[ Index ]

PHP Cross Reference of DokuWiki

title

Body

[close]

/inc/Action/ -> Resendpwd.php (source)

   1  <?php
   2  
   3  namespace dokuwiki\Action;
   4  
   5  use dokuwiki\Ui\UserResendPwd;
   6  use dokuwiki\Action\Exception\ActionAbort;
   7  use dokuwiki\Action\Exception\ActionDisabledException;
   8  use dokuwiki\Extension\AuthPlugin;
   9  use dokuwiki\Ui;
  10  
  11  /**
  12   * Class Resendpwd
  13   *
  14   * Handle password recovery
  15   *
  16   * @package dokuwiki\Action
  17   */
  18  class Resendpwd extends AbstractAclAction
  19  {
  20      /** @inheritdoc */
  21      public function minimumPermission()
  22      {
  23          return AUTH_NONE;
  24      }
  25  
  26      /** @inheritdoc */
  27      public function checkPreconditions()
  28      {
  29          parent::checkPreconditions();
  30  
  31          /** @var AuthPlugin $auth */
  32          global $auth;
  33          global $conf;
  34          if (isset($conf['resendpasswd']) && !$conf['resendpasswd'])
  35              throw new ActionDisabledException(); //legacy option
  36          if (!$auth->canDo('modPass')) throw new ActionDisabledException();
  37      }
  38  
  39      /** @inheritdoc */
  40      public function preProcess()
  41      {
  42          if ($this->resendpwd()) {
  43              throw new ActionAbort('login');
  44          }
  45      }
  46  
  47      /** @inheritdoc */
  48      public function tplContent()
  49      {
  50          (new UserResendPwd())->show();
  51      }
  52  
  53      /**
  54       * Send a  new password
  55       *
  56       * This function handles both phases of the password reset:
  57       *
  58       *   - handling the first request of password reset
  59       *   - validating the password reset auth token
  60       *
  61       * @author Benoit Chesneau <benoit@bchesneau.info>
  62       * @author Chris Smith <chris@jalakai.co.uk>
  63       * @author Andreas Gohr <andi@splitbrain.org>
  64       * @fixme this should be split up into multiple methods
  65       * @return bool true on success, false on any error
  66       */
  67      protected function resendpwd()
  68      {
  69          global $lang;
  70          global $conf;
  71          /* @var AuthPlugin $auth */
  72          global $auth;
  73          global $INPUT;
  74  
  75          if (!actionOK('resendpwd')) {
  76              msg($lang['resendna'], -1);
  77              return false;
  78          }
  79  
  80          $token = preg_replace('/[^a-f0-9]+/', '', $INPUT->str('pwauth'));
  81  
  82          if ($token) {
  83              // we're in token phase - get user info from token
  84  
  85              $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
  86              if (!file_exists($tfile)) {
  87                  msg($lang['resendpwdbadauth'], -1);
  88                  $INPUT->remove('pwauth');
  89                  return false;
  90              }
  91              // token is only valid for 3 days
  92              if ((time() - filemtime($tfile)) > (3 * 60 * 60 * 24)) {
  93                  msg($lang['resendpwdbadauth'], -1);
  94                  $INPUT->remove('pwauth');
  95                  @unlink($tfile);
  96                  return false;
  97              }
  98  
  99              $user = io_readfile($tfile);
 100              $userinfo = $auth->getUserData($user, $requireGroups = false);
 101              if (empty($userinfo['mail'])) {
 102                  msg($lang['resendpwdnouser'], -1);
 103                  return false;
 104              }
 105  
 106              if (!$conf['autopasswd']) { // we let the user choose a password
 107                  $pass = $INPUT->str('pass');
 108  
 109                  // password given correctly?
 110                  if (!$pass) return false;
 111                  if ($pass != $INPUT->str('passchk')) {
 112                      msg($lang['regbadpass'], -1);
 113                      return false;
 114                  }
 115  
 116                  // change it
 117                  if (!$auth->triggerUserMod('modify', [$user, ['pass' => $pass]])) {
 118                      msg($lang['proffail'], -1);
 119                      return false;
 120                  }
 121              } else { // autogenerate the password and send by mail
 122                  $pass = auth_pwgen($user);
 123                  if (!$auth->triggerUserMod('modify', [$user, ['pass' => $pass]])) {
 124                      msg($lang['proffail'], -1);
 125                      return false;
 126                  }
 127  
 128                  if (auth_sendPassword($user, $pass)) {
 129                      msg($lang['resendpwdsuccess'], 1);
 130                  } else {
 131                      msg($lang['regmailfail'], -1);
 132                  }
 133              }
 134  
 135              @unlink($tfile);
 136              return true;
 137          } else {
 138              // we're in request phase
 139  
 140              if (!$INPUT->post->bool('save')) return false;
 141  
 142              if (!$INPUT->post->str('login')) {
 143                  msg($lang['resendpwdmissing'], -1);
 144                  return false;
 145              } else {
 146                  $user = trim($auth->cleanUser($INPUT->post->str('login')));
 147              }
 148  
 149              $userinfo = $auth->getUserData($user, $requireGroups = false);
 150              if (empty($userinfo['mail'])) {
 151                  msg($lang['resendpwdnouser'], -1);
 152                  return false;
 153              }
 154  
 155              // generate auth token
 156              $token = md5(auth_randombytes(16)); // random secret
 157              $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
 158              $url = wl('', ['do' => 'resendpwd', 'pwauth' => $token], true, '&');
 159  
 160              io_saveFile($tfile, $user);
 161  
 162              $text = rawLocale('pwconfirm');
 163              $trep = [
 164                  'FULLNAME' => $userinfo['name'],
 165                  'LOGIN' => $user,
 166                  'CONFIRM' => $url
 167              ];
 168  
 169              $mail = new \Mailer();
 170              $mail->to($userinfo['name'] . ' <' . $userinfo['mail'] . '>');
 171              $mail->subject($lang['regpwmail']);
 172              $mail->setBody($text, $trep);
 173              if ($mail->send()) {
 174                  msg($lang['resendpwdconfirm'], 1);
 175              } else {
 176                  msg($lang['regmailfail'], -1);
 177              }
 178              return true;
 179          }
 180          // never reached
 181      }
 182  }