xref: /dokuwiki/inc/Action/Resendpwd.php (revision 2401f18d305c5060bd60ef150d62bbf916c4e7c1) 
1f21dad39SAndreas Gohr<?php
2f21dad39SAndreas Gohr
3f21dad39SAndreas Gohrnamespace dokuwiki\Action;
4f21dad39SAndreas Gohr
5f21dad39SAndreas Gohruse dokuwiki\Action\Exception\ActionAbort;
6480336a3SAndreas Gohruse dokuwiki\Action\Exception\ActionDisabledException;
7f21dad39SAndreas Gohr
8ab583a1bSAndreas Gohr/**
9ab583a1bSAndreas Gohr * Class Resendpwd
10ab583a1bSAndreas Gohr *
11ab583a1bSAndreas Gohr * Handle password recovery
12ab583a1bSAndreas Gohr *
13ab583a1bSAndreas Gohr * @package dokuwiki\Action
14ab583a1bSAndreas Gohr */
15f21dad39SAndreas Gohrclass Resendpwd extends AbstractAclAction {
16f21dad39SAndreas Gohr
17f21dad39SAndreas Gohr    /** @inheritdoc */
18ec701221SAndreas Gohr    public function minimumPermission() {
19f21dad39SAndreas Gohr        return AUTH_NONE;
20f21dad39SAndreas Gohr    }
21f21dad39SAndreas Gohr
22f21dad39SAndreas Gohr    /** @inheritdoc */
23b2c9cd19SAndreas Gohr    public function checkPreconditions() {
24b2c9cd19SAndreas Gohr        parent::checkPreconditions();
25480336a3SAndreas Gohr
26e1d9dcc8SAndreas Gohr        /** @var \dokuwiki\Extension\AuthPlugin $auth */
27480336a3SAndreas Gohr        global $auth;
28480336a3SAndreas Gohr        global $conf;
29480336a3SAndreas Gohr        if(isset($conf['resendpasswd']) && !$conf['resendpasswd']) throw new ActionDisabledException(); //legacy option
30480336a3SAndreas Gohr        if(!$auth->canDo('modPass')) throw new ActionDisabledException();
31480336a3SAndreas Gohr    }
32480336a3SAndreas Gohr
33480336a3SAndreas Gohr    /** @inheritdoc */
34f21dad39SAndreas Gohr    public function preProcess() {
35f21dad39SAndreas Gohr        if($this->resendpwd()) {
36f21dad39SAndreas Gohr            throw new ActionAbort('login');
37f21dad39SAndreas Gohr        }
38f21dad39SAndreas Gohr    }
39f21dad39SAndreas Gohr
404347c5bbSAndreas Gohr    /** @inheritdoc */
414347c5bbSAndreas Gohr    public function tplContent() {
424347c5bbSAndreas Gohr        html_resendpwd();
434347c5bbSAndreas Gohr    }
444347c5bbSAndreas Gohr
45f21dad39SAndreas Gohr    /**
46f21dad39SAndreas Gohr     * Send a  new password
47f21dad39SAndreas Gohr     *
48f21dad39SAndreas Gohr     * This function handles both phases of the password reset:
49f21dad39SAndreas Gohr     *
50f21dad39SAndreas Gohr     *   - handling the first request of password reset
51f21dad39SAndreas Gohr     *   - validating the password reset auth token
52f21dad39SAndreas Gohr     *
53f21dad39SAndreas Gohr     * @author Benoit Chesneau <benoit@bchesneau.info>
54f21dad39SAndreas Gohr     * @author Chris Smith <chris@jalakai.co.uk>
55f21dad39SAndreas Gohr     * @author Andreas Gohr <andi@splitbrain.org>
56f21dad39SAndreas Gohr     * @fixme this should be split up into multiple methods
57f21dad39SAndreas Gohr     * @return bool true on success, false on any error
58f21dad39SAndreas Gohr     */
59d5d08c05SAndreas Gohr    protected function resendpwd() {
60f21dad39SAndreas Gohr        global $lang;
61f21dad39SAndreas Gohr        global $conf;
62e1d9dcc8SAndreas Gohr        /* @var \dokuwiki\Extension\AuthPlugin $auth */
63f21dad39SAndreas Gohr        global $auth;
64f21dad39SAndreas Gohr        global $INPUT;
65f21dad39SAndreas Gohr
66f21dad39SAndreas Gohr        if(!actionOK('resendpwd')) {
67f21dad39SAndreas Gohr            msg($lang['resendna'], -1);
68f21dad39SAndreas Gohr            return false;
69f21dad39SAndreas Gohr        }
70f21dad39SAndreas Gohr
71f21dad39SAndreas Gohr        $token = preg_replace('/[^a-f0-9]+/', '', $INPUT->str('pwauth'));
72f21dad39SAndreas Gohr
73f21dad39SAndreas Gohr        if($token) {
74f21dad39SAndreas Gohr            // we're in token phase - get user info from token
75f21dad39SAndreas Gohr
76*2401f18dSSyntaxseed            $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
77f21dad39SAndreas Gohr            if(!file_exists($tfile)) {
78f21dad39SAndreas Gohr                msg($lang['resendpwdbadauth'], -1);
79f21dad39SAndreas Gohr                $INPUT->remove('pwauth');
80f21dad39SAndreas Gohr                return false;
81f21dad39SAndreas Gohr            }
82f21dad39SAndreas Gohr            // token is only valid for 3 days
83f21dad39SAndreas Gohr            if((time() - filemtime($tfile)) > (3 * 60 * 60 * 24)) {
84f21dad39SAndreas Gohr                msg($lang['resendpwdbadauth'], -1);
85f21dad39SAndreas Gohr                $INPUT->remove('pwauth');
86f21dad39SAndreas Gohr                @unlink($tfile);
87f21dad39SAndreas Gohr                return false;
88f21dad39SAndreas Gohr            }
89f21dad39SAndreas Gohr
90f21dad39SAndreas Gohr            $user = io_readfile($tfile);
91f21dad39SAndreas Gohr            $userinfo = $auth->getUserData($user, $requireGroups = false);
92f21dad39SAndreas Gohr            if(!$userinfo['mail']) {
93f21dad39SAndreas Gohr                msg($lang['resendpwdnouser'], -1);
94f21dad39SAndreas Gohr                return false;
95f21dad39SAndreas Gohr            }
96f21dad39SAndreas Gohr
97f21dad39SAndreas Gohr            if(!$conf['autopasswd']) { // we let the user choose a password
98f21dad39SAndreas Gohr                $pass = $INPUT->str('pass');
99f21dad39SAndreas Gohr
100f21dad39SAndreas Gohr                // password given correctly?
