diff options
| author | Michael Gapczynski <GapczynskiM@gmail.com> | 2011-08-29 14:37:18 -0400 |
|---|---|---|
| committer | Michael Gapczynski <GapczynskiM@gmail.com> | 2011-08-29 14:37:18 -0400 |
| commit | 1c955606a18d885af9c0c936fe46e2bd11ee164f (patch) | |
| tree | edb16adca1dc2f2ba139e14cab396becaab17215 /index.php | |
| parent | efa30850736411414d7297970de72cf144fb5f0b (diff) | |
| download | nextcloud-server-1c955606a18d885af9c0c936fe46e2bd11ee164f.tar.gz nextcloud-server-1c955606a18d885af9c0c936fe46e2bd11ee164f.zip | |
Initial work on resetting forgotten passwords. It works, but still need to email a token to allow reset
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/index.php b/index.php index 4520f40107e..52a00465f22 100644 --- a/index.php +++ b/index.php @@ -60,7 +60,7 @@ elseif(OC_User::isLoggedIn()) { } // Someone wants to log in : -elseif(isset($_POST["user"])) { +elseif(isset($_POST["user"]) && isset($_POST['password'])) { OC_App::loadApps(); if(OC_User::login($_POST["user"], $_POST["password"])) { header("Location: ".$WEBROOT.'/'.OC_Appconfig::getValue("core", "defaultpage", "files/index.php")); @@ -81,6 +81,38 @@ elseif(isset($_POST["user"])) { } } +// Someone lost their password: +elseif(isset($_GET['lostpassword'])) { + OC_App::loadApps(); + if (isset($_POST['user'])) { + if (OC_User::userExists($_POST['user'])) { + $token = sha1($_POST['user']+uniqId()); + OC_Preferences::setValue($_POST['user'], "owncloud", "lostpassword", $token); + // TODO send email with link+token + OC_Template::printGuestPage("", "lostpassword", array("error" => false, "requested" => true)); + } else { + OC_Template::printGuestPage("", "lostpassword", array("error" => true, "requested" => false)); + } + } else { + OC_Template::printGuestPage("", "lostpassword", array("error" => false, "requested" => false)); + } +} + +// Someone wants to reset their password: +elseif(isset($_GET['resetpassword']) && isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], "owncloud", "lostpassword") === $_GET['token']) { + OC_App::loadApps(); + if (isset($_POST['password'])) { + if (OC_User::setPassword($_GET['user'], $_POST['password'])) { + OC_Preferences::deleteKey($_GET['user'], "owncloud", "lostpassword"); + OC_Template::printGuestPage("", "resetpassword", array("success" => true)); + } else { + OC_Template::printGuestPage("", "resetpassword", array("success" => false)); + } + } else { + OC_Template::printGuestPage("", "resetpassword", array("success" => false)); + } +} + // For all others cases, we display the guest page : else { OC_App::loadApps(); |