substr($sec, 6, 4); - $digit_one = substr($id_part_1, 0, 1); - if ($digit_one == 0) { - $digit_one = mt_rand(1,9); - $id_part_1 = ereg_replace("^0","",$id_part_1); - $id_part_1=$digit_one.$id_part_1; - } - return $id_part_1.$id_part_2.$id_part_3; + $id_part_1 = substr($usec, 4, 4); + $id_part_2 = mt_rand(1,9); + $id_part_3 = substr($sec, 6, 4); + $digit_one = substr($id_part_1, 0, 1); + if ($digit_one == 0) { + $digit_one = mt_rand(1,9); + $id_part_1 = ereg_replace("^0","",$id_part_1); + $id_part_1=$digit_one.$id_part_1; + } + return $id_part_1.$id_part_2.$id_part_3; } function ForgottenPassword($params) @@ -79,38 +84,37 @@ function TestCodeIsValid($params) { - $passed_key = $this->Application->GetVar('user_key'); + $passed_key = trim($this->Application->GetVar('user_key')); - $user_object = &$this->Application->recallObject('u.forgot'); - // used for error reporting only -> rewrite code + theme (by Alex) $user_current_object = &$this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too /* @var $user_current_object UsersItem */ - if (strlen(trim($passed_key)) == 0) { + if (!$passed_key) { $user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid'); return false; } + $user_object =& $this->Application->recallObject('u.forgot', null, Array('skip_autoload' => true)); + /* @var $user_object UsersItems */ - if ($user_object->Load(array('PwResetConfirm'=>$passed_key))) { - $exp_time = $user_object->GetDBField('PwRequestTime') + 3600; - if ($exp_time > adodb_mktime()) - { + $user_object->Load($passed_key, 'PwResetConfirm'); - + if ($user_object->isLoaded()) { + $expiration_time = $user_object->GetDBField('PwRequestTime') + 3600; + if ($expiration_time > adodb_mktime()) { + return true; } else { $user_current_object->SetError('PwResetConfirm', 'code_expired', 'lu_code_expired'); return false; - } } else { $user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid'); return false; } - return true; + return true; } /** Fisheye: Tag 9037 refers to a dead (removed) revision in file `branches/RC/themes/default2007/platform/login/forgotpass.tpl'. Fisheye: No comparison available. Pass `N' to diff? Fisheye: Tag 9037 refers to a dead (removed) revision in file `branches/RC/themes/default2007/platform/login/forgotpass_reset.tpl'. Fisheye: No comparison available. Pass `N' to diff? Index: branches/RC/core/units/users/users_event_handler.php =================================================================== diff -u -r8929 -r9037 --- branches/RC/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 8929) +++ branches/RC/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 9037) @@ -859,8 +859,13 @@ if ($found && $allow_reset) { $this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId")); $this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email")); - $this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId")); + $confirm_template = $this->Application->GetVar('reset_confirm_template'); + if (!$confirm_template) { + $this->Application->SetVar('reset_confirm_template', 'platform/login/forgotpass_reset'); + } + $this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField('PortalUserId')); + $event->redirect = $this->Application->GetVar('template_success'); } else { @@ -916,64 +921,61 @@ function OnResetPasswordConfirmed(&$event) { - $passed_key = $this->Application->GetVar('user_key'); - - $user_object = &$this->Application->recallObject('u.forgot'); - // used for error reporting only -> rewrite code + theme (by Alex) $user_current_object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true));// TODO: change theme too /* @var $user_current_object UsersItem */ - if (strlen(trim($passed_key)) == 0) { - $event->redirect_params = array('opener' => 's', 'pass' => 'all'); + $passed_key = trim($this->Application->GetVar('user_key')); + + if (!$passed_key) { + $event->redirect_params = Array('opener' => 's', 'pass' => 'all'); $event->redirect = false; $user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid'); } + $user_object =& $this->Application->recallObject('u.forgot', null, Array('skip_autoload' => true)); + /* @var $user_object UsersItem */ - if($user_object->Load(array('PwResetConfirm'=>$passed_key))) - { + $user_object->Load($passed_key, 'PwResetConfirm'); + + if ($user_object->isLoaded()) { $exp_time = $user_object->GetDBField('PwRequestTime') + 3600; - $user_object->SetDBField("PwResetConfirm", ''); - $user_object->SetDBField("PwRequestTime", 0); - if ( $exp_time > adodb_mktime() ) - { - //$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text'; + $user_object->SetDBField('PwResetConfirm', ''); + $user_object->SetDBField('PwRequestTime', 0); + + if ($exp_time > adodb_mktime()) { $newpw = makepassword4(); $this->Application->StoreVar('password', $newpw); - $user_object->SetDBField("Password",$newpw); - $user_object->SetDBField("PassResetTime", adodb_mktime()); - $user_object->SetDBField("PwResetConfirm", ''); - $user_object->SetDBField("PwRequestTime", 0); + $user_object->SetDBField('Password', $newpw); + $user_object->SetDBField('PassResetTime', adodb_mktime()); + $user_object->SetDBField('PwResetConfirm', ''); + $user_object->SetDBField('PwRequestTime', 0); $user_object->Update(); $this->Application->SetVar('ForgottenPassword', $newpw); - $email_event_user = &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId')); - $email_event_admin = &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD'); + $email_event_user =& $this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId')); + $email_event_admin =& $this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD'); $this->Application->DeleteVar('ForgottenPassword'); - if ($email_event_user->status == erSUCCESS){ + if ($email_event_user->status == erSUCCESS) { $event->redirect_params = array('opener' => 's', 'pass' => 'all'); $event->redirect = $this->Application->GetVar('template_success'); } - $user_object->SetDBField("Password",md5($newpw)); + $user_object->SetDBField('Password', md5($newpw)); $user_object->Update(); - } else { $user_current_object->SetError('PwResetConfirm', 'code_expired', 'lu_code_expired'); $event->redirect = false; - } } else { $user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid'); $event->redirect = false; - } } Index: branches/RC/themes/default2007/platform/login/forgot_password.tpl =================================================================== diff -u --- branches/RC/themes/default2007/platform/login/forgot_password.tpl (revision 0) +++ branches/RC/themes/default2007/platform/login/forgot_password.tpl (revision 9037) @@ -0,0 +1,83 @@ + + + + + + + + + + + + + + + + + + + + + +

