maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

password-reset fix

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2014-12-19 14:11:17 +01:00
parent 19f5f2a7a4
commit bfa9478649
3 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
index.php
View File

@@ -370,6 +370,10 @@ if ($action == 'forgotpwd') {
// this can be a fixed value to avoid potential exploiting by modifying headers // this can be a fixed value to avoid potential exploiting by modifying headers
$host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST']; $host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST'];
$port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : ''; $port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : '';
// don't add :443 when https is used, as it is default (and just looks weird!)
if ($protocol == 'https' && $_SERVER['SERVER_PORT'] == '443') {
$port = '';
}
// there can be only one script to handle this so we can use a fixed value here // there can be only one script to handle this so we can use a fixed value here
$script = "/index.php"; // $_SERVER['SCRIPT_NAME']; $script = "/index.php"; // $_SERVER['SCRIPT_NAME'];
if (Settings::Get('system.froxlordirectlyviahostname') == 0) { if (Settings::Get('system.froxlordirectlyviahostname') == 0) {
@@ -379,7 +383,7 @@ if ($action == 'forgotpwd') {
$replace_arr = array( $replace_arr = array(
'SALUTATION' => getCorrectUserSalutation($user), 'SALUTATION' => getCorrectUserSalutation($user),
'USERNAME' => $user['loginname'], 'USERNAME' => $loginname,
'LINK' => $activationlink 'LINK' => $activationlink
); );
@@ -409,7 +413,7 @@ if ($action == 'forgotpwd') {
$mail->Subject = $mail_subject; $mail->Subject = $mail_subject;
$mail->AltBody = $mail_body; $mail->AltBody = $mail_body;
$mail->MsgHTML(str_replace("\n", "<br />", $mail_body)); $mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
$mail->AddAddress($user['email'], $user['firstname'] . ' ' . $user['name']); $mail->AddAddress($user['email'], getCorrectUserSalutation($user));
$mail->Send(); $mail->Send();
} catch(phpmailerException $e) { } catch(phpmailerException $e) {
$mailerr_msg = $e->errorMessage(); $mailerr_msg = $e->errorMessage();

2
lng/english.lng.php
View File

@@ -853,7 +853,7 @@ $lng['login']['email'] = 'E-mail address';
$lng['login']['remind'] = 'Reset my password'; $lng['login']['remind'] = 'Reset my password';
$lng['login']['usernotfound'] = 'User not found!'; $lng['login']['usernotfound'] = 'User not found!';
$lng['mails']['password_reset']['subject'] = 'Password reset'; $lng['mails']['password_reset']['subject'] = 'Password reset';
$lng['mails']['password_reset']['mailbody'] = 'Hello {USERNAME},\n\nhere is your link for setting a new password. This link is valid for the next 24 hours.\n\n{LINK}\n\nThank you,\nyour administrator'; $lng['mails']['password_reset']['mailbody'] = 'Hello {SALUTATION},\n\nhere is your link for setting a new password. This link is valid for the next 24 hours.\n\n{LINK}\n\nThank you,\nyour administrator';
$lng['pwdreminder']['success'] = 'Password reset successfully requested. Please follow the instructions in the email you received.'; $lng['pwdreminder']['success'] = 'Password reset successfully requested. Please follow the instructions in the email you received.';
// ADDED IN 1.2.19-svn18 // ADDED IN 1.2.19-svn18

2
lng/german.lng.php
View File

@@ -851,7 +851,7 @@ $lng['login']['email'] = 'E-Mail-Adresse';
$lng['login']['remind'] = 'Passwort zurücksetzen'; $lng['login']['remind'] = 'Passwort zurücksetzen';
$lng['login']['usernotfound'] = 'Fehler: Unbekannter Benutzer!'; $lng['login']['usernotfound'] = 'Fehler: Unbekannter Benutzer!';
$lng['mails']['password_reset']['subject'] = 'Passwort zurückgesetzt'; $lng['mails']['password_reset']['subject'] = 'Passwort zurückgesetzt';
$lng['mails']['password_reset']['mailbody'] = 'Hallo {USERNAME},\n\nHiermit erhalten Sie den Link um ein neues Passwort zu setzen. Dieser Link ist für die nächsten 24 Stunden gültig.\n\n{LINK}\n\nVielen Dank,\nIhr Administrator'; $lng['mails']['password_reset']['mailbody'] = 'Hallo {SALUTATION},\n\nhiermit erhalten Sie den Link um ein neues Passwort zu setzen. Dieser Link ist für die nächsten 24 Stunden gültig.\n\n{LINK}\n\nVielen Dank,\nIhr Administrator';
$lng['pwdreminder']['success