1f21dad39SAndreas Gohr<?php 2f21dad39SAndreas Gohr 3f21dad39SAndreas Gohrnamespace dokuwiki\Action; 4f21dad39SAndreas Gohr 5f21dad39SAndreas Gohruse dokuwiki\Action\Exception\ActionAbort; 6f21dad39SAndreas Gohr 7*ab583a1bSAndreas Gohr/** 8*ab583a1bSAndreas Gohr * Class Resendpwd 9*ab583a1bSAndreas Gohr * 10*ab583a1bSAndreas Gohr * Handle password recovery 11*ab583a1bSAndreas Gohr * 12*ab583a1bSAndreas Gohr * @package dokuwiki\Action 13*ab583a1bSAndreas Gohr */ 14f21dad39SAndreas Gohrclass Resendpwd extends AbstractAclAction { 15f21dad39SAndreas Gohr 16f21dad39SAndreas Gohr /** @inheritdoc */ 17f21dad39SAndreas Gohr function minimumPermission() { 18f21dad39SAndreas Gohr return AUTH_NONE; 19f21dad39SAndreas Gohr } 20f21dad39SAndreas Gohr 21f21dad39SAndreas Gohr /** @inheritdoc */ 22f21dad39SAndreas Gohr public function preProcess() { 23f21dad39SAndreas Gohr if($this->resendpwd()) { 24f21dad39SAndreas Gohr throw new ActionAbort('login'); 25f21dad39SAndreas Gohr } 26f21dad39SAndreas Gohr } 27f21dad39SAndreas Gohr 28f21dad39SAndreas Gohr /** 29f21dad39SAndreas Gohr * Send a new password 30f21dad39SAndreas Gohr * 31f21dad39SAndreas Gohr * This function handles both phases of the password reset: 32f21dad39SAndreas Gohr * 33f21dad39SAndreas Gohr * - handling the first request of password reset 34f21dad39SAndreas Gohr * - validating the password reset auth token 35f21dad39SAndreas Gohr * 36f21dad39SAndreas Gohr * @author Benoit Chesneau <benoit@bchesneau.info> 37f21dad39SAndreas Gohr * @author Chris Smith <chris@jalakai.co.uk> 38f21dad39SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 39f21dad39SAndreas Gohr * @fixme this should be split up into multiple methods 40f21dad39SAndreas Gohr * @return bool true on success, false on any error 41f21dad39SAndreas Gohr */ 42f21dad39SAndreas Gohr function resendpwd() { 43f21dad39SAndreas Gohr global $lang; 44f21dad39SAndreas Gohr global $conf; 45f21dad39SAndreas Gohr /* @var \DokuWiki_Auth_Plugin $auth */ 46f21dad39SAndreas Gohr global $auth; 47f21dad39SAndreas Gohr global $INPUT; 48f21dad39SAndreas Gohr 49f21dad39SAndreas Gohr if(!actionOK('resendpwd')) { 50f21dad39SAndreas Gohr msg($lang['resendna'], -1); 51f21dad39SAndreas Gohr return false; 52f21dad39SAndreas Gohr } 53f21dad39SAndreas Gohr 54f21dad39SAndreas Gohr $token = preg_replace('/[^a-f0-9]+/', '', $INPUT->str('pwauth')); 55f21dad39SAndreas Gohr 56f21dad39SAndreas Gohr if($token) { 57f21dad39SAndreas Gohr // we're in token phase - get user info from token 58f21dad39SAndreas Gohr 59f21dad39SAndreas Gohr $tfile = $conf['cachedir'] . '/' . $token{0} . '/' . $token . '.pwauth'; 60f21dad39SAndreas Gohr if(!file_exists($tfile)) { 61f21dad39SAndreas Gohr msg($lang['resendpwdbadauth'], -1); 62f21dad39SAndreas Gohr $INPUT->remove('pwauth'); 63f21dad39SAndreas Gohr return false; 64f21dad39SAndreas Gohr } 65f21dad39SAndreas Gohr // token is only valid for 3 days 66f21dad39SAndreas Gohr if((time() - filemtime($tfile)) > (3 * 60 * 60 * 24)) { 67f21dad39SAndreas Gohr msg($lang['resendpwdbadauth'], -1); 68f21dad39SAndreas Gohr $INPUT->remove('pwauth'); 69f21dad39SAndreas Gohr @unlink($tfile); 70f21dad39SAndreas Gohr return false; 71f21dad39SAndreas Gohr } 72f21dad39SAndreas Gohr 73f21dad39SAndreas Gohr $user = io_readfile($tfile); 74f21dad39SAndreas Gohr $userinfo = $auth->getUserData($user, $requireGroups = false); 75f21dad39SAndreas Gohr if(!$userinfo['mail']) { 76f21dad39SAndreas Gohr msg($lang['resendpwdnouser'], -1); 77f21dad39SAndreas Gohr return false; 78f21dad39SAndreas Gohr } 79f21dad39SAndreas Gohr 80f21dad39SAndreas Gohr if(!