qa-page-forgot.php 3.57 KB
Newer Older
Gideon Greenspan committed
1 2 3
<?php

/*
Gideon Greenspan committed
4
	Question2Answer by Gideon Greenspan and contributors
Gideon Greenspan committed
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53

	http://www.question2answer.org/

	
	File: qa-include/qa-page-forgot.php
	Version: See define()s at top of qa-include/qa-base.php
	Description: Controller for 'forgot my password' page


	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.
	
	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	More about this license: http://www.question2answer.org/license.php
*/

	if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
		header('Location: ../');
		exit;
	}

	require_once QA_INCLUDE_DIR.'qa-db-users.php';
	require_once QA_INCLUDE_DIR.'qa-app-captcha.php';


//	Check we're not using single-sign on integration and that we're not logged in
	
	if (QA_FINAL_EXTERNAL_USERS)
		qa_fatal_error('User login is handled by external code');
		
	if (qa_is_logged_in())
		qa_redirect('');


//	Start the 'I forgot my password' process, sending email if appropriate
	
	if (qa_clicked('doforgot')) {
		require_once QA_INCLUDE_DIR.'qa-app-users-edit.php';
		
		$inemailhandle=qa_post_text('emailhandle');
		
		$errors=array();
		
Gideon Greenspan committed
54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
		if (!qa_check_form_security_code('forgot', qa_post_text('code')))
			$errors['page']=qa_lang_html('misc/form_security_again');
		
		else {
			if (strpos($inemailhandle, '@')===false) { // handles can't contain @ symbols
				$matchusers=qa_db_user_find_by_handle($inemailhandle);
				$passemailhandle=!qa_opt('allow_login_email_only');
				
			} else {
				$matchusers=qa_db_user_find_by_email($inemailhandle);
				$passemailhandle=true;
			}
				
			if (count($matchusers)!=1) // if we get more than one match (should be impossible) also give an error
				$errors['emailhandle']=qa_lang('users/user_not_found');
	
			if (qa_opt('captcha_on_reset_password'))
				qa_captcha_validate_post($errors);
	
			if (empty($errors)) {
				$inuserid=$matchusers[0];
				qa_start_reset_user($inuserid);
				qa_redirect('reset', $passemailhandle ? array('e' => $inemailhandle) : null); // redirect to page where code is entered
			}
		}			
Gideon Greenspan committed
79 80 81 82 83 84 85 86 87 88

	} else
		$inemailhandle=qa_get('e');

	
//	Prepare content for theme
	
	$qa_content=qa_content_prepare();

	$qa_content['title']=qa_lang_html('users/reset_title');
Gideon Greenspan committed
89
	$qa_content['error']=@$errors['page'];
Gideon Greenspan committed
90 91

	$qa_content['form']=array(
Gideon Greenspan committed
92
		'tags' => 'method="post" action="'.qa_self_html().'"',
Gideon Greenspan committed
93 94 95 96 97 98
		
		'style' => 'tall',
		
		'fields' => array(
			'email_handle' => array(
				'label' => qa_lang_html('users/email_handle_label'),
Gideon Greenspan committed
99
				'tags' => 'name="emailhandle" id="emailhandle"',
Gideon Greenspan committed
100 101 102 103 104 105 106 107 108 109 110 111 112 113
				'value' => qa_html(@$inemailhandle),
				'error' => qa_html(@$errors['emailhandle']),
				'note' => qa_lang_html('users/send_reset_note'),
			),
		),
		
		'buttons' => array(
			'send' => array(
				'label' => qa_lang_html('users/send_reset_button'),
			),
		),
		
		'hidden' => array(
			'doforgot' => '1',
Gideon Greenspan committed
114
			'code' => qa_get_form_security_code('forgot'),
Gideon Greenspan committed
115 116 117 118 119 120 121 122 123 124 125 126 127 128 129
		),
	);
	
	if (qa_opt('captcha_on_reset_password'))
		qa_set_up_captcha_field($qa_content, $qa_content['form']['fields'], @$errors);
	
	$qa_content['focusid']='emailhandle';

	
	return $qa_content;


/*
	Omit PHP closing tag to help avoid accidental output
*/