[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Librefm-commits] [1485] Change the use of password "recovery" to "reset
From: |
Jørgen Bøhnsdalen |
Subject: |
[Librefm-commits] [1485] Change the use of password "recovery" to "reset. |
Date: |
Mon, 11 May 2009 19:18:34 +0000 |
Revision: 1485
http://svn.sv.gnu.org/viewvc/?view=rev&root=librefm&revision=1485
Author: jurgbohn
Date: 2009-05-11 19:18:33 +0000 (Mon, 11 May 2009)
Log Message:
-----------
Change the use of password "recovery" to "reset.
Modified Paths:
--------------
trunk/nixtape/themes/librefm/templates/login.tpl
Added Paths:
-----------
trunk/nixtape/reset.php
trunk/nixtape/themes/librefm/templates/reset.tpl
Removed Paths:
-------------
trunk/nixtape/recovery.php
trunk/nixtape/themes/librefm/templates/recovery.tpl
Deleted: trunk/nixtape/recovery.php
===================================================================
--- trunk/nixtape/recovery.php 2009-05-11 19:17:35 UTC (rev 1484)
+++ trunk/nixtape/recovery.php 2009-05-11 19:18:33 UTC (rev 1485)
@@ -1,106 +0,0 @@
-<?php
-
-/* Libre.fm -- a free network service for sharing your music listening habits
-
- Copyright (C) 2009 Libre.fm Project
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU Affero General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-
- */
-
-// TODO: Check if the request has expired before changing.
-
-require_once('database.php');
-require_once('templating.php');
-require_once('utils/EmailAddressValidator.php');
-
-global $mdb2;
-$errors = '';
-
-function sendEmail($text, $email) {
- $headers = 'From: Libre.fm Recovery <address@hidden>';
- $subject = 'Libre.fm Password Recovery';
- mail($email, $subject, $text, $headers);
-}
-
-if (isset($_GET['code'])) {
- $res = $mdb2->query('SELECT * FROM Recovery_Request WHERE code=' .
$mdb2->quote($_GET['code'], 'text'));
- if ($res->numRows() == 0) {
- $errors .= "Invalid recovery token.\n";
- $smarty->assign('errors', $errors);
- $smarty->display('error.tpl');
- die();
- }
-
- $row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);
-
- $password = '';
- $chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
-
- for ($i = 0; $i < 8; $i++) {
- $password .= substr($chars, mt_rand(0, strlen($chars)-1), 1);
- }
-
- $email = $row['email'];
-
- $sql = 'UPDATE Users SET password=' . $mdb2->quote(md5($password), 'text')
. ' WHERE email='
- . $mdb2->quote($email, 'text');
-
- $mdb2->exec($sql);
-
- $content = "Hi!\n\nYour password has been set to " . $password . "\n\n -
The Libre.fm Team";
- sendEmail($content, $email);
- $sql = 'DELETE FROM Recovery_Request WHERE code=' . $mdb2->quote($email,
'text');
- $mdb2->exec($sql);
- $smarty->assign('changed', true);
-}
-
-else if (isset($_POST['user'])) {
- $username = $_POST['user'];
-
- $res = $mdb2->query('SELECT * FROM Users WHERE username="'
- . $mdb2->quote($username, 'text'));
-
- if (PEAR::isError($res) || $res->numRows() == 0) {
- $errors .= "User not found.\n";
- $smarty->assign('errors', $errors);
- $smarty->display('error.tpl');
- die();
- }
- $row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);
- $code = md5($username . $row['email'] . time());
- $sql = 'INSERT INTO Recovery_Request (username, email, code, expires)
VALUES('
- . $mdb2->quote($username, 'text') . ', '
- . $mdb2->quote($row['email'], 'text') . ', '
- . $mdb2->quote($code, 'text') . ', '
- . $mdb2->quote(time() + 86400, 'text') . ')';
-
- $res = $mdb2->exec($sql);
- if (PEAR::isError($res)) {
- $errors .= 'Error on: ' . $sql;
- $smarty->assign('errors', $errors);
- $smarty->display('error.tpl');
- die();
- }
-
- $url = $base_url . '/recovery.php?code=' . $code;
- $content = "Hi!\n\nSomeone from the IP-address " . $_SERVER['REMOTE_ADDR']
. " entered your username "
- . "in the password recovery form at libre.fm. To change you password,
please visit\n\n"
- . $url . "\n\n- The Libre.fm Team";
- sendEmail($content, $row['email']);
- $smarty->assign('sent', true);
-}
-
-$smarty->display('recovery.tpl');
-?>
Copied: trunk/nixtape/reset.php (from rev 1478, trunk/nixtape/recovery.php)
===================================================================
--- trunk/nixtape/reset.php (rev 0)
+++ trunk/nixtape/reset.php 2009-05-11 19:18:33 UTC (rev 1485)
@@ -0,0 +1,106 @@
+<?php
+
+/* Libre.fm -- a free network service for sharing your music listening habits
+
+ Copyright (C) 2009 Libre.fm Project
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ */
+
+// TODO: Check if the request has expired before changing.
+
+require_once('database.php');
+require_once('templating.php');
+require_once('utils/EmailAddressValidator.php');
+
+global $mdb2;
+$errors = '';
+
+function sendEmail($text, $email) {
+ $headers = 'From: Libre.fm Reset <address@hidden>';
+ $subject = 'Libre.fm Password Reset';
+ mail($email, $subject, $text, $headers);
+}
+
+if (isset($_GET['code'])) {
+ $res = $mdb2->query('SELECT * FROM Recovery_Request WHERE code=' .
$mdb2->quote($_GET['code'], 'text'));
+ if ($res->numRows() == 0) {
+ $errors .= "Invalid reset token.\n";
+ $smarty->assign('errors', $errors);
+ $smarty->display('error.tpl');
+ die();
+ }
+
+ $row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);
+
+ $password = '';
+ $chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
+
+ for ($i = 0; $i < 8; $i++) {
+ $password .= substr($chars, mt_rand(0, strlen($chars)-1), 1);
+ }
+
+ $email = $row['email'];
+
+ $sql = 'UPDATE Users SET password=' . $mdb2->quote(md5($password), 'text')
. ' WHERE email='
+ . $mdb2->quote($email, 'text');
+
+ $mdb2->exec($sql);
+
+ $content = "Hi!\n\nYour password has been set to " . $password . "\n\n -
The Libre.fm Team";
+ sendEmail($content, $email);
+ $sql = 'DELETE FROM Recovery_Request WHERE code=' . $mdb2->quote($email,
'text');
+ $mdb2->exec($sql);
+ $smarty->assign('changed', true);
+}
+
+else if (isset($_POST['user'])) {
+ $username = $_POST['user'];
+
+ $res = $mdb2->query('SELECT * FROM Users WHERE username="'
+ . $mdb2->quote($username, 'text'));
+
+ if (PEAR::isError($res) || $res->numRows() == 0) {
+ $errors .= "User not found.\n";
+ $smarty->assign('errors', $errors);
+ $smarty->display('error.tpl');
+ die();
+ }
+ $row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);
+ $code = md5($username . $row['email'] . time());
+ $sql = 'INSERT INTO Recovery_Request (username, email, code, expires)
VALUES('
+ . $mdb2->quote($username, 'text') . ', '
+ . $mdb2->quote($row['email'], 'text') . ', '
+ . $mdb2->quote($code, 'text') . ', '
+ . $mdb2->quote(time() + 86400, 'text') . ')';
+
+ $res = $mdb2->exec($sql);
+ if (PEAR::isError($res)) {
+ $errors .= 'Error on: ' . $sql;
+ $smarty->assign('errors', $errors);
+ $smarty->display('error.tpl');
+ die();
+ }
+
+ $url = $base_url . '/reset.php?code=' . $code;
+ $content = "Hi!\n\nSomeone from the IP-address " . $_SERVER['REMOTE_ADDR']
. " entered your username "
+ . "in the password reset form at libre.fm. To change you password,
please visit\n\n"
+ . $url . "\n\n- The Libre.fm Team";
+ sendEmail($content, $row['email']);
+ $smarty->assign('sent', true);
+}
+
+$smarty->display('reset.tpl');
+?>
Modified: trunk/nixtape/themes/librefm/templates/login.tpl
===================================================================
--- trunk/nixtape/themes/librefm/templates/login.tpl 2009-05-11 19:17:35 UTC
(rev 1484)
+++ trunk/nixtape/themes/librefm/templates/login.tpl 2009-05-11 19:18:33 UTC
(rev 1485)
@@ -5,7 +5,7 @@
{if !empty($errors)}
<p id='errors'>{$errors}</p>
{if isset($invalid)}
- <a href="{$base_url}/recovery.php">{t}Lost password{/t}?</a><br />
+ <a href="{$base_url}/reset.php">{t}Lost password{/t}?</a><br />
{/if}
{/if}
Deleted: trunk/nixtape/themes/librefm/templates/recovery.tpl
===================================================================
--- trunk/nixtape/themes/librefm/templates/recovery.tpl 2009-05-11 19:17:35 UTC
(rev 1484)
+++ trunk/nixtape/themes/librefm/templates/recovery.tpl 2009-05-11 19:18:33 UTC
(rev 1485)
@@ -1,35 +0,0 @@
-{include file='header.tpl'}
-
-<h2>{t}Password recovery{/t}</h2>
-
-{if isset($errors)}
- <p id='errors'>{$errors}</p>
-{/if}
-
-{if isset($changed)}
- <p>{t}Your new password has been emailed to you.{/t}</p>
-{/if}
-
-{if isset($sent)}
- <p>{t}An email with further information has been sent to the email
address associated with your profile.{/t}</p>
-
-{else}
-
-<div id='invite'>
-
- <form action='/recovery.php' method='post'>
- <fieldset>
- <p><a href='http://libre.fm' rel='bookmark' class='vcard fn org
url'>libre.fm</a> {t}Password Recovery{/t}</p>
-
- <label for='username'>{t}Username{/t} <span>{t}must be
valid!{/t}</span></label>
- <input id='username' name='user' type='text' value='' />
-
- <input type='submit' name='recover' value='{t}Recover
my password!{/t}'/>
- </fieldset>
-
- </form>
-</div>
-
-{/if}
-
-{include file='footer.tpl'}
Copied: trunk/nixtape/themes/librefm/templates/reset.tpl (from rev 1478,
trunk/nixtape/themes/librefm/templates/recovery.tpl)
===================================================================
--- trunk/nixtape/themes/librefm/templates/reset.tpl
(rev 0)
+++ trunk/nixtape/themes/librefm/templates/reset.tpl 2009-05-11 19:18:33 UTC
(rev 1485)
@@ -0,0 +1,35 @@
+{include file='header.tpl'}
+
+<h2>{t}Password reset{/t}</h2>
+
+{if isset($errors)}
+ <p id='errors'>{$errors}</p>
+{/if}
+
+{if isset($changed)}
+ <p>{t}Your new password has been emailed to you.{/t}</p>
+{/if}
+
+{if isset($sent)}
+ <p>{t}An email with further information has been sent to the email
address associated with your profile.{/t}</p>
+
+{else}
+
+<div id='invite'>
+
+ <form action="{$base_url}/reset.php" method='post'>
+ <fieldset>
+ <p><a href='http://libre.fm' rel='bookmark' class='vcard fn org
url'>libre.fm</a> {t}Password Reset{/t}</p>
+
+ <label for='username'>{t}Username{/t} <span>{t}must be
valid!{/t}</span></label>
+ <input id='username' name='user' type='text' value='' />
+
+ <input type='submit' name='recover' value='{t}Reset my
password!{/t}'/>
+ </fieldset>
+
+ </form>
+</div>
+
+{/if}
+
+{include file='footer.tpl'}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Librefm-commits] [1485] Change the use of password "recovery" to "reset.,
Jørgen Bøhnsdalen <=