$conf['autopasswd']) { // we let the user choose a password 81f21dad39SAndreas Gohr $pass = $INPUT->str('pass'); 82f21dad39SAndreas Gohr 83f21dad39SAndreas Gohr // password given correctly? 84f21dad39SAndreas Gohr if(!$pass) return false; 85f21dad39SAndreas Gohr if($pass != $INPUT->str('passchk')) { 86f21dad39SAndreas Gohr msg($lang['regbadpass'], -1); 87f21dad39SAndreas Gohr return false; 88f21dad39SAndreas Gohr } 89f21dad39SAndreas Gohr 90f21dad39SAndreas Gohr // change it 91f21dad39SAndreas Gohr if(!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { 92f21dad39SAndreas Gohr msg($lang['proffail'], -1); 93f21dad39SAndreas Gohr return false; 94f21dad39SAndreas Gohr } 95f21dad39SAndreas Gohr 96f21dad39SAndreas Gohr } else { // autogenerate the password and send by mail 97f21dad39SAndreas Gohr 98f21dad39SAndreas Gohr $pass = auth_pwgen($user); 99f21dad39SAndreas Gohr if(!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { 100f21dad39SAndreas Gohr msg($lang['proffail'], -1); 101f21dad39SAndreas Gohr return false; 102f21dad39SAndreas Gohr } 103f21dad39SAndreas Gohr 104f21dad39SAndreas Gohr if(auth_sendPassword($user, $pass)) { 105f21dad39SAndreas Gohr msg($lang['resendpwdsuccess'], 1); 106f21dad39SAndreas Gohr } else { 107f21dad39SAndreas Gohr msg($lang['regmailfail'], -1); 108f21dad39SAndreas Gohr } 109f21dad39SAndreas Gohr } 110f21dad39SAndreas Gohr 111f21dad39SAndreas Gohr @unlink($tfile); 112f21dad39SAndreas Gohr return true; 113f21dad39SAndreas Gohr 114f21dad39SAndreas Gohr } else { 115f21dad39SAndreas Gohr // we're in request phase 116f21dad39SAndreas Gohr 117f21dad39SAndreas Gohr if(!$INPUT->post->bool('save')) return false; 118f21dad39SAndreas Gohr 119f21dad39SAndreas Gohr if(!$INPUT->post->str('login')) { 120f21dad39SAndreas Gohr msg($lang['resendpwdmissing'], -1); 121f21dad39SAndreas Gohr return false; 122f21dad39SAndreas Gohr } else { 123f21dad39SAndreas Gohr $user = trim($auth->cleanUser($INPUT->post->str('login'))); 124f21dad39SAndreas Gohr } 125f21dad39SAndreas Gohr 126f21dad39SAndreas Gohr $userinfo = $auth->getUserData($user, $requireGroups = false); 127f21dad39SAndreas Gohr if(!$userinfo['mail']) { 128f21dad39SAndreas Gohr msg($lang['resendpwdnouser'], -1); 129f21dad39SAndreas Gohr return false; 130f21dad39SAndreas Gohr } 131f21dad39SAndreas Gohr 132f21dad39SAndreas Gohr // generate auth token 133f21dad39SAndreas Gohr $token = md5(auth_randombytes(16)); // random secret 134f21dad39SAndreas Gohr $tfile = $conf['cachedir'] . '/' . $token{0} . '/' . $token . '.pwauth'; 135f21dad39SAndreas Gohr $url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&'); 136f21dad39SAndreas Gohr 137f21dad39SAndreas Gohr io_saveFile($tfile, $user); 138f21dad39SAndreas Gohr 139f21dad39SAndreas Gohr $text = rawLocale('pwconfirm'); 140f21dad39SAndreas Gohr $trep = array( 141f21dad39SAndreas Gohr 'FULLNAME' => $userinfo['name'], 142f21dad39SAndreas Gohr 'LOGIN' => $user, 143f21dad39SAndreas Gohr 'CONFIRM' => $url 144f21dad39SAndreas Gohr ); 145f21dad39SAndreas Gohr 146f21dad39SAndreas Gohr $mail = new \Mailer(); 147f21dad39SAndreas Gohr $mail->to($userinfo['name'] . ' <' . $userinfo['mail'] . '>'); 148f21dad39SAndreas Gohr $mail->subject($lang['regpwmail']); 149f21dad39SAndreas Gohr $mail->setBody($text, $trep); 150f21dad39SAndreas Gohr if($mail->send()) { 151f21dad39SAndreas Gohr msg($lang['resendpwdconfirm'], 1); 152f21dad39SAndreas Gohr } else { 153f21dad39SAndreas Gohr msg($lang['regmailfail'], -1); 154f21dad39SAndreas Gohr } 155f21dad39SAndreas Gohr return true; 156f21dad39SAndreas Gohr } 157f21dad39SAndreas Gohr // never reached 158f21dad39SAndreas Gohr } 159f21dad39SAndreas Gohr 160f21dad39SAndreas Gohr} 161