+ + + + + + img/grey_pix.gif" width="100%" height="1" align="absmiddle" alt="" />
+ +
+ + + "> + + + + + + "> + + + + + + + "> + + + + + + + + + " /> + ');" value=""> + +
+ +
+ + " tabindex="" style="width: 155px;"> +
+ +
+ +
+ + " tabindex="" style="width: 155px;"> +
+
+ + + + + + + + \ No newline at end of file Fisheye: Tag 9037 refers to a dead (removed) revision in file `branches/RC/themes/default2007/platform/login/forgotpass_reset_ok.tpl'. Fisheye: No comparison available. Pass `N' to diff? Index: branches/RC/themes/default2007/platform/login/forgot_password_reset.tpl =================================================================== diff -u --- branches/RC/themes/default2007/platform/login/forgot_password_reset.tpl (revision 0) +++ branches/RC/themes/default2007/platform/login/forgot_password_reset.tpl (revision 9037) @@ -0,0 +1,46 @@ + + + + + + + + + + + + + + + + + + +

+ + +
+ " class="button" /> + + " class="button" onclick="redirect('');" /> + + "/> + + + + +

+ "> +
+ + + + + + + + \ No newline at end of file Index: branches/RC/themes/default2007/platform/login/forgot_password_reset_confirm.tpl =================================================================== diff -u --- branches/RC/themes/default2007/platform/login/forgot_password_reset_confirm.tpl (revision 0) +++ branches/RC/themes/default2007/platform/login/forgot_password_reset_confirm.tpl (revision 9037) @@ -0,0 +1,35 @@ + + + + + + + + + + + + + + + + +
+ + +

+ + " class="button" onclick="redirect('');"/> + +
+ + + + + + + \ No newline at end of file Index: branches/RC/themes/default2007/platform/elements/side_boxes/login.tpl =================================================================== diff -u -r8929 -r9037 --- branches/RC/themes/default2007/platform/elements/side_boxes/login.tpl (.../login.tpl) (revision 8929) +++ branches/RC/themes/default2007/platform/elements/side_boxes/login.tpl (.../login.tpl) (revision 9037) @@ -6,13 +6,13 @@ - + - - ">
+ + ">
- + - + - + - + @@ -73,8 +73,8 @@ -
@@ -40,15 +40,15 @@ img/s.gif" alt="" width="5" height="5" border="0" />
- + + @@ -112,10 +112,10 @@ - " class="more-link" > img/side_link_str.gif" width="6" height="5" alt="" />
+ " class="more-link" > img/side_link_str.gif" width="6" height="5" alt="" />
 - " class="more-link" >? img/side_link_str.gif" width="6" height="5" alt="" /> + " class="more-link" >? img/side_link_str.gif" width="6" height="5" alt="" /> " />