2 rcs_id('$Id: PasswordReset.php,v 1.2 2006-06-18 11:04:50 rurban Exp $');
4 Copyright (C) 2006 $ThePhpWikiProgrammingTeam
6 This file is part of PhpWiki.
8 PhpWiki is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 PhpWiki is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with PhpWiki; if not, write to the Free Software
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 * 1. User forgot password but has email in the prefs.
25 * => action=email&user=username will send the password per email in plaintext.
27 * If no email is stored, because user might not exist,
28 * => "No email stored for user %s.
29 * You need to ask an Administrator to reset this password."
30 * Problem: How to contact Admin? Present a link to ADMIN_USER
32 * If no email exists but is not verified,
33 * => "Warning: This users email address is unverified!"
35 * 2. Admin may reset any users password, with verification.
36 * => action=reset&user=username
38 class WikiPlugin_PasswordReset
42 return _("PasswordReset");
45 function getVersion() {
46 return preg_replace("/[Revision: $]/", '',
50 function getDefaultArguments() {
51 return array('user' => 0);
54 /* reset password, verified */
55 function doReset($userid) {
57 $user = WikiUser($userid);
58 $prefs = $user->getPreferences();
59 $prefs->set('passwd','');
60 if ($user->setPreferences($prefs)) {
61 $alert = new Alert(_("Message"),
62 fmt("The password for user %s has been deleted.", $userid));
64 $alert = new Alert(_("Error"),
65 fmt("The password for user %s could not be deleted.", $userid));
70 function doEmail(&$request, $userid) {
72 $thisuser = WikiUser($userid);
73 $prefs = $thisuser->getPreferences();
74 $email = $prefs->get('email');
75 $passwd = $prefs->get('passwd'); // plain?
76 $from = $request->_user->getId() . '@' . $request->get('REMOTE_HOST');
78 "[".WIKI_NAME."] PasswortReset",
79 "PasswortReset requested by $from\r\n".
80 "Password for ".WIKI_NAME.": $passwd",
82 $alert = new Alert(_("Message"),
83 fmt("Email sent to the stored email address for user %s", $userid));
85 $alert = new Alert(_("Error"),
86 fmt("Error sending email with password for user %s.", $userid));
90 function doForm(&$request, $header = '', $footer = '') {
91 $post_args = $request->getArg('admin_reset');
92 $userid = $request->getArg('user');
94 $header = HTML::p(_("Reset password of user: "),
96 HTML::input(array('type' => 'text',
102 $isadmin = $request->_user->isAdmin();
103 $footer = HTML::p(Button('submit:admin_reset[reset]',
104 $isadmin ? _("Yes") : _("Send email"),
105 $isadmin ? 'wikiadmin' : 'button'),
107 Button('submit:admin_reset[cancel]', _("Cancel"), 'button'));
109 return HTML::form(array('action' => $request->getPostURL(),
112 HiddenInputs($request->getArgs(), false, array('admin_reset', 'user')),
113 ENABLE_PAGEPERM ? '' : HiddenInputs(array('require_authority_for_post' => WIKIAUTH_ADMIN)),
117 function run($dbi, $argstr, &$request, $basepage) {
118 $args = $this->getArgs($argstr, $request);
119 if (isa($request,'MockRequest'))
122 $user =& $request->_user;
123 $post_args = $request->getArg('admin_reset');
124 $userid = $request->getArg('user');
125 $isadmin = $user->isAdmin();
126 if ($request->isPost()) {
128 $alert = new Alert(_("Warning:"),
129 _("You need to specify the userid!"));
131 return $this->doForm($request);
133 @$reset = $post_args['reset'];
134 if ($reset and $userid and !empty($post_args['verify'])) {
135 if ($user->isAdmin()) {
136 return $this->doReset($userid);
138 return $this->doEmail($request, $userid);
140 } elseif ($reset and empty($post_args['verify'])) {
141 $buttons = HTML::p(Button('submit:admin_reset[reset]',
142 $isadmin ? _("Yes") : _("Send email"),
143 $isadmin ? 'wikiadmin' : 'button'),
145 Button('submit:admin_reset[cancel]', _("Cancel"), 'button'));
146 $header = HTML::strong("Verify");
147 if (!$user->isAdmin()) {
149 if ($userid == $user->UserName() and $user->isAuthenticated()) {
150 $alert = new Alert(_("Already logged in"),
151 HTML(fmt("Changing passwords is done at "), WikiLink(_("UserPreferences"))));
155 $thisuser = WikiUser($userid);
156 $prefs = $thisuser->getPreferences();
157 $email = $prefs->get('email');
159 $alert = new Alert(_("Error"),
160 HTML(fmt("No email stored for user %s.", $userid),
162 fmt("You need to ask an Administrator to reset this password. See below: "),
163 HTML::br(), WikiLink(ADMIN_USER)));
167 $verified = $thisuser->_prefs->_prefs['email']->getraw('emailVerified');
169 $header->pushContent(HTML::br(), "Warning: This users email address is unverified!");
171 return $this->doForm($request,
174 fmt("Do you really want to reset the password of user %s?", $userid),
175 $isadmin ? '' : _("An email will be sent."),
176 HiddenInputs(array('admin_reset[verify]' => 1, 'user' => $userid)),
179 return $this->doForm($request);
182 return $this->doForm($request);
187 // $Log: not supported by cvs2svn $
188 // Revision 1.1 2006/03/19 16:31:57 rurban
189 // I would have needed that very often
197 // c-hanging-comment-ender-p: nil
198 // indent-tabs-mode: nil