1<?php 2/** 3 * Postfix Admin 4 * 5 * LICENSE 6 * This source file is subject to the GPL license that is bundled with 7 * this package in the file LICENSE.TXT. 8 * 9 * Further details on the project are available at http://postfixadmin.sf.net 10 * 11 * @version $Id$ 12 * @license GNU GPL v2 or later. 13 * 14 * File: password-change.php 15 * Used by users and admins to change their forgotten login password. 16 * Template File: password-change.tpl 17 * 18 * Template Variables: 19 * 20 * tUsername 21 * tCode 22 * 23 * Form POST \ GET Variables: 24 * 25 * fUsername 26 */ 27 28 29if (preg_match('/\/users\//', $_SERVER['REQUEST_URI'])) { 30 $rel_path = '../'; 31 $context = 'users'; 32} else { 33 $rel_path = './'; 34 $context = 'admin'; 35} 36require_once($rel_path . 'common.php'); 37 38$smarty = PFASmarty::getInstance(); 39$CONF = Config::getInstance()->getAll(); 40 41$smarty->configureTheme($rel_path); 42 43if ($context === 'admin' && !Config::read('forgotten_admin_password_reset') || 44 $context === 'users' && (!Config::read('forgotten_user_password_reset') || Config::read('mailbox_postpassword_script'))) { 45 die('Password reset is disabled by configuration option: forgotten_admin_password_reset or mailbox_postpassword_script'); 46} 47 48if ($_SERVER['REQUEST_METHOD'] === 'GET') { 49 $tUsername = safeget('username'); 50 $tCode = safeget('code'); 51} 52 53if ($_SERVER['REQUEST_METHOD'] === 'POST') { 54 if (safepost('fCancel')) { 55 header('Location: main.php'); 56 exit(0); 57 } 58 59 $fPassword = safepost('fPassword'); 60 $fPassword2 = safepost('fPassword2'); 61 62 $tUsername = safepost('fUsername'); 63 $tCode = trim(safepost('fCode')); 64 65 if (empty($fPassword) or ($fPassword != $fPassword2)) { 66 $error = true; 67 flash_error(Config::lang('pPassword_password_text_error')); 68 } else { 69 $handler = $context === 'admin' ? new AdminHandler : new MailboxHandler; 70 if (!$handler->checkPasswordRecoveryCode($tUsername, $tCode)) { 71 flash_error(Config::lang('pPassword_code_text_error')); 72 } else { 73 init_session($tUsername, $context === 'admin'); 74 if (!$handler->init($tUsername)) { 75 flash_error($handler->errormsg); 76 } else { 77 $values = $handler->result; 78 $values['password'] = $fPassword; 79 $values['password2'] = $fPassword2; 80 if ($handler->set($values) && $handler->save()) { 81 flash_info(Config::lang_f('pPassword_result_success', $tUsername)); 82 header('Location: main.php'); 83 exit(0); 84 } else { 85 foreach ($handler->errormsg as $msg) { 86 flash_error($msg); 87 } 88 } 89 } 90 } 91 } 92} 93 94$smarty->assign('language_selector', language_selector(), false); 95$smarty->assign('tUsername', @$tUsername); 96$smarty->assign('tCode', @$tCode); 97$smarty->assign('smarty_template', 'password-change'); 98$smarty->display('index.tpl'); 99 100/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */ 101