Change of plan. Change password stuff moved to admin/auth.php
[moodle.git] / login / forgot_password.php
CommitLineData
9a58f7cb 1<?php // $Id$
f9903ed0 2
894ff63f 3 require_once("../config.php");
f9903ed0 4
8d030053 5 $p = optional_param('p','');
6 $s = optional_param('s','');
f9903ed0 7
8e370bb6 8 //HTTPS is potentially required in this page
9 httpsrequired();
10
eb347b6b 11 if (!empty($p) and !empty($s)) { // User trying to authenticate change password routine
f9903ed0 12
894ff63f 13 update_login_count();
f9903ed0 14
7c12949d 15 $user = get_complete_user_data("username", "$s");
eb347b6b 16
17 if (!empty($user)) {
18 if ($user->secret == $p) { // They have provided the secret key to get in
19
20 if (isguest($user->id)) {
21 error("Can't change guest password!");
22 }
39eece7b 23
24 $user->emailstop = 0; // Send mail even if sending mail was forbidden
eb347b6b 25
894ff63f 26 if (! reset_password_and_mail($user)) {
eb347b6b 27 error("Could not reset password and mail the new one to you");
28 }
29
894ff63f 30 reset_login_count();
eb347b6b 31
894ff63f 32 print_header(get_string("passwordsent"), get_string("passwordsent"), get_string("passwordsent"));
eb347b6b 33
34 $a->email = $user->email;
8e370bb6 35 $a->link = "$CFG->httpswwwroot/login/change_password.php";
eb347b6b 36 notice(get_string("emailpasswordsent", "", $a), $a->link);
37 }
38 }
39 error(get_string("error"));
40 }
41
894ff63f 42 if ($frm = data_submitted()) { // Initial request for new password
eb347b6b 43
8d030053 44 if (!confirm_sesskey()) {
45 error( 'sesskey invalid' );
46 }
47
894ff63f 48 validate_form($frm, $err);
eb347b6b 49
894ff63f 50 if (count((array)$err) == 0) {
f9903ed0 51
894ff63f 52 if (!$user = get_complete_user_data("email", $frm->email)) {
f9903ed0 53 error("No such user with this address: $frm->email");
54 }
5c0567b4 55
56 if (empty($user->confirmed)) {
57 error(get_string("confirmednot"));
58 }
eb347b6b 59
60 $user->secret = random_string(15);
61
894ff63f 62 if (!set_field("user", "secret", $user->secret, "id", $user->id)) {
eb347b6b 63 error("Could not set user secret string!");
0bb2c9f7 64 }
65
49258159 66 $user->emailstop = 0; // Send mail even if sending mail was forbidden
67
eb347b6b 68 if (! send_password_change_confirmation_email($user)) {
69 error("Could not send you an email to confirm the password change");
f9903ed0 70 }
71
894ff63f 72 print_header(get_string("passwordconfirmchange"), get_string("passwordconfirmchange"));
eb347b6b 73
c540442f 74 notice(get_string('emailpasswordconfirmsent', '', $user->email), "$CFG->wwwroot/");
eb347b6b 75 }
894ff63f 76 }
f9903ed0 77
894ff63f 78 if (empty($frm->email)) {
79 if ($username = get_moodle_cookie() ) {
80 $frm->email = get_field("user", "email", "username", "$username");
81 }
82 }
f9903ed0 83
894ff63f 84 print_header(get_string("senddetails"), get_string("senddetails"),
9a58f7cb 85 "<a href=\"$CFG->wwwroot/login/index.php\">".get_string("login")."</a> -> ".get_string("senddetails"),
8553b700 86 "form.email");
894ff63f 87 include("forgot_password_form.html");
8553b700 88 print_footer();
f9903ed0 89
90
91/******************************************************************************
92 * FUNCTIONS
93 *****************************************************************************/
94
95function validate_form($frm, &$err) {
96
97 if (empty($frm->email))
8553b700 98 $err->email = get_string("missingemail");
f9903ed0 99
100 else if (! validate_email($frm->email))
8553b700 101 $err->email = get_string("invalidemail");
f9903ed0 102
103 else if (! record_exists("user", "email", $frm->email))
8553b700 104 $err->email = get_string("nosuchemail");
f9903ed0 105
106}
107
108
f9903ed0 109?>