123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185 |
- <?php
- namespace dokuwiki\Action;
- use dokuwiki\Action\Exception\ActionAbort;
- use dokuwiki\Action\Exception\ActionDisabledException;
- use dokuwiki\Extension\AuthPlugin;
- use dokuwiki\Ui;
- /**
- * Class Resendpwd
- *
- * Handle password recovery
- *
- * @package dokuwiki\Action
- */
- class Resendpwd extends AbstractAclAction
- {
- /** @inheritdoc */
- public function minimumPermission()
- {
- return AUTH_NONE;
- }
- /** @inheritdoc */
- public function checkPreconditions()
- {
- parent::checkPreconditions();
- /** @var AuthPlugin $auth */
- global $auth;
- global $conf;
- if (isset($conf['resendpasswd']) && !$conf['resendpasswd'])
- throw new ActionDisabledException(); //legacy option
- if (!$auth->canDo('modPass')) throw new ActionDisabledException();
- }
- /** @inheritdoc */
- public function preProcess()
- {
- if ($this->resendpwd()) {
- throw new ActionAbort('login');
- }
- }
- /** @inheritdoc */
- public function tplContent()
- {
- (new Ui\UserResendPwd)->show();
- }
- /**
- * Send a new password
- *
- * This function handles both phases of the password reset:
- *
- * - handling the first request of password reset
- * - validating the password reset auth token
- *
- * @author Benoit Chesneau <benoit@bchesneau.info>
- * @author Chris Smith <chris@jalakai.co.uk>
- * @author Andreas Gohr <andi@splitbrain.org>
- * @fixme this should be split up into multiple methods
- * @return bool true on success, false on any error
- */
- protected function resendpwd()
- {
- global $lang;
- global $conf;
- /* @var AuthPlugin $auth */
- global $auth;
- global $INPUT;
- if (!actionOK('resendpwd')) {
- msg($lang['resendna'], -1);
- return false;
- }
- $token = preg_replace('/[^a-f0-9]+/', '', $INPUT->str('pwauth'));
- if ($token) {
- // we're in token phase - get user info from token
- $tfile = $conf['cachedir'] .'/'. $token[0] .'/'. $token . '.pwauth';
- if (!file_exists($tfile)) {
- msg($lang['resendpwdbadauth'], -1);
- $INPUT->remove('pwauth');
- return false;
- }
- // token is only valid for 3 days
- if ((time() - filemtime($tfile)) > (3 * 60 * 60 * 24)) {
- msg($lang['resendpwdbadauth'], -1);
- $INPUT->remove('pwauth');
- @unlink($tfile);
- return false;
- }
- $user = io_readfile($tfile);
- $userinfo = $auth->getUserData($user, $requireGroups = false);
- if (!$userinfo['mail']) {
- msg($lang['resendpwdnouser'], -1);
- return false;
- }
- if (!$conf['autopasswd']) { // we let the user choose a password
- $pass = $INPUT->str('pass');
- // password given correctly?
- if (!$pass) return false;
- if ($pass != $INPUT->str('passchk')) {
- msg($lang['regbadpass'], -1);
- return false;
- }
- // change it
- if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
- msg($lang['proffail'], -1);
- return false;
- }
- } else { // autogenerate the password and send by mail
- $pass = auth_pwgen($user);
- if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
- msg($lang['proffail'], -1);
- return false;
- }
- if (auth_sendPassword($user, $pass)) {
- msg($lang['resendpwdsuccess'], 1);
- } else {
- msg($lang['regmailfail'], -1);
- }
- }
- @unlink($tfile);
- return true;
- } else {
- // we're in request phase
- if (!$INPUT->post->bool('save')) return false;
- if (!$INPUT->post->str('login')) {
- msg($lang['resendpwdmissing'], -1);
- return false;
- } else {
- $user = trim($auth->cleanUser($INPUT->post->str('login')));
- }
- $userinfo = $auth->getUserData($user, $requireGroups = false);
- if (!$userinfo['mail']) {
- msg($lang['resendpwdnouser'], -1);
- return false;
- }
- // generate auth token
- $token = md5(auth_randombytes(16)); // random secret
- $tfile = $conf['cachedir'] .'/'. $token[0] .'/'. $token .'.pwauth';
- $url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&');
- io_saveFile($tfile, $user);
- $text = rawLocale('pwconfirm');
- $trep = array(
- 'FULLNAME' => $userinfo['name'],
- 'LOGIN' => $user,
- 'CONFIRM' => $url
- );
- $mail = new \Mailer();
- $mail->to($userinfo['name'] .' <'. $userinfo['mail'] .'>');
- $mail->subject($lang['regpwmail']);
- $mail->setBody($text, $trep);
- if ($mail->send()) {
- msg($lang['resendpwdconfirm'], 1);
- } else {
- msg($lang['regmailfail'], -1);
- }
- return true;
- }
- // never reached
- }
- }
|