units/invite/new_password.php

   1 <?php
   2 global $CFG;
   3 // Generate a new password
   4
   5 $sitename = sitename;
   6
   7 $code = trim(optional_param('passwordcode'));
   8 if (!empty($code)) {
   9     if ($details = get_record_sql('SELECT pr.ident AS passcodeid,u.* FROM '.$CFG->prefix.'password_requests pr
  10                                    JOIN '.$CFG->prefix."users u ON u.ident = pr.owner
  11                                    WHERE pr.code = ? AND u.user_type = ?",array($code,'person'))) {
  12
  13         $passwordDesc = sprintf(__gettext("A new password has been emailed to you at %s. You should be able to use it immediately; your old one has been deactivated."),$details->email);
  14         $run_result .= <<< END
  15
  16     <p>
  17         $passwordDesc
  18     </p>
  19 END;
  20
  21         $validcharset = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnpqrstuvwxyz234567898765432";
  22         $newpassword = "";
  23         for ($i = 0; $i < 8; $i++) {
  24             $newpassword .= $validcharset[mt_rand(0, (strlen($validcharset) - 1))];
  25         }
  26         $newpassword = strtolower($newpassword);
  27
  28         $sitename = sitename;
  29
  30         email_to_user($details, null, sprintf(__gettext("Your %s password"), $sitename), sprintf(__gettext("Your %s password has been reset.\n\nFor your records, your new password is:\n\n\tPassword: %s\n\nPlease consider changing your password as soon as you have logged in for security reasons.\n\nWe hope you continue to enjoy using the system.\n\nRegards,\n\nThe %s Team"),$sitename, $newpassword, $sitename));
  31         $newpassword = md5($newpassword);
  32         set_field('users','password',$newpassword,'ident',$details->ident);
  33         delete_records('password_requests','owner',$details->ident);
  34
  35     } else {
  36
  37         $passwordDesc2 = __gettext("Your password request code appears to be invalid. Try generating a new one?");
  38         $run_result .= <<< END
  39
  40     <p>
  41         $passwordDesc2
  42     </p>
  43
  44 END;
  45
  46     }
  47
  48 } else {
  49     $passwordDesc3 = __gettext("Your password request code appears to be invalid. Try generating a new one?");
  50     $run_result .= <<< END
  51
  52     <p>
  53         $passwordDesc3
  54     </p>
  55
  56 END;
  57
  58 }
  59
  60 ?>