X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Flostpass.php;h=42a1764bf93a4561cbcb7e1d266b31fa858d0314;hb=69a73678ebc18ad27b27f1bf92bc9433b7e7066f;hp=0d22252bdc723cf948564dcfd1fd5872fb995415;hpb=762a78661109d28dbc29a15b379b342938b35f40;p=friendica.git diff --git a/mod/lostpass.php b/mod/lostpass.php index 0d22252bdc..42a1764bf9 100644 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -4,11 +4,14 @@ */ use Friendica\App; +use Friendica\Core\Config; use Friendica\Core\L10n; +use Friendica\Core\Renderer; use Friendica\Core\System; -use Friendica\Database\DBM; +use Friendica\Database\DBA; use Friendica\Model\User; use Friendica\Util\DateTimeFormat; +use Friendica\Util\Strings; require_once 'boot.php'; require_once 'include/enotify.php'; @@ -16,25 +19,25 @@ require_once 'include/text.php'; function lostpass_post(App $a) { - $loginame = notags(trim($_POST['login-name'])); + $loginame = Strings::escapeTags(trim($_POST['login-name'])); if (!$loginame) { - goaway(System::baseUrl()); + $a->internalRedirect(); } $condition = ['(`email` = ? OR `nickname` = ?) AND `verified` = 1 AND `blocked` = 0', $loginame, $loginame]; - $user = dba::selectFirst('user', ['uid', 'username', 'email'], $condition); - if (!DBM::is_result($user)) { + $user = DBA::selectFirst('user', ['uid', 'username', 'email', 'language'], $condition); + if (!DBA::isResult($user)) { notice(L10n::t('No valid account found.') . EOL); - goaway(System::baseUrl()); + $a->internalRedirect(); } - $pwdreset_token = autoname(12) . mt_rand(1000, 9999); + $pwdreset_token = Strings::getRandomName(12) . mt_rand(1000, 9999); $fields = [ 'pwdreset' => $pwdreset_token, 'pwdreset_time' => DateTimeFormat::utcNow() ]; - $result = dba::update('user', $fields, ['uid' => $user['uid']]); + $result = DBA::update('user', $fields, ['uid' => $user['uid']]); if ($result) { info(L10n::t('Password reset request issued. Check your email.') . EOL); } @@ -42,7 +45,7 @@ function lostpass_post(App $a) $sitename = Config::get('config', 'sitename'); $resetlink = System::baseUrl() . '/lostpass/' . $pwdreset_token; - $preamble = deindent(L10n::t(' + $preamble = Strings::deindent(L10n::t(' Dear %1$s, A request was recently received at "%2$s" to reset your account password. In order to confirm this request, please select the verification link @@ -53,7 +56,7 @@ function lostpass_post(App $a) Your password will not be changed unless we can verify that you issued this request.', $user['username'], $sitename)); - $body = deindent(L10n::t(' + $body = Strings::deindent(L10n::t(' Follow this link soon to verify your identity: %1$s @@ -68,6 +71,8 @@ function lostpass_post(App $a) notification([ 'type' => SYSTEM_EMAIL, + 'language' => $user['language'], + 'to_name' => $user['username'], 'to_email' => $user['email'], 'uid' => $user['uid'], 'subject' => L10n::t('Password reset requested at %s', $sitename), @@ -75,7 +80,7 @@ function lostpass_post(App $a) 'body' => $body ]); - goaway(System::baseUrl()); + $a->internalRedirect(); } function lostpass_content(App $a) @@ -84,8 +89,8 @@ function lostpass_content(App $a) if ($a->argc > 1) { $pwdreset_token = $a->argv[1]; - $user = dba::selectFirst('user', ['uid', 'username', 'email', 'pwdreset_time'], ['pwdreset' => $pwdreset_token]); - if (!DBM::is_result($user)) { + $user = DBA::selectFirst('user', ['uid', 'username', 'email', 'pwdreset_time', 'language'], ['pwdreset' => $pwdreset_token]); + if (!DBA::isResult($user)) { notice(L10n::t("Request could not be verified. \x28You may have previously submitted it.\x29 Password reset failed.")); return lostpass_form(); @@ -97,7 +102,7 @@ function lostpass_content(App $a) 'pwdreset' => null, 'pwdreset_time' => null ]; - dba::update('user', $fields, ['uid' => $user['uid']]); + DBA::update('user', $fields, ['uid' => $user['uid']]); notice(L10n::t('Request has expired, please make a new one.')); @@ -112,8 +117,8 @@ function lostpass_content(App $a) function lostpass_form() { - $tpl = get_markup_template('lostpass.tpl'); - $o = replace_macros($tpl, [ + $tpl = Renderer::getMarkupTemplate('lostpass.tpl'); + $o = Renderer::replaceMacros($tpl, [ '$title' => L10n::t('Forgot your Password?'), '$desc' => L10n::t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => L10n::t('Nickname or Email: '), @@ -130,9 +135,9 @@ function lostpass_generate_password($user) $new_password = User::generateNewPassword(); $result = User::updatePassword($user['uid'], $new_password); - if (DBM::is_result($result)) { - $tpl = get_markup_template('pwdreset.tpl'); - $o .= replace_macros($tpl, [ + if (DBA::isResult($result)) { + $tpl = Renderer::getMarkupTemplate('pwdreset.tpl'); + $o .= Renderer::replaceMacros($tpl, [ '$lbl1' => L10n::t('Password Reset'), '$lbl2' => L10n::t('Your password has been reset as requested.'), '$lbl3' => L10n::t('Your new password is'), @@ -146,13 +151,13 @@ function lostpass_generate_password($user) info("Your password has been reset." . EOL); $sitename = Config::get('config', 'sitename'); - $preamble = deindent(L10n::t(' + $preamble = Strings::deindent(L10n::t(' Dear %1$s, Your password has been changed as requested. Please retain this information for your records ' . "\x28" . 'or change your password immediately to something that you will remember' . "\x29" . '. ', $user['username'])); - $body = deindent(L10n::t(' + $body = Strings::deindent(L10n::t(' Your login details are as follows: Site Location: %1$s @@ -164,6 +169,8 @@ function lostpass_generate_password($user) notification([ 'type' => SYSTEM_EMAIL, + 'language' => $user['language'], + 'to_name' => $user['username'], 'to_email' => $user['email'], 'uid' => $user['uid'], 'subject' => L10n::t('Your password has been changed at %s', $sitename),