28 require
'../main.inc.php';
29 require_once DOL_DOCUMENT_ROOT.
'/contact/class/contact.class.php';
30 require_once DOL_DOCUMENT_ROOT.
'/core/lib/usergroups.lib.php';
31 require_once DOL_DOCUMENT_ROOT.
'/core/lib/functions2.lib.php';
32 if (!empty($conf->ldap->enabled)) {
33 require_once DOL_DOCUMENT_ROOT.
'/core/class/ldap.class.php';
37 $langs->loadLangs(array(
'errors',
'users',
'companies',
'ldap',
'other'));
40 if (!empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
41 header(
"Location: ".DOL_URL_ROOT.
'/');
45 $action =
GETPOST(
'action',
'aZ09');
46 $mode = $dolibarr_main_authentication;
51 $username =
GETPOST(
'username',
'alphanohtml');
52 $passworduidhash =
GETPOST(
'passworduidhash',
'alpha');
53 $conf->entity = (
GETPOST(
'entity',
'int') ?
GETPOST(
'entity',
'int') : 1);
56 $hookmanager->initHooks(array(
'passwordforgottenpage'));
59 if (
GETPOST(
'dol_hide_leftmenu',
'alpha') || !empty($_SESSION[
'dol_hide_leftmenu'])) {
60 $conf->dol_hide_leftmenu = 1;
62 if (
GETPOST(
'dol_hide_topmenu',
'alpha') || !empty($_SESSION[
'dol_hide_topmenu'])) {
63 $conf->dol_hide_topmenu = 1;
65 if (
GETPOST(
'dol_optimize_smallscreen',
'alpha') || !empty($_SESSION[
'dol_optimize_smallscreen'])) {
66 $conf->dol_optimize_smallscreen = 1;
68 if (
GETPOST(
'dol_no_mouse_hover',
'alpha') || !empty($_SESSION[
'dol_no_mouse_hover'])) {
69 $conf->dol_no_mouse_hover = 1;
71 if (
GETPOST(
'dol_use_jmobile',
'alpha') || !empty($_SESSION[
'dol_use_jmobile'])) {
72 $conf->dol_use_jmobile = 1;
81 $reshook = $hookmanager->executeHooks(
'doActions',
$parameters, $object, $action);
83 $message = $hookmanager->error;
86 if (empty($reshook)) {
88 if ($action ==
'validatenewpassword' && $username && $passworduidhash) {
89 $edituser =
new User($db);
90 $result = $edituser->fetch(
'', $username,
'', 0, $conf->entity);
92 $message =
'<div class="error">'.dol_escape_htmltag($langs->trans(
"ErrorLoginDoesNotExists", $username)).
'</div>';
94 global $dolibarr_main_instance_unique_id;
97 if ($edituser->pass_temp &&
dol_verifyHash($edituser->pass_temp.
'-'.$edituser->id.
'-'.$dolibarr_main_instance_unique_id, $passworduidhash)) {
99 unset($_SESSION[
'dol_login']);
100 $_SESSION[
'dol_loginmesg'] = $langs->transnoentitiesnoconv(
'NewPasswordValidated');
102 $newpassword = $edituser->setPassword($user, $edituser->pass_temp, 0);
103 dol_syslog(
"passwordforgotten.php new password for user->id=".$edituser->id.
" validated in database");
105 header(
"Location: ".DOL_URL_ROOT.
'/');
108 $langs->load(
"errors");
109 $message =
'<div class="error">'.$langs->trans(
"ErrorFailedToValidatePasswordReset").
'</div>';
114 if ($action ==
'buildnewpassword' && $username) {
115 $sessionkey =
'dol_antispam_value';
116 $ok = (array_key_exists($sessionkey, $_SESSION) ===
true && (strtolower($_SESSION[$sessionkey]) == strtolower(
GETPOST(
'code'))));
120 $message =
'<div class="error">'.$langs->trans(
"ErrorBadValueForCode").
'</div>';
122 $isanemail = preg_match(
'/@/', $username);
124 $edituser =
new User($db);
125 $result = $edituser->fetch(
'', $username,
'', 1, $conf->entity);
126 if ($result == 0 && $isanemail) {
127 $result = $edituser->fetch(
'',
'',
'', 1, $conf->entity, $username);
130 if ($result <= 0 && $edituser->error ==
'USERNOTFOUND') {
131 $message =
'<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ?
'' :
' backgroundsemitransparent boxshadow').
'">';
133 $message .= $langs->trans(
"IfLoginExistPasswordRequestSent");
135 $message .= $langs->trans(
"IfEmailExistPasswordRequestSent");
137 $message .=
'</div>';
140 if (!$edituser->email) {
141 $message =
'<div class="error">'.$langs->trans(
"ErrorLoginHasNoEmail").
'</div>';
143 $newpassword = $edituser->setPassword($user,
'', 1);
144 if ($newpassword < 0) {
146 $message =
'<div class="error">'.$langs->trans(
"ErrorFailedToChangePassword").
'</div>';
149 if ($edituser->send_password($user, $newpassword, 1) > 0) {
150 $message =
'<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ?
'' :
' backgroundsemitransparent boxshadow').
'">';
152 $message .= $langs->trans(
"IfLoginExistPasswordRequestSent");
154 $message .= $langs->trans(
"IfEmailExistPasswordRequestSent");
157 $message .=
'</div>';
160 $message .=
'<div class="error">'.$edituser->error.
'</div>';
177 $title =
'Dolibarr '.DOL_VERSION;
178 if (!empty($conf->global->MAIN_APPLICATION_TITLE)) {
179 $title = $conf->global->MAIN_APPLICATION_TITLE;
183 if (file_exists(DOL_DOCUMENT_ROOT.
"/theme/".$conf->theme.
"/tpl/passwordforgotten.tpl.php")) {
184 $template_dir = DOL_DOCUMENT_ROOT.
"/theme/".$conf->theme.
"/tpl/";
186 $template_dir = DOL_DOCUMENT_ROOT.
"/core/tpl/";
190 $focus_element =
'username';
192 $focus_element =
'password';
196 $disabled =
'disabled';
197 if (preg_match(
'/dolibarr/i', $mode)) {
200 if (!empty($conf->global->MAIN_SECURITY_ENABLE_SENDPASSWORD)) {
207 $urllogo = DOL_URL_ROOT.
'/theme/common/login_logo.png';
208 if (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.
'/logos/thumbs/'.$mysoc->logo_small)) {
209 $urllogo = DOL_URL_ROOT.
'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode(
'logos/thumbs/'.$mysoc->logo_small);
210 } elseif (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.
'/logos/'.$mysoc->logo)) {
211 $urllogo = DOL_URL_ROOT.
'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode(
'logos/'.$mysoc->logo);
213 } elseif (is_readable(DOL_DOCUMENT_ROOT.
'/theme/'.$conf->theme.
'/img/dolibarr_logo.svg')) {
214 $urllogo = DOL_URL_ROOT.
'/theme/'.$conf->theme.
'/img/dolibarr_logo.svg';
215 } elseif (is_readable(DOL_DOCUMENT_ROOT.
'/theme/dolibarr_logo.svg')) {
216 $urllogo = DOL_URL_ROOT.
'/theme/dolibarr_logo.svg';
220 if (function_exists(
"imagecreatefrompng") && !$disabled) {
222 $captcha_refresh =
img_picto($langs->trans(
"Refresh"),
'refresh',
'id="captcha_refresh_img"');
227 $hookmanager->executeHooks(
'getPasswordForgottenPageOptions',
$parameters);
228 if (is_array($hookmanager->resArray) && !empty($hookmanager->resArray)) {
229 $morelogincontent = $hookmanager->resArray;
231 $morelogincontent = $hookmanager->resPrint;
236 $reshook = $hookmanager->executeHooks(
'getPasswordForgottenPageExtraOptions',
$parameters);
237 $moreloginextracontent = $hookmanager->resPrint;
239 include $template_dir.
'passwordforgotten.tpl.php';