101f21dad39SAndreas Gohr                if(!$pass) return false;
102f21dad39SAndreas Gohr                if($pass != $INPUT->str('passchk')) {
103f21dad39SAndreas Gohr                    msg($lang['regbadpass'], -1);
104f21dad39SAndreas Gohr                    return false;
105f21dad39SAndreas Gohr                }
106f21dad39SAndreas Gohr
107f21dad39SAndreas Gohr                // change it
108f21dad39SAndreas Gohr                if(!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
109f21dad39SAndreas Gohr                    msg($lang['proffail'], -1);
110f21dad39SAndreas Gohr                    return false;
111f21dad39SAndreas Gohr                }
112f21dad39SAndreas Gohr
113f21dad39SAndreas Gohr            } else { // autogenerate the password and send by mail
114f21dad39SAndreas Gohr
115f21dad39SAndreas Gohr                $pass = auth_pwgen($user);
116f21dad39SAndreas Gohr                if(!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) {
117f21dad39SAndreas Gohr                    msg($lang['proffail'], -1);
118f21dad39SAndreas Gohr                    return false;
119f21dad39SAndreas Gohr                }
120f21dad39SAndreas Gohr
121f21dad39SAndreas Gohr                if(auth_sendPassword($user, $pass)) {
122f21dad39SAndreas Gohr                    msg($lang['resendpwdsuccess'], 1);
123f21dad39SAndreas Gohr                } else {
124f21dad39SAndreas Gohr                    msg($lang['regmailfail'], -1);
125f21dad39SAndreas Gohr                }
126f21dad39SAndreas Gohr            }
127f21dad39SAndreas Gohr
128f21dad39SAndreas Gohr            @unlink($tfile);
129f21dad39SAndreas Gohr            return true;
130f21dad39SAndreas Gohr
131f21dad39SAndreas Gohr        } else {
132f21dad39SAndreas Gohr            // we're in request phase
133f21dad39SAndreas Gohr
134f21dad39SAndreas Gohr            if(!$INPUT->post->bool('save')) return false;
135f21dad39SAndreas Gohr
136f21dad39SAndreas Gohr            if(!$INPUT->post->str('login')) {
137f21dad39SAndreas Gohr                msg($lang['resendpwdmissing'], -1);
138f21dad39SAndreas Gohr                return false;
139f21dad39SAndreas Gohr            } else {
140f21dad39SAndreas Gohr                $user = trim($auth->cleanUser($INPUT->post->str('login')));
141f21dad39SAndreas Gohr            }
142f21dad39SAndreas Gohr
143f21dad39SAndreas Gohr            $userinfo = $auth->getUserData($user, $requireGroups = false);
144f21dad39SAndreas Gohr            if(!$userinfo['mail']) {
145f21dad39SAndreas Gohr                msg($lang['resendpwdnouser'], -1);
146f21dad39SAndreas Gohr                return false;
147f21dad39SAndreas Gohr            }
148f21dad39SAndreas Gohr
149f21dad39SAndreas Gohr            // generate auth token
150f21dad39SAndreas Gohr            $token = md5(auth_randombytes(16)); // random secret
151*2401f18dSSyntaxseed            $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
152f21dad39SAndreas Gohr            $url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&');
153f21dad39SAndreas Gohr
154f21dad39SAndreas Gohr            io_saveFile($tfile, $user);
155f21dad39SAndreas Gohr
156f21dad39SAndreas Gohr            $text = rawLocale('pwconfirm');
157f21dad39SAndreas Gohr            $trep = array(
158f21dad39SAndreas Gohr                'FULLNAME' => $userinfo['name'],
159f21dad39SAndreas Gohr                'LOGIN' => $user,
160f21dad39SAndreas Gohr                'CONFIRM' => $url
161f21dad39SAndreas Gohr            );
162f21dad39SAndreas Gohr
163f21dad39SAndreas Gohr            $mail = new \Mailer();
164f21dad39SAndreas Gohr            $mail->to($userinfo['name'] . ' <' . $userinfo['mail'] . '>');
165f21dad39SAndreas Gohr            $mail->subject($lang['regpwmail']);
166f21dad39SAndreas Gohr            $mail->setBody($text, $trep);
167f21dad39SAndreas Gohr            if($mail->send()) {
168f21dad39SAndreas Gohr                msg($lang['resendpwdconfirm'], 1);
169f21dad39SAndreas Gohr            } else {
170f21dad39SAndreas Gohr                msg($lang['regmailfail'], -1);
171f21dad39SAndreas Gohr            }
172f21dad39SAndreas Gohr            return true;
173f21dad39SAndreas Gohr        }
174f21dad39SAndreas Gohr        // never reached
175f21dad39SAndreas Gohr    }
176f21dad39SAndreas Gohr
177f21dad39SAndreas Gohr}
178