1*f21dad39SAndreas Gohr<?php 2*f21dad39SAndreas Gohr/** 3*f21dad39SAndreas Gohr * Created by IntelliJ IDEA. 4*f21dad39SAndreas Gohr * User: andi 5*f21dad39SAndreas Gohr * Date: 2/11/17 6*f21dad39SAndreas Gohr * Time: 9:33 AM 7*f21dad39SAndreas Gohr */ 8*f21dad39SAndreas Gohr 9*f21dad39SAndreas Gohrnamespace dokuwiki\Action; 10*f21dad39SAndreas Gohr 11*f21dad39SAndreas Gohruse dokuwiki\Action\Exception\ActionAbort; 12*f21dad39SAndreas Gohr 13*f21dad39SAndreas Gohrclass Resendpwd extends AbstractAclAction { 14*f21dad39SAndreas Gohr 15*f21dad39SAndreas Gohr /** @inheritdoc */ 16*f21dad39SAndreas Gohr function minimumPermission() { 17*f21dad39SAndreas Gohr return AUTH_NONE; 18*f21dad39SAndreas Gohr } 19*f21dad39SAndreas Gohr 20*f21dad39SAndreas Gohr /** @inheritdoc */ 21*f21dad39SAndreas Gohr public function preProcess() { 22*f21dad39SAndreas Gohr if($this->resendpwd()) { 23*f21dad39SAndreas Gohr throw new ActionAbort('login'); 24*f21dad39SAndreas Gohr } 25*f21dad39SAndreas Gohr } 26*f21dad39SAndreas Gohr 27*f21dad39SAndreas Gohr /** 28*f21dad39SAndreas Gohr * Send a new password 29*f21dad39SAndreas Gohr * 30*f21dad39SAndreas Gohr * This function handles both phases of the password reset: 31*f21dad39SAndreas Gohr * 32*f21dad39SAndreas Gohr * - handling the first request of password reset 33*f21dad39SAndreas Gohr * - validating the password reset auth token 34*f21dad39SAndreas Gohr * 35*f21dad39SAndreas Gohr * @author Benoit Chesneau <benoit@bchesneau.info> 36*f21dad39SAndreas Gohr * @author Chris Smith <chris@jalakai.co.uk> 37*f21dad39SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 38*f21dad39SAndreas Gohr * @fixme this should be split up into multiple methods 39*f21dad39SAndreas Gohr * @return bool true on success, false on any error 40*f21dad39SAndreas Gohr */ 41*f21dad39SAndreas Gohr function resendpwd() { 42*f21dad39SAndreas Gohr global $lang; 43*f21dad39SAndreas Gohr global $conf; 44*f21dad39SAndreas Gohr /* @var \DokuWiki_Auth_Plugin $auth */ 45*f21dad39SAndreas Gohr global $auth; 46*f21dad39SAndreas Gohr global $INPUT; 47*f21dad39SAndreas Gohr 48*f21dad39SAndreas Gohr if(!actionOK('resendpwd')) { 49*f21dad39SAndreas Gohr msg($lang['resendna'], -1); 50*f21dad39SAndreas Gohr return false; 51*f21dad39SAndreas Gohr } 52*f21dad39SAndreas Gohr 53*f21dad39SAndreas Gohr $token = preg_replace('/[^a-f0-9]+/', '', $INPUT->str('pwauth')); 54*f21dad39SAndreas Gohr 55*f21dad39SAndreas Gohr if($token) { 56*f21dad39SAndreas Gohr // we're in token phase - get user info from token 57*f21dad39SAndreas Gohr 58*f21dad39SAndreas Gohr $tfile = $conf['cachedir'] . '/' . $token{0} . '/' . $token . '.pwauth'; 59*f21dad39SAndreas Gohr if(!file_exists($tfile)) { 60*f21dad39SAndreas Gohr msg($lang['resendpwdbadauth'], -1); 61*f21dad39SAndreas Gohr $INPUT->remove('pwauth'); 62*f21dad39SAndreas Gohr return false; 63*f21dad39SAndreas Gohr } 64*f21dad39SAndreas Gohr // token is only valid for 3 days 65*f21dad39SAndreas Gohr if((time() - filemtime($tfile)) > (3 * 60 * 60 * 24)) { 66*f21dad39SAndreas Gohr msg($lang['resendpwdbadauth'], -1); 67*f21dad39SAndreas Gohr $INPUT->remove('pwauth'); 68*f21dad39SAndreas Gohr @unlink($tfile); 69*f21dad39SAndreas Gohr return false; 70*f21dad39SAndreas Gohr } 71*f21dad39SAndreas Gohr 72*f21dad39SAndreas Gohr $user = io_readfile($tfile); 73*f21dad39SAndreas Gohr $userinfo = $auth->getUserData($user, $requireGroups = false); 74*f21dad39SAndreas Gohr if(!$userinfo['mail']) { 75*f21dad39SAndreas Gohr msg($lang['resendpwdnouser'], -1); 76*f21dad39SAndreas Gohr return false; 77*f21dad39SAndreas Gohr } 78*f21dad39SAndreas Gohr 79*f21dad39SAndreas Gohr if(!$conf['autopasswd']) { // we let the user choose a password 80*f21dad39SAndreas Gohr $pass = $INPUT->str('pass'); 81*f21dad39SAndreas Gohr 82*f21dad39SAndreas Gohr // password given correctly? 83*f21dad39SAndreas Gohr if(!$pass) return false; 84*f21dad39SAndreas Gohr if($pass != $INPUT->str('passchk')) { 85*f21dad39SAndreas Gohr msg($lang['regbadpass'], -1); 86*f21dad39SAndreas Gohr return false; 87*f21dad39SAndreas Gohr } 88*f21dad39SAndreas Gohr 89*f21dad39SAndreas Gohr // change it 90*f21dad39SAndreas Gohr if(!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { 91*f21dad39SAndreas Gohr msg($lang['proffail'], -1); 92*f21dad39SAndreas Gohr return false; 93*f21dad39SAndreas Gohr } 94*f21dad39SAndreas Gohr 95*f21dad39SAndreas Gohr } else { // autogenerate the password and send by mail 96*f21dad39SAndreas Gohr 97*f21dad39SAndreas Gohr $pass = auth_pwgen($user); 98*f21dad39SAndreas Gohr if(!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { 99*f21dad39SAndreas Gohr msg($lang['proffail'], -1); 100*f21dad39SAndreas Gohr return false; 101*f21dad39SAndreas Gohr } 102*f21dad39SAndreas Gohr 103*f21dad39SAndreas Gohr if(auth_sendPassword($user, $pass)) { 104*f21dad39SAndreas Gohr msg($lang['resendpwdsuccess'], 1); 105*f21dad39SAndreas Gohr } else { 106*f21dad39SAndreas Gohr msg($lang['regmailfail'], -1); 107*f21dad39SAndreas Gohr } 108*f21dad39SAndreas Gohr } 109*f21dad39SAndreas Gohr 110*f21dad39SAndreas Gohr @unlink($tfile); 111*f21dad39SAndreas Gohr return true; 112*f21dad39SAndreas Gohr 113*f21dad39SAndreas Gohr } else { 114*f21dad39SAndreas Gohr // we're in request phase 115*f21dad39SAndreas Gohr 116*f21dad39SAndreas Gohr if(!$INPUT->post->bool('save')) return false; 117*f21dad39SAndreas Gohr 118*f21dad39SAndreas Gohr if(!$INPUT->post->str('login')) { 119*f21dad39SAndreas Gohr msg($lang['resendpwdmissing'], -1); 120*f21dad39SAndreas Gohr return false; 121*f21dad39SAndreas Gohr } else { 122*f21dad39SAndreas Gohr $user = trim($auth->cleanUser($INPUT->post->str('login'))); 123*f21dad39SAndreas Gohr } 124*f21dad39SAndreas Gohr 125*f21dad39SAndreas Gohr $userinfo = $auth->getUserData($user, $requireGroups = false); 126*f21dad39SAndreas Gohr if(!$userinfo['mail']) { 127*f21dad39SAndreas Gohr msg($lang['resendpwdnouser'], -1); 128*f21dad39SAndreas Gohr return false; 129*f21dad39SAndreas Gohr } 130*f21dad39SAndreas Gohr 131*f21dad39SAndreas Gohr // generate auth token 132*f21dad39SAndreas Gohr $token = md5(auth_randombytes(16)); // random secret 133*f21dad39SAndreas Gohr $tfile = $conf['cachedir'] . '/' . $token{0} . '/' . $token . '.pwauth'; 134*f21dad39SAndreas Gohr $url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&'); 135*f21dad39SAndreas Gohr 136*f21dad39SAndreas Gohr io_saveFile($tfile, $user); 137*f21dad39SAndreas Gohr 138*f21dad39SAndreas Gohr $text = rawLocale('pwconfirm'); 139*f21dad39SAndreas Gohr $trep = array( 140*f21dad39SAndreas Gohr 'FULLNAME' => $userinfo['name'], 141*f21dad39SAndreas Gohr 'LOGIN' => $user, 142*f21dad39SAndreas Gohr 'CONFIRM' => $url 143*f21dad39SAndreas Gohr ); 144*f21dad39SAndreas Gohr 145*f21dad39SAndreas Gohr $mail = new \Mailer(); 146*f21dad39SAndreas Gohr $mail->to($userinfo['name'] . ' <' . $userinfo['mail'] . '>'); 147*f21dad39SAndreas Gohr $mail->subject($lang['regpwmail']); 148*f21dad39SAndreas Gohr $mail->setBody($text, $trep); 149*f21dad39SAndreas Gohr if($mail->send()) { 150*f21dad39SAndreas Gohr msg($lang['resendpwdconfirm'], 1); 151*f21dad39SAndreas Gohr } else { 152*f21dad39SAndreas Gohr msg($lang['regmailfail'], -1); 153*f21dad39SAndreas Gohr } 154*f21dad39SAndreas Gohr return true; 155*f21dad39SAndreas Gohr } 156*f21dad39SAndreas Gohr // never reached 157*f21dad39SAndreas Gohr } 158*f21dad39SAndreas Gohr 159*f21dad39SAndreas Gohr} 160