X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Flostpass.php;h=ecab0982c86d4f43a5d60e6dcbda724ffc547de2;hb=ae3d4f63a31c5a9f35c55e6507263a600867b55a;hp=9cde1c9ff4a637edf2398b99efe62c50c7bffd02;hpb=dc35d2f2f352b1f378a00dae37c6be3044c9a0a0;p=friendica.git

diff --git a/mod/lostpass.php b/mod/lostpass.php
index 9cde1c9ff4..ecab0982c8 100644
--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * @file mod/lostpass.php
  */
@@ -6,30 +7,28 @@
 use Friendica\App;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
+use Friendica\Core\Renderer;
 use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model\User;
 use Friendica\Util\DateTimeFormat;
-
-require_once 'boot.php';
-require_once 'include/enotify.php';
-require_once 'include/text.php';
+use Friendica\Util\Strings;
 
 function lostpass_post(App $a)
 {
-	$loginame = notags(trim($_POST['login-name']));
+	$loginame = Strings::escapeTags(trim($_POST['login-name']));
 	if (!$loginame) {
 		$a->internalRedirect();
 	}
 
 	$condition = ['(`email` = ? OR `nickname` = ?) AND `verified` = 1 AND `blocked` = 0', $loginame, $loginame];
-	$user = DBA::selectFirst('user', ['uid', 'username', 'email', 'language'], $condition);
+	$user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'language'], $condition);
 	if (!DBA::isResult($user)) {
 		notice(L10n::t('No valid account found.') . EOL);
 		$a->internalRedirect();
 	}
 
-	$pwdreset_token = autoname(12) . mt_rand(1000, 9999);
+	$pwdreset_token = Strings::getRandomName(12) . random_int(1000, 9999);
 
 	$fields = [
 		'pwdreset' => $pwdreset_token,
@@ -43,7 +42,7 @@ function lostpass_post(App $a)
 	$sitename = Config::get('config', 'sitename');
 	$resetlink = System::baseUrl() . '/lostpass/' . $pwdreset_token;
 
-	$preamble = deindent(L10n::t('
+	$preamble = Strings::deindent(L10n::t('
 		Dear %1$s,
 			A request was recently received at "%2$s" to reset your account
 		password. In order to confirm this request, please select the verification link
@@ -54,7 +53,7 @@ function lostpass_post(App $a)
 
 		Your password will not be changed unless we can verify that you
 		issued this request.', $user['username'], $sitename));
-	$body = deindent(L10n::t('
+	$body = Strings::deindent(L10n::t('
 		Follow this link soon to verify your identity:
 
 		%1$s
@@ -65,7 +64,7 @@ function lostpass_post(App $a)
 		The login details are as follows:
 
 		Site Location:	%2$s
-		Login Name:	%3$s', $resetlink, System::baseUrl(), $user['email']));
+		Login Name:	%3$s', $resetlink, System::baseUrl(), $user['nickname']));
 
 	notification([
 		'type'     => SYSTEM_EMAIL,
@@ -83,11 +82,10 @@ function lostpass_post(App $a)
 
 function lostpass_content(App $a)
 {
-	$o = '';
 	if ($a->argc > 1) {
 		$pwdreset_token = $a->argv[1];
 
-		$user = DBA::selectFirst('user', ['uid', 'username', 'email', 'pwdreset_time', 'language'], ['pwdreset' => $pwdreset_token]);
+		$user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'pwdreset_time', 'language'], ['pwdreset' => $pwdreset_token]);
 		if (!DBA::isResult($user)) {
 			notice(L10n::t("Request could not be verified. \x28You may have previously submitted it.\x29 Password reset failed."));
 
@@ -115,8 +113,8 @@ function lostpass_content(App $a)
 
 function lostpass_form()
 {
-	$tpl = get_markup_template('lostpass.tpl');
-	$o = replace_macros($tpl, [
+	$tpl = Renderer::getMarkupTemplate('lostpass.tpl');
+	$o = Renderer::replaceMacros($tpl, [
 		'$title' => L10n::t('Forgot your Password?'),
 		'$desc' => L10n::t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'),
 		'$name' => L10n::t('Nickname or Email: '),
@@ -129,13 +127,12 @@ function lostpass_form()
 function lostpass_generate_password($user)
 {
 	$o = '';
-	$a = get_app();
 
 	$new_password = User::generateNewPassword();
 	$result = User::updatePassword($user['uid'], $new_password);
 	if (DBA::isResult($result)) {
-		$tpl = get_markup_template('pwdreset.tpl');
-		$o .= replace_macros($tpl, [
+		$tpl = Renderer::getMarkupTemplate('pwdreset.tpl');
+		$o .= Renderer::replaceMacros($tpl, [
 			'$lbl1'    => L10n::t('Password Reset'),
 			'$lbl2'    => L10n::t('Your password has been reset as requested.'),
 			'$lbl3'    => L10n::t('Your new password is'),
@@ -143,19 +140,18 @@ function lostpass_generate_password($user)
 			'$lbl5'    => '<a href="' . System::baseUrl() . '">' . L10n::t('click here to login') . '</a>.',
 			'$lbl6'    => L10n::t('Your password may be changed from the <em>Settings</em> page after successful login.'),
 			'$newpass' => $new_password,
-			'$baseurl' => System::baseUrl()
 		]);
 
 		info("Your password has been reset." . EOL);
 
 		$sitename = Config::get('config', 'sitename');
-		$preamble = deindent(L10n::t('
+		$preamble = Strings::deindent(L10n::t('
 			Dear %1$s,
 				Your password has been changed as requested. Please retain this
 			information for your records ' . "\x28" . 'or change your password immediately to
 			something that you will remember' . "\x29" . '.
 		', $user['username']));
-		$body = deindent(L10n::t('
+		$body = Strings::deindent(L10n::t('
 			Your login details are as follows:
 
 			Site Location:	%1$s
@@ -163,7 +159,7 @@ function lostpass_generate_password($user)
 			Password:	%3$s
 
 			You may change that password from your account settings page after logging in.
-		', System::baseUrl(), $user['email'], $new_password));
+		', System::baseUrl(), $user['nickname'], $new_password));
 
 		notification([
 			'type'     => SYSTEM_EMAIL,