'."\n"; $headers.= 'Reply-To: '.$from."\n"; $options = '-f '.$from; $subject = l10n('password updated'); $content = $infos; $content.= "\n\n-- \nPhpWebGallery ".PHPWG_VERSION; return mail($to, $subject, $content, $headers, $options); } // +-----------------------------------------------------------------------+ // | send a new password | // +-----------------------------------------------------------------------+ $page['errors'] = array(); $page['infos'] = array(); if (isset($_POST['submit'])) { // in case of error, creation of mailto link $query = ' SELECT '.$conf['user_fields']['email'].' FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['id'].' = '.$conf['webmaster_id'].' ;'; list($mail_webmaster) = mysql_fetch_array(pwg_query($query)); $mailto = '' .l10n('Contact webmaster') .'' ; if (isset($_POST['no_mail_address']) and $_POST['no_mail_address'] == 1) { array_push($page['infos'], l10n('Email address is missing')); array_push($page['infos'], $mailto); } else if (isset($_POST['mail_address']) and !empty($_POST['mail_address'])) { $mail_address = mysql_escape_string($_POST['mail_address']); $query = ' SELECT '.$conf['user_fields']['id'].' AS id , '.$conf['user_fields']['username'].' AS username , '.$conf['user_fields']['email'].' AS email FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['email'].' = \''.$mail_address.'\' ;'; $result = pwg_query($query); if (mysql_num_rows($result) > 0) { $error_on_mail = false; $datas = array(); while ($row = mysql_fetch_array($result)) { $new_password = generate_key(6); $infos = l10n('Username').': '.$row['username'] ."\n".l10n('Password').': '.$new_password ; if (pwg_mail($row['email'], $mail_webmaster, $infos)) { $data = array( $conf['user_fields']['id'] => $row['id'], $conf['user_fields']['password'] => $conf['pass_convert']($new_password) ); array_push($datas, $data); } else { $error_on_mail = true; } } if ($error_on_mail) { array_push($page['errors'], l10n('Error sending email')); array_push($page['errors'], $mailto); } else { include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); mass_updates( USERS_TABLE, array( 'primary' => array($conf['user_fields']['id']), 'update' => array($conf['user_fields']['password']) ), $datas ); array_push($page['infos'], l10n('New password sent by email')); } } else { array_push($page['errors'], l10n('No user matches this email address')); array_push($page['errors'], $mailto); } } } // +-----------------------------------------------------------------------+ // | template initialization | // +-----------------------------------------------------------------------+ $title = l10n('Forgot your password?'); $page['body_id'] = 'thePasswordPage'; include(PHPWG_ROOT_PATH.'include/page_header.php'); $template->set_filenames(array('password'=>'password.tpl')); $template->assign_vars( array( 'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php') ) ); // +-----------------------------------------------------------------------+ // | infos & errors display | // +-----------------------------------------------------------------------+ if (count($page['errors']) != 0) { $template->assign_block_vars('errors', array()); foreach ($page['errors'] as $error) { $template->assign_block_vars( 'errors.error', array( 'ERROR' => $error ) ); } } if (count($page['infos']) != 0) { $template->assign_block_vars('infos', array()); foreach ($page['infos'] as $info) { $template->assign_block_vars( 'infos.info', array( 'INFO' => $info ) ); } } // +-----------------------------------------------------------------------+ // | html code display | // +-----------------------------------------------------------------------+ $template->parse('password'); include(PHPWG_ROOT_PATH.'include/page_tail.php'); ?>