From f43e9e97a53a0ff85e728c477e72ceaa98d3415d Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Fri, 22 Mar 2013 14:50:02 +0400 Subject: add basic password recovery thing --- classes/pref/users.php | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) (limited to 'classes/pref') diff --git a/classes/pref/users.php b/classes/pref/users.php index fbba5e407..b4f043775 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -270,11 +270,9 @@ class Pref_Users extends Handler_Protected { } } - function resetPass() { - - $uid = db_escape_string($this->link, $_REQUEST["id"]); + static function resetUserPassword($link, $uid, $show_password) { - $result = db_query($this->link, "SELECT login,email + $result = db_query($link, "SELECT login,email FROM ttrss_users WHERE id = '$uid'"); $login = db_fetch_result($result, 0, "login"); @@ -286,18 +284,20 @@ class Pref_Users extends Handler_Protected { $pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true); - db_query($this->link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash', salt = '$new_salt' + db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash', salt = '$new_salt' WHERE id = '$uid'"); - print T_sprintf("Changed password of user %s - to %s", $login, $tmp_user_pwd); + if ($show_password) { + print T_sprintf("Changed password of user %s + to %s", $login, $tmp_user_pwd); + } else { + print T_sprintf("Sending new password of user %s + to %s", $login, $email); + } require_once 'lib/phpmailer/class.phpmailer.php'; if ($email) { - print " "; - print T_sprintf("Notifying %s.", $email); - require_once "lib/MiniTemplator.class.php"; $tpl = new MiniTemplator; @@ -340,8 +340,11 @@ class Pref_Users extends Handler_Protected { if (!$rc) print_error($mail->ErrorInfo); } + } - print ""; + function resetPass() { + $uid = db_escape_string($this->link, $_REQUEST["id"]); + Pref_Users::resetUserPassword($this->link, $uid, true); } function index() { -- cgit v1.2.3