kanoi
10 years ago
7 changed files with 548 additions and 43 deletions
@ -0,0 +1,116 @@
|
||||
<?php |
||||
# |
||||
# FYI see PEAR::Mail for functions to add for batch email |
||||
# |
||||
global $eol; |
||||
$eol = "\r\n"; |
||||
# |
||||
function fullsend($to, $subject, $message, $headers, $extra = null) |
||||
{ |
||||
if ($extra == null) |
||||
$ret = mail($to, $subject, $message, $headers); |
||||
else |
||||
$ret = mail($to, $subject, $message, $headers, $extra); |
||||
|
||||
if ($ret == false) |
||||
error_log("CKPWARN: ".gmdate("Y-m-d H:i:s \\U\\T\\C"). |
||||
" sendmail failed? to: '$to'"); |
||||
|
||||
return $ret; |
||||
} |
||||
# |
||||
function sendnoheader($to, $subject, $message, $emailinfo) |
||||
{ |
||||
global $eol; |
||||
|
||||
if (!isset($emailinfo['KNoReply'])) |
||||
return false; |
||||
|
||||
$noreply = $emailinfo['KNoReply']; |
||||
|
||||
$headers = "From: $noreply$eol"; |
||||
$headers .= "X-Mailer: ."; |
||||
|
||||
return fullsend($to, $subject, $message, $headers, "-f$noreply"); |
||||
} |
||||
# |
||||
function dontReply($emailinfo) |
||||
{ |
||||
global $eol; |
||||
|
||||
if (!isset($emailinfo['KWebURL'])) |
||||
return false; |
||||
|
||||
$web = $emailinfo['KWebURL']; |
||||
|
||||
$message = "P.S. don't reply to this e-mail, no one will get the reply$eol"; |
||||
$message .= "There is a contact e-mail address (that changes often)$eol"; |
||||
$message .= "at $web/ or visit us on FreeNode IRC #ckpool$eol"; |
||||
|
||||
return $message; |
||||
} |
||||
# |
||||
function emailEnd($the, $whoip, $emailinfo) |
||||
{ |
||||
global $eol; |
||||
|
||||
$ret = dontReply($emailinfo); |
||||
if ($ret === false) |
||||
return false; |
||||
|
||||
$message = "This $the was made '".gmdate("Y-M-d H:i:s \\U\\T\\C"); |
||||
$message .= "' by '$whoip'$eol$eol"; |
||||
$message .= $ret; |
||||
|
||||
return $message; |
||||
} |
||||
# |
||||
function passWasReset($to, $whoip, $emailinfo) |
||||
{ |
||||
global $eol; |
||||
|
||||
if (!isset($emailinfo['KWebURL'])) |
||||
return false; |
||||
|
||||
$web = $emailinfo['KWebURL']; |
||||
|
||||
$ret = emailEnd('reset', $whoip, $emailinfo); |
||||
if ($ret === false) |
||||
return false; |
||||
|
||||
$message = "Your password has been reset.$eol$eol"; |
||||
$message .= $ret; |
||||
|
||||
return sendnoheader($to, "Password Reset", $message, $emailinfo); |
||||
} |
||||
# |
||||
function passReset($to, $code, $whoip, $emailinfo) |
||||
{ |
||||
global $eol; |
||||
|
||||
if (!isset($emailinfo['KWebURL'])) |
||||
return false; |
||||
|
||||
$web = $emailinfo['KWebURL']; |
||||
|
||||
$ret = emailEnd('password reset', $whoip, $emailinfo); |
||||
if ($ret === false) |
||||
return false; |
||||
|
||||
$message = "Someone requested to reset your password.$eol$eol"; |
||||
$message .= "You can ignore this message since nothing has changed yet,$eol"; |
||||
$message .= "or click on the link below to reset your password.$eol"; |
||||
$message .= "$web/index.php?k=reset&code=$code$eol$eol"; |
||||
$message .= $ret; |
||||
|
||||
return sendnoheader($to, "Password Reset", $message, $emailinfo); |
||||
} |
||||
# |
||||
# getOpts required for email |
||||
# If they aren't all setup in the DB then email functions will return false |
||||
function emailOptList() |
||||
{ |
||||
return 'KWebURL,KNoReply'; |
||||
} |
||||
# |
||||
?> |
@ -0,0 +1,166 @@
|
||||
<?php |
||||
# |
||||
include_once('socket.php'); |
||||
include_once('email.php'); |
||||
# |
||||
function allow_reset($error) |
||||
{ |
||||
$pg = '<br><br><table cellpadding=5 cellspacing=0 border=1><tr><td class=dc>'; |
||||
|
||||
$pg .= '<h1>Password Reset</h1>'; |
||||
if ($error !== null) |
||||
$pg .= "<br><b>$error - please try again</b><br><br>"; |
||||
$pg .= makeForm('reset'); |
||||
$pg .= " |
||||
<table> |
||||
<tr><td class=dc colspan=2>Enter a new password twice.<br> |
||||
" . passrequires() . " |
||||
<input type=hidden name=k value=reset></td></tr> |
||||
<tr><td class=dr>Password:</td> |
||||
<td class=dl><input type=password name=pass></td></tr> |
||||
<tr><td class=dr>Retype Password:</td> |
||||
