1<?php 2/* 3 * vim:set softtabstop=4 shiftwidth=4 expandtab: 4 * 5 * LICENSE: GNU Affero General Public License, version 3 (AGPL-3.0-or-later) 6 * Copyright 2001 - 2020 Ampache.org 7 * 8 * This program is free software: you can redistribute it and/or modify 9 * it under the terms of the GNU Affero General Public License as published by 10 * the Free Software Foundation, either version 3 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU Affero General Public License for more details. 17 * 18 * You should have received a copy of the GNU Affero General Public License 19 * along with this program. If not, see <https://www.gnu.org/licenses/>. 20 * 21 */ 22 23declare(strict_types=0); 24 25namespace Ampache\Module\Application\LostPassword; 26 27use Ampache\Config\ConfigContainerInterface; 28use Ampache\Config\ConfigurationKeyEnum; 29use Ampache\Module\Application\ApplicationActionInterface; 30use Ampache\Module\Application\Exception\AccessDeniedException; 31use Ampache\Module\Authorization\GuiGatekeeperInterface; 32use Ampache\Module\System\Core; 33use Ampache\Module\User\NewPasswordSenderInterface; 34use Ampache\Module\Util\Mailer; 35use Ampache\Module\Util\Ui; 36use Ampache\Module\Util\UiInterface; 37use Psr\Http\Message\ResponseInterface; 38use Psr\Http\Message\ServerRequestInterface; 39 40final class SendAction implements ApplicationActionInterface 41{ 42 public const REQUEST_KEY = 'send'; 43 44 private ConfigContainerInterface $configContainer; 45 46 private NewPasswordSenderInterface $newPasswordSender; 47 48 private UiInterface $ui; 49 50 public function __construct( 51 ConfigContainerInterface $configContainer, 52 NewPasswordSenderInterface $newPasswordSender, 53 UiInterface $ui 54 ) { 55 $this->configContainer = $configContainer; 56 $this->newPasswordSender = $newPasswordSender; 57 $this->ui = $ui; 58 } 59 60 public function run(ServerRequestInterface $request, GuiGatekeeperInterface $gatekeeper): ?ResponseInterface 61 { 62 if ( 63 !Mailer::is_mail_enabled() || 64 $this->configContainer->isFeatureEnabled(ConfigurationKeyEnum::DEMO_MODE) 65 ) { 66 throw new AccessDeniedException(); 67 } 68 69 /* Check for posted email */ 70 $result = false; 71 if (filter_has_var(INPUT_POST, 'email') && Core::get_post('email')) { 72 /* Get the email address and the current ip*/ 73 $email = scrub_in(filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL)); 74 $current_ip = filter_has_var( 75 INPUT_SERVER, 76 'HTTP_X_FORWARDED_FOR') ? Core::get_server('HTTP_X_FORWARDED_FOR') : Core::get_server('REMOTE_ADDR' 77 ); 78 $result = $this->newPasswordSender->send($email, $current_ip); 79 } 80 // Do not acknowledge a password has been sent or failed and go back to login 81 require Ui::find_template('show_login_form.inc.php'); 82 83 return null; 84 } 85} 86