print a warning if a user wants to reset his password and encryption is enabled

Conflicts:

	core/lostpassword/templates/lostpassword.php

diff --git a/core/lostpassword/controller.php b/core/lostpassword/controller.php
index fbcf4a87f22c876de23c7c7a92338851eca01036..9377de5d39abc33d9df18ef5b2cb5266047db28b 100644 (file)
--- a/core/lostpassword/controller.php
+++ b/core/lostpassword/controller.php
@@ -8,8 +8,11 @@
 
 class OC_Core_LostPassword_Controller {
        protected static function displayLostPasswordPage($error, $requested) {
+               $encrypted = OC_App::isEnabled('files_encryption');
                OC_Template::printGuestPage('core/lostpassword', 'lostpassword',
-                       array('error' => $error, 'requested' => $requested));
+                       array('error' => $error,
+                               'requested' => $requested,
+                               'encrypted' => $encrypted));
        }
        
        protected static function displayResetPasswordPage($success, $args) {
@@ -29,7 +32,14 @@ class OC_Core_LostPassword_Controller {
        }
 
        public static function sendEmail($args) {
-               if (OC_User::userExists($_POST['user'])) {
+
+               if(isset($_POST['noEncryption']) || isset($_POST['continue'])) {
+                       $continue = true;
+               } else {
+                       $continue = false;
+               }
+
+               if (OC_User::userExists($_POST['user']) && $continue) {
                        $token = hash('sha256', OC_Util::generate_random_bytes(30).OC_Config::getValue('passwordsalt', ''));
                        OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword',
                                hash('sha256', $token)); // Hash the token again to prevent timing attacks

diff --git a/core/lostpassword/templates/lostpassword.php b/core/lostpassword/templates/lostpassword.php
index dc9f0bc8ad380b891df236caf3ffc8830ebd6fca..c9c9787e9aa3805dcdf0594ca765e7326a814bdd 100644 (file)
--- a/core/lostpassword/templates/lostpassword.php
+++ b/core/lostpassword/templates/lostpassword.php
@@ -10,6 +10,16 @@
                        <p class="infield">
                                <label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label>
                                <input type="text" name="user" id="user" placeholder="" value="" autocomplete="off" required autofocus />
+                               <label for="user" class="infield"><?php print_unescaped($l->t( 'Username' )); ?></label>
+                               <img class="svg" src="<?php print_unescaped(image_path('', 'actions/user.svg')); ?>" alt=""/>
+                               <?php if ($_['encrypted']): ?>
+                               <br /><br />
+                               <?php print_unescaped($l->t('Your files seems to be encrypted. If you didn\'t have enabled the recovery key there will be no way to get your data back once the password was resetted. If you are not sure what to do, please contact your administrator first before continue. Do you really want to continue?')); ?><br />
+                               <input type="checkbox" name="continue" value="Yes" />
+                                       <?php print_unescaped($l->t('Yes, I really want to reset my password now')); ?><br/><br/>
+                               <?php else: ?>
+                               <input type="checkbox" name="noEncryption" value="Yes" checked />
+                               <?php endif; ?>
                        </p>
                        <input type="submit" id="submit" value="<?php echo $l->t('Request reset'); ?>" />
                <?php endif; ?>