X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=mod%2Flostpass.php;h=548cea185cb943ac3c3f1e7cda039045f7514b12;hb=e7be87df93895de47414a5a788cd6487adb98a29;hp=954788aa4d32dca67206a86da18b3de97a9b701d;hpb=91facd2d0a2869e2c26a5943d8afe1849d3891f8;p=friendica.git diff --git a/mod/lostpass.php b/mod/lostpass.php index 954788aa4d..548cea185c 100644 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -11,26 +11,23 @@ use Friendica\Core\System; use Friendica\Database\DBA; use Friendica\Model\User; use Friendica\Util\DateTimeFormat; - -require_once 'boot.php'; -require_once 'include/enotify.php'; -require_once 'include/text.php'; +use Friendica\Util\Strings; function lostpass_post(App $a) { - $loginame = notags(trim($_POST['login-name'])); + $loginame = Strings::escapeTags(trim($_POST['login-name'])); if (!$loginame) { $a->internalRedirect(); } $condition = ['(`email` = ? OR `nickname` = ?) AND `verified` = 1 AND `blocked` = 0', $loginame, $loginame]; - $user = DBA::selectFirst('user', ['uid', 'username', 'email', 'language'], $condition); + $user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'language'], $condition); if (!DBA::isResult($user)) { notice(L10n::t('No valid account found.') . EOL); $a->internalRedirect(); } - $pwdreset_token = autoname(12) . mt_rand(1000, 9999); + $pwdreset_token = Strings::getRandomName(12) . mt_rand(1000, 9999); $fields = [ 'pwdreset' => $pwdreset_token, @@ -44,7 +41,7 @@ function lostpass_post(App $a) $sitename = Config::get('config', 'sitename'); $resetlink = System::baseUrl() . '/lostpass/' . $pwdreset_token; - $preamble = deindent(L10n::t(' + $preamble = Strings::deindent(L10n::t(' Dear %1$s, A request was recently received at "%2$s" to reset your account password. In order to confirm this request, please select the verification link @@ -55,7 +52,7 @@ function lostpass_post(App $a) Your password will not be changed unless we can verify that you issued this request.', $user['username'], $sitename)); - $body = deindent(L10n::t(' + $body = Strings::deindent(L10n::t(' Follow this link soon to verify your identity: %1$s @@ -66,7 +63,7 @@ function lostpass_post(App $a) The login details are as follows: Site Location: %2$s - Login Name: %3$s', $resetlink, System::baseUrl(), $user['email'])); + Login Name: %3$s', $resetlink, System::baseUrl(), $user['nickname'])); notification([ 'type' => SYSTEM_EMAIL, @@ -84,11 +81,10 @@ function lostpass_post(App $a) function lostpass_content(App $a) { - $o = ''; if ($a->argc > 1) { $pwdreset_token = $a->argv[1]; - $user = DBA::selectFirst('user', ['uid', 'username', 'email', 'pwdreset_time', 'language'], ['pwdreset' => $pwdreset_token]); + $user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'pwdreset_time', 'language'], ['pwdreset' => $pwdreset_token]); if (!DBA::isResult($user)) { notice(L10n::t("Request could not be verified. \x28You may have previously submitted it.\x29 Password reset failed.")); @@ -116,7 +112,7 @@ function lostpass_content(App $a) function lostpass_form() { - $tpl = get_markup_template('lostpass.tpl'); + $tpl = Renderer::getMarkupTemplate('lostpass.tpl'); $o = Renderer::replaceMacros($tpl, [ '$title' => L10n::t('Forgot your Password?'), '$desc' => L10n::t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), @@ -130,12 +126,11 @@ function lostpass_form() function lostpass_generate_password($user) { $o = ''; - $a = get_app(); $new_password = User::generateNewPassword(); $result = User::updatePassword($user['uid'], $new_password); if (DBA::isResult($result)) { - $tpl = get_markup_template('pwdreset.tpl'); + $tpl = Renderer::getMarkupTemplate('pwdreset.tpl'); $o .= Renderer::replaceMacros($tpl, [ '$lbl1' => L10n::t('Password Reset'), '$lbl2' => L10n::t('Your password has been reset as requested.'), @@ -150,13 +145,13 @@ function lostpass_generate_password($user) info("Your password has been reset." . EOL); $sitename = Config::get('config', 'sitename'); - $preamble = deindent(L10n::t(' + $preamble = Strings::deindent(L10n::t(' Dear %1$s, Your password has been changed as requested. Please retain this information for your records ' . "\x28" . 'or change your password immediately to something that you will remember' . "\x29" . '. ', $user['username'])); - $body = deindent(L10n::t(' + $body = Strings::deindent(L10n::t(' Your login details are as follows: Site Location: %1$s @@ -164,7 +159,7 @@ function lostpass_generate_password($user) Password: %3$s You may change that password from your account settings page after logging in. - ', System::baseUrl(), $user['email'], $new_password)); + ', System::baseUrl(), $user['nickname'], $new_password)); notification([ 'type' => SYSTEM_EMAIL,