search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Move reset key submission to a separate function
[aur.git] / web / html / passreset.php
blob94a1ad98d00132e72e14d7d6b2aebbbdb8ffac09
1 <?php
2
3 set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
4
5 include_once("aur.inc.php"); # access AUR common functions
6
7 set_lang(); # this sets up the visitor's language
8 check_sid(); # see if they're still logged in
9
10 if (isset($_COOKIE["AURSID"])) {
11 header('Location: /');
12 exit();
13 }
14
15 $error = '';
16
17 if (isset($_GET['resetkey'], $_POST['email'], $_POST['password'], $_POST['confirm'])) {
18 $resetkey = $_GET['resetkey'];
19 $email = $_POST['email'];
20 $password = $_POST['password'];
21 $confirm = $_POST['confirm'];
22 $uid = uid_from_email($email);
23
24 if (empty($email) || empty($password)) {
25 $error = __('Missing a required field.');
26 } elseif ($password != $confirm) {
27 $error = __('Password fields do not match.');
28 } elseif ($uid == NULL || $uid == 'None') {
29 $error = __('Invalid e-mail.');
30 }
31
32 if (empty($error)) {
33 $salt = generate_salt();
34 $hash = salted_hash($password, $salt);
35
36 $error = password_reset($hash, $salt, $resetkey, $email);
37 }
38 } elseif (isset($_POST['email'])) {
39 $email = $_POST['email'];
40 $body = __('A password reset request was submitted for the account '.
41 'associated with your e-mail address. If you wish to reset '.
42 'your password follow the link below, otherwise ignore '.
43 'this message and nothing will happen.').
44 send_resetkey($email, $body);
45
46 header('Location: ' . get_uri('/passreset/') . '?step=confirm');
47 exit();
48 }
49
50 $step = isset($_GET['step']) ? $_GET['step'] : NULL;
51
52 html_header(__("Password Reset"));
53
54 ?>
55
56 <div class="box">
57 <h2><?= __("Password Reset"); ?></h2>
58
59 <?php if ($error): ?>
60 <p><span class="error"><?= $error ?></span></p>
61 <?php endif;?>
62 <?php
63 if ($step == 'confirm') {
64 echo __('Check your e-mail for the confirmation link.');
65 } elseif ($step == 'complete') {
66 echo __('Your password has been reset successfully.');
67 } elseif (isset($_GET['resetkey'])) {
68 ?>
69 <form action="" method="post">
70 <table>
71 <tr>
72 <td><?= __("Confirm your e-mail address:"); ?></td>
73 <td><input type="text" name="email" size="30" maxlength="64" /></td>
74 </tr>
75 <tr>
76 <td><?= __("Enter your new password:"); ?></td>
77 <td><input type="password" name="password" size="30" /></td>
78 </tr>
79 <tr>
80 <td><?= __("Confirm your new password:"); ?></td>
81 <td><input type="password" name="confirm" size="30" /></td>
82 </tr>
83 </table>
84 <br />
85 <input type="submit" class="button" value="<?= __('Continue') ?>" />
86 </form>
87 <?php
88 } else {
89 ?>
90 <p><?= __('If you have forgotten the e-mail address you used to register, please send a message to the %saur-general%s mailing list.',
91 '<a href="https://mailman.archlinux.org/mailman/listinfo/aur-general">',
92 '</a>'); ?></p>
93 <form action="" method="post">
94 <p><?= __("Enter your e-mail address:"); ?>
95 <input type="text" name="email" size="30" maxlength="64" /></p>
96 <input type="submit" class="button" value="<?= __('Continue') ?>" />
97 </form>
98 <?php } ?>
99 </div>
100
101 <?php
102
103 html_footer(AUR_VERSION);
Arch User-Community Repository (AUR)