29require
'../main.inc.php';
30require_once DOL_DOCUMENT_ROOT.
'/contact/class/contact.class.php';
31require_once DOL_DOCUMENT_ROOT.
'/core/lib/usergroups.lib.php';
32require_once DOL_DOCUMENT_ROOT.
'/core/lib/functions2.lib.php';
33if (isModEnabled(
'ldap')) {
34 require_once DOL_DOCUMENT_ROOT.
'/core/class/ldap.class.php';
38$langs->loadLangs(array(
'errors',
'users',
'companies',
'ldap',
'other'));
41if (!empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
42 header(
"Location: ".DOL_URL_ROOT.
'/');
46$action =
GETPOST(
'action',
'aZ09');
47$mode = $dolibarr_main_authentication;
52$username =
GETPOST(
'username',
'alphanohtml');
53$passworduidhash =
GETPOST(
'passworduidhash',
'alpha');
54$setnewpassword =
GETPOST(
'setnewpassword',
'aZ09');
56$conf->entity = (
GETPOST(
'entity',
'int') ?
GETPOST(
'entity',
'int') : 1);
59$hookmanager->initHooks(array(
'passwordforgottenpage'));
62if (
GETPOST(
'dol_hide_leftmenu',
'alpha') || !empty($_SESSION[
'dol_hide_leftmenu'])) {
63 $conf->dol_hide_leftmenu = 1;
65if (
GETPOST(
'dol_hide_topmenu',
'alpha') || !empty($_SESSION[
'dol_hide_topmenu'])) {
66 $conf->dol_hide_topmenu = 1;
68if (
GETPOST(
'dol_optimize_smallscreen',
'alpha') || !empty($_SESSION[
'dol_optimize_smallscreen'])) {
69 $conf->dol_optimize_smallscreen = 1;
71if (
GETPOST(
'dol_no_mouse_hover',
'alpha') || !empty($_SESSION[
'dol_no_mouse_hover'])) {
72 $conf->dol_no_mouse_hover = 1;
74if (
GETPOST(
'dol_use_jmobile',
'alpha') || !empty($_SESSION[
'dol_use_jmobile'])) {
75 $conf->dol_use_jmobile = 1;
84$reshook = $hookmanager->executeHooks(
'doActions',
$parameters, $object, $action);
86 $message = $hookmanager->error;
91 if ($action ==
'validatenewpassword' && $username && $passworduidhash) {
92 $edituser =
new User($db);
93 $result = $edituser->fetch(
'', $username,
'', 0, $conf->entity);
95 $message =
'<div class="error">'.dol_escape_htmltag($langs->trans(
"ErrorTechnicalError")).
'</div>';
100 if ($edituser->pass_temp &&
dol_verifyHash($edituser->pass_temp.
'-'.$edituser->id.
'-'.$conf->file->instance_unique_id, $passworduidhash)) {
102 unset($_SESSION[
'dol_login']);
103 $_SESSION[
'dol_loginmesg'] =
'<!-- warning -->'.$langs->transnoentitiesnoconv(
'NewPasswordValidated');
105 $newpassword = $edituser->setPassword($user, $edituser->pass_temp, 0);
106 dol_syslog(
"passwordforgotten.php new password for user->id=".$edituser->id.
" validated in database");
108 header(
"Location: ".DOL_URL_ROOT.
'/');
111 $langs->load(
"errors");
112 $message =
'<div class="error">'.$langs->trans(
"ErrorFailedToValidatePasswordReset").
'</div>';
118 if ($action ==
'buildnewpassword' && $username) {
119 $sessionkey =
'dol_antispam_value';
120 $ok = (array_key_exists($sessionkey, $_SESSION) ===
true && (strtolower($_SESSION[$sessionkey]) == strtolower(
GETPOST(
'code'))));
124 $message =
'<div class="error">'.$langs->trans(
"ErrorBadValueForCode").
'</div>';
126 $isanemail = preg_match(
'/@/', $username);
128 $edituser =
new User($db);
129 $result = $edituser->fetch(
'', $username,
'', 1, $conf->entity);
130 if ($result == 0 && $isanemail) {
131 $result = $edituser->fetch(
'',
'',
'', 1, $conf->entity, $username);
136 $edituser->getrights(
'user');
137 if (!$edituser->hasRight(
'user',
'self',
'password')) {
139 $edituser->error =
'USERNOTALLOWEDTOCHANGEPASS';
145 $messagewarning =
'<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ?
'' :
' backgroundsemitransparent boxshadow').
'">';
147 $messagewarning .= $langs->trans(
"IfLoginExistPasswordRequestSent");
149 $messagewarning .= $langs->trans(
"IfEmailExistPasswordRequestSent");
151 $messagewarning .=
'</div>';
153 if ($result <= 0 && ($edituser->error ==
'USERNOTFOUND' || $edituser->error ==
'USERNOTALLOWEDTOCHANGEPASS')) {
155 $message .= $messagewarning;
158 if (empty($edituser->email)) {
160 $message .= $messagewarning;
162 $newpassword = $edituser->setPassword($user,
'', 1);
163 if (is_int($newpassword) && $newpassword < 0) {
165 $message =
'<div class="error">'.$langs->trans(
"ErrorFailedToChangePassword").
'</div>';
168 if ($edituser->send_password($user, $newpassword, 1) > 0) {
169 $message .= $messagewarning;
173 $message .=
'<div class="error">'.$edituser->error.
'</div>';
190$title =
'Dolibarr '.DOL_VERSION;
191if (!empty($conf->global->MAIN_APPLICATION_TITLE)) {
192 $title = $conf->global->MAIN_APPLICATION_TITLE;
196if (file_exists(DOL_DOCUMENT_ROOT.
"/theme/".$conf->theme.
"/tpl/passwordforgotten.tpl.php")) {
197 $template_dir = DOL_DOCUMENT_ROOT.
"/theme/".$conf->theme.
"/tpl/";
199 $template_dir = DOL_DOCUMENT_ROOT.
"/core/tpl/";
203 $focus_element =
'username';
205 $focus_element =
'password';
209$disabled =
'disabled';
210if (preg_match(
'/dolibarr/i', $mode)) {
213if (!empty($conf->global->MAIN_SECURITY_ENABLE_SENDPASSWORD)) {
220$urllogo = DOL_URL_ROOT.
'/theme/common/login_logo.png';
221if (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.
'/logos/thumbs/'.$mysoc->logo_small)) {
222 $urllogo = DOL_URL_ROOT.
'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode(
'logos/thumbs/'.$mysoc->logo_small);
223} elseif (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.
'/logos/'.$mysoc->logo)) {
224 $urllogo = DOL_URL_ROOT.
'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode(
'logos/'.$mysoc->logo);
226} elseif (is_readable(DOL_DOCUMENT_ROOT.
'/theme/'.$conf->theme.
'/img/dolibarr_logo.svg')) {
227 $urllogo = DOL_URL_ROOT.
'/theme/'.$conf->theme.
'/img/dolibarr_logo.svg';
228} elseif (is_readable(DOL_DOCUMENT_ROOT.
'/theme/dolibarr_logo.svg')) {
229 $urllogo = DOL_URL_ROOT.
'/theme/dolibarr_logo.svg';
233if (function_exists(
"imagecreatefrompng") && !$disabled) {
235 $captcha_refresh =
img_picto($langs->trans(
"Refresh"),
'refresh',
'id="captcha_refresh_img"');
240$hookmanager->executeHooks(
'getPasswordForgottenPageOptions',
$parameters);
241if (is_array($hookmanager->resArray) && !empty($hookmanager->resArray)) {
242 $morelogincontent = $hookmanager->resArray;
244 $morelogincontent = $hookmanager->resPrint;
249$reshook = $hookmanager->executeHooks(
'getPasswordForgottenPageExtraOptions',
$parameters);
250$moreloginextracontent = $hookmanager->resPrint;
252if (empty($setnewpassword)) {
253 include $template_dir.
'passwordforgotten.tpl.php';
255 include $template_dir.
'passwordreset.tpl.php';
Class to manage Dolibarr users.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=false, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
if(empty($reshook)) $dol_url_root
View.
if(GETPOST('dol_hide_leftmenu', 'alpha')||!empty($_SESSION['dol_hide_leftmenu'])) if(GETPOST( 'dol_hide_topmenu', 'alpha')||!empty( $_SESSION[ 'dol_hide_topmenu'])) if(GETPOST('dol_optimize_smallscreen', 'alpha')||!empty($_SESSION['dol_optimize_smallscreen'])) if(GETPOST( 'dol_no_mouse_hover', 'alpha')||!empty( $_SESSION[ 'dol_no_mouse_hover'])) if(GETPOST('dol_use_jmobile', 'alpha')||!empty($_SESSION['dol_use_jmobile'])) $parameters
Actions.
dol_verifyHash($chain, $hash, $type='0')
Compute a hash and compare it to the given one For backward compatibility reasons,...