aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2011-08-24 20:03:53 +0000
committerplegall <plg@piwigo.org>2011-08-24 20:03:53 +0000
commit2de0f01dce5913dcca68c28376205f0a6d473b7c (patch)
tree6eb4b4a2011ba5cc05fa4a37ecec4bac2ef646ec /include
parentc1d7fbebdde17a90f8cb42e7a4c3fa551dcb6b79 (diff)
feature 2027 implemented: the "lost password" feature was rewritten.
The algorithm is highly inspired from WordPress : 1) in a single field, you give a username or an email 2) Piwigo sends an email with the activation key 3) the user clicks on the link in the email (with the activation key) and is able to set a new password The "lost password" feature is no longer limited to "classic" users: administrators and webmasters can use it too (no need to tell webmasters that they can only change their password in the database) git-svn-id: http://piwigo.org/svn/trunk@11992 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include')
-rw-r--r--include/functions_user.inc.php48
1 files changed, 48 insertions, 0 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 4c4f37994..6a7c590ab 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -798,6 +798,31 @@ SELECT '.$conf['user_fields']['id'].'
}
}
+function get_userid_by_email($email)
+{
+ global $conf;
+
+ $email = pwg_db_real_escape_string($email);
+
+ $query = '
+SELECT
+ '.$conf['user_fields']['id'].'
+ FROM '.USERS_TABLE.'
+ WHERE UPPER('.$conf['user_fields']['email'].') = UPPER(\''.$email.'\')
+;';
+ $result = pwg_query($query);
+
+ if (pwg_db_num_rows($result) == 0)
+ {
+ return false;
+ }
+ else
+ {
+ list($user_id) = pwg_db_fetch_row($result);
+ return $user_id;
+ }
+}
+
/**
* search an available feed_id
*
@@ -1472,4 +1497,27 @@ function get_sql_condition_FandF(
return $sql;
}
+/**
+ * search an available activation_key
+ *
+ * @return string
+ */
+function get_user_activation_key()
+{
+ while (true)
+ {
+ $key = generate_key(20);
+ $query = '
+SELECT COUNT(*)
+ FROM '.USER_INFOS_TABLE.'
+ WHERE activation_key = \''.$key.'\'
+;';
+ list($count) = pwg_db_fetch_row(pwg_query($query));
+ if (0 == $count)
+ {
+ return $key;
+ }
+ }
+}
+
?> \ No newline at end of file