1<?php
2# MantisBT - A PHP based bugtracking system
3
4# MantisBT is free software: you can redistribute it and/or modify
5# it under the terms of the GNU General Public License as published by
6# the Free Software Foundation, either version 2 of the License, or
7# (at your option) any later version.
8#
9# MantisBT is distributed in the hope that it will be useful,
10# but WITHOUT ANY WARRANTY; without even the implied warranty of
11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12# GNU General Public License for more details.
13#
14# You should have received a copy of the GNU General Public License
15# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * Lost Password Functionality
19 *
20 * @package MantisBT
21 * @author Marcello Scata' <marcelloscata at users.sourceforge.net> ITALY
22 * @copyright Copyright 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
23 * @copyright Copyright 2002  MantisBT Team - mantisbt-dev@lists.sourceforge.net
24 * @link http://www.mantisbt.org
25 *
26 * @uses core.php
27 * @uses config_api.php
28 * @uses constant_inc.php
29 * @uses form_api.php
30 * @uses helper_api.php
31 * @uses html_api.php
32 * @uses lang_api.php
33 * @uses print_api.php
34 */
35
36require_once( 'core.php' );
37require_api( 'config_api.php' );
38require_api( 'constant_inc.php' );
39require_api( 'form_api.php' );
40require_api( 'helper_api.php' );
41require_api( 'html_api.php' );
42require_api( 'lang_api.php' );
43require_api( 'print_api.php' );
44require_css( 'login.css' );
45
46# lost password feature disabled or reset password via email disabled -> stop here!
47if( LDAP == config_get_global( 'login_method' ) ||
48	OFF == config_get( 'lost_password_feature' ) ||
49	OFF == config_get( 'send_reset_password' )  ||
50	OFF == config_get( 'enable_email_notification' ) ) {
51	trigger_error( ERROR_LOST_PASSWORD_NOT_ENABLED, ERROR );
52}
53
54$f_username = gpc_get_string( 'username', '' );
55$t_username = auth_prepare_username( $f_username );
56
57# Determine whether the username or password field should receive automatic focus.
58$t_username_field_autofocus = 'autofocus';
59$t_email_field_autofocus = '';
60if( $t_username ) {
61	$t_username_field_autofocus = '';
62	$t_email_field_autofocus = 'autofocus';
63}
64
65# don't index lost password page
66html_robots_noindex();
67
68layout_login_page_begin();
69?>
70
71<div class="col-md-offset-3 col-md-6 col-sm-10 col-sm-offset-1">
72<div id="lost-password-div" class="login-container">
73	<div class="space-12 hidden-480"></div>
74	<?php layout_login_page_logo() ?>
75	<div class="space-24 hidden-480"></div>
76	<div class="position-relative">
77	<div class="signup-box visible widget-box no-border" id="login-box">
78	<div class="widget-body">
79	<div class="widget-main">
80		<h4 class="header lighter bigger">
81			<?php print_icon( 'fa-key', 'ace-icon' ); ?>
82			<?php echo lang_get( 'lost_password_title' ) ?>
83		</h4>
84		<div class="space-10"></div>
85	<form id="lost-password-form" method="post" action="lost_pwd.php">
86		<fieldset>
87			<?php
88			echo form_security_field( 'lost_pwd' );
89
90			$t_allow_passwd = auth_can_set_password();
91			if( $t_allow_passwd ) { ?>
92				<label for="username" class="block clearfix">
93				<span class="block input-icon input-icon-right">
94					<input id="username" name="username" type="text"
95						placeholder="<?php echo lang_get( 'username' ) ?>"
96                        value="<?php echo string_html_specialchars( $t_username ) ?>"
97                        size="32" maxlength="<?php echo DB_FIELD_SIZE_USERNAME;?>" class="form-control <?php echo $t_username_field_autofocus ?>">
98					<?php print_icon( 'fa-user', 'ace-icon' ); ?>
99				</span>
100				</label>
101				<label for="email-field" class="block clearfix">
102				<span class="block input-icon input-icon-right">
103					<input id="email-field" name="email" type="text"
104						   placeholder="<?php echo lang_get( 'email' ) ?>"
105						   size="32" maxlength="64" class="form-control <?php echo $t_email_field_autofocus; ?>">
106					<?php print_icon( 'fa-envelope', 'ace-icon' ); ?>
107				</span>
108				</label>
109				<div class="space-10"></div>
110				<?php echo lang_get( 'lost_password_info' ); ?>
111				<div class="space-10"></div>
112				<input type="submit" class="width-40 pull-right btn btn-success btn-inverse bigger-110"  value="<?php echo lang_get( 'submit' ) ?>" />
113			<?php
114			} else {
115				echo '<div class="space-10"></div>';
116				echo '<div class="alert alert-danger">';
117				echo auth_password_managed_elsewhere_message();
118				echo '</div>';
119			} ?>
120		</fieldset>
121	</form>
122	</div>
123		<div class="toolbar center">
124			<a class="back-to-login-link pull-left" href="<?php echo AUTH_PAGE_USERNAME ?>"><?php echo lang_get( 'login' ); ?></a>
125			<?php if( auth_signup_enabled() ) { ?>
126			<a class="back-to-login-link pull-right" href="signup_page.php"><?php echo lang_get( 'signup_link' ); ?></a>
127			<?php } ?>
128			<div class="clearfix"></div>
129		</div>
130	</div>
131	</div>
132	</div>
133</div>
134
135<?php
136layout_login_page_end();
137