<td class=dl><input type=password name=pass2></td></tr> |
||||
<tr><td> </td> |
||||
<td class=dl><input type=submit name=Update value=Update></td></tr> |
||||
<tr><td colspan=2 class=dc><br><font size=-1><span class=st1>*</span> |
||||
All fields are required</font></td></tr> |
||||
</table> |
||||
</form>"; |
||||
|
||||
$pg .= '</td></tr></table>'; |
||||
|
||||
return $pg; |
||||
} |
||||
# |
||||
function yok() |
||||
{ |
||||
$pg = '<h1>Password Reset</h1>'; |
||||
$pg .= '<br>Your password has been reset,'; |
||||
$pg .= '<br>login with it on the Home page.'; |
||||
return $pg; |
||||
} |
||||
# |
||||
function resetfail() |
||||
{ |
||||
if (isset($_SESSION['reset_user'])) |
||||
unset($_SESSION['reset_user']); |
||||
if (isset($_SESSION['reset_hash'])) |
||||
unset($_SESSION['reset_hash']); |
||||
if (isset($_SESSION['reset_email'])) |
||||
unset($_SESSION['reset_email']); |
||||
$pg = '<h1>Reset Failed</h1>'; |
||||
$pg .= '<br>Try again from the Home page Register/Reset button later'; |
||||
return $pg; |
||||
} |
||||
# |
||||
function dbreset() |
||||
{ |
||||
$user = $_SESSION['reset_user']; |
||||
$hash = $_SESSION['reset_hash']; |
||||
$email = $_SESSION['reset_email']; |
||||
|
||||
$pass = getparam('pass', true); |
||||
$pass2 = getparam('pass2', true); |
||||
|
||||
if (nuem($pass) || nuem($pass2)) |
||||
return allow_reset('Enter both passwords'); |
||||
|
||||
if ($pass2 != $pass) |
||||
return allow_reset("Passwords don't match"); |
||||
|
||||
if (safepass($pass) !== true) |
||||
return allow_reset('Password is unsafe'); |
||||
|
||||
$ans = getAtts($user, 'KReset.str,KReset.dateexp'); |
||||
if ($ans['STATUS'] != 'ok') |
||||
return resetfail(); |
||||
|
||||
if (!isset($ans['KReset.dateexp']) || $ans['KReset.dateexp'] == 'Y') |
||||
return resetfail(); |
||||
|
||||
if (!isset($ans['KReset.str']) || $ans['KReset.str'] != $hash) |
||||
return resetfail(); |
||||
|
||||
$emailinfo = getOpts($user, emailOptList()); |
||||
if ($emailinfo['STATUS'] != 'ok') |
||||
syserror(); |
||||
|
||||
$ans = resetPass($user, $pass); |
||||
if ($ans['STATUS'] != 'ok') |
||||
syserror(); |
||||
|
||||
unset($_SESSION['reset_user']); |
||||
unset($_SESSION['reset_hash']); |
||||
unset($_SESSION['reset_email']); |
||||
|
||||
$ans = expAtts($user, 'KReset'); |
||||
|
||||
$ok = passWasReset($email, zeip(), $emailinfo); |
||||
|
||||
return yok(); |
||||
} |
||||
# |
||||
function doreset($data, $u) |
||||
{ |
||||
// Slow this right down |
||||
usleep(500000); |
||||
|
||||
if (isset($_SESSION['reset_user']) |
||||
&& isset($_SESSION['reset_hash']) |
||||
&& isset($_SESSION['reset_email'])) |
||||
return dbreset(); |
||||
|
||||
$code = getparam('code', true); |
||||
if (nuem($code)) |
||||
return resetfail(); |
||||
|
||||
$codes = explode('_', $code, 2); |
||||
|
||||
if (sizeof($codes) != 2) |
||||
return resetfail(); |
||||
|
||||
$userhex = $codes[0]; |
||||
|
||||
if (strlen($userhex) == 0 || strlen($userhex) % 2) |
||||
return resetfail(); |
||||
|
||||
$user = loginStr(pack("H*" , $userhex)); |
||||
|
||||
$hash = preg_replace('/[^A-Fa-f0-9]/', '', $codes[1]); |
||||
|
||||
if (!nuem($user) && !nuem($hash)) |
||||
{ |
||||
$ans = getAtts($user, 'KReset.str,KReset.dateexp'); |
||||
if ($ans['STATUS'] != 'ok') |
||||
return resetfail(); |
||||
|
||||
if (!isset($ans['KReset.dateexp']) || $ans['KReset.dateexp'] == 'Y') |
||||
return resetfail(); |
||||
|
||||
if (!isset($ans['KReset.str']) || $ans['KReset.str'] != $hash) |
||||
return resetfail(); |
||||
|
||||
$ans = userSettings($user); |
||||
if ($ans['STATUS'] != 'ok') |
||||
return resetfail(); |
||||
|
||||
if (!isset($ans['email'])) |
||||
return resetfail(); |
||||
|
||||
$email = $ans['email']; |
||||
|
||||
$_SESSION['reset_user'] = $user; |
||||
$_SESSION['reset_hash'] = $hash; |
||||
$_SESSION['reset_email'] = $email; |
||||
|
||||
return allow_reset(null); |
||||
} |
||||
return resetfail(); |
||||
} |
||||
# |
||||
function show_reset($page, $menu, $name, $u) |
||||
{ |
||||
gopage(array(), 'doreset', $page, $menu, $name, $u, true, true, false); |
||||
} |
||||
# |
||||
?> |
Loading…
Reference in new issue