From bfa9478649becc114cbee45ba0f505cc6ceedadd Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Fri, 19 Dec 2014 14:11:17 +0100 Subject: [PATCH] password-reset fix Signed-off-by: Michael Kaufmann (d00p) --- index.php | 8 ++++++-- lng/english.lng.php | 2 +- lng/german.lng.php | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/index.php b/index.php index 0ecc4727..791690c3 100644 --- a/index.php +++ b/index.php @@ -370,6 +370,10 @@ if ($action == 'forgotpwd') { // this can be a fixed value to avoid potential exploiting by modifying headers $host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST']; $port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : ''; + // don't add :443 when https is used, as it is default (and just looks weird!) + if ($protocol == 'https' && $_SERVER['SERVER_PORT'] == '443') { + $port = ''; + } // there can be only one script to handle this so we can use a fixed value here $script = "/index.php"; // $_SERVER['SCRIPT_NAME']; if (Settings::Get('system.froxlordirectlyviahostname') == 0) { @@ -379,7 +383,7 @@ if ($action == 'forgotpwd') { $replace_arr = array( 'SALUTATION' => getCorrectUserSalutation($user), - 'USERNAME' => $user['loginname'], + 'USERNAME' => $loginname, 'LINK' => $activationlink ); @@ -409,7 +413,7 @@ if ($action == 'forgotpwd') { $mail->Subject = $mail_subject; $mail->AltBody = $mail_body; $mail->MsgHTML(str_replace("\n", "
", $mail_body)); - $mail->AddAddress($user['email'], $user['firstname'] . ' ' . $user['name']); + $mail->AddAddress($user['email'], getCorrectUserSalutation($user)); $mail->Send(); } catch(phpmailerException $e) { $mailerr_msg = $e->errorMessage(); diff --git a/lng/english.lng.php b/lng/english.lng.php index a590ae94..e93e4a08 100644 --- a/lng/english.lng.php +++ b/lng/english.lng.php @@ -853,7 +853,7 @@ $lng['login']['email'] = 'E-mail address'; $lng['login']['remind'] = 'Reset my password'; $lng['login']['usernotfound'] = 'User not found!'; $lng['mails']['password_reset']['subject'] = 'Password reset'; -$lng['mails']['password_reset']['mailbody'] = 'Hello {USERNAME},\n\nhere is your link for setting a new password. This link is valid for the next 24 hours.\n\n{LINK}\n\nThank you,\nyour administrator'; +$lng['mails']['password_reset']['mailbody'] = 'Hello {SALUTATION},\n\nhere is your link for setting a new password. This link is valid for the next 24 hours.\n\n{LINK}\n\nThank you,\nyour administrator'; $lng['pwdreminder']['success'] = 'Password reset successfully requested. Please follow the instructions in the email you received.'; // ADDED IN 1.2.19-svn18 diff --git a/lng/german.lng.php b/lng/german.lng.php index 198eb5dd..0df0e3ff 100644 --- a/lng/german.lng.php +++ b/lng/german.lng.php @@ -851,7 +851,7 @@ $lng['login']['email'] = 'E-Mail-Adresse'; $lng['login']['remind'] = 'Passwort zurücksetzen'; $lng['login']['usernotfound'] = 'Fehler: Unbekannter Benutzer!'; $lng['mails']['password_reset']['subject'] = 'Passwort zurückgesetzt'; -$lng['mails']['password_reset']['mailbody'] = 'Hallo {USERNAME},\n\nHiermit erhalten Sie den Link um ein neues Passwort zu setzen. Dieser Link ist für die nächsten 24 Stunden gültig.\n\n{LINK}\n\nVielen Dank,\nIhr Administrator'; +$lng['mails']['password_reset']['mailbody'] = 'Hallo {SALUTATION},\n\nhiermit erhalten Sie den Link um ein neues Passwort zu setzen. Dieser Link ist für die nächsten 24 Stunden gültig.\n\n{LINK}\n\nVielen Dank,\nIhr Administrator'; $lng['pwdreminder']['success'] = 'Das Zurücksetzen des Passworts wurde erfolgreich angefordert. Sie sollten nun eine E-Mail mit weiteren Anweisungen erhalten.'; // ADDED IN 1.2.19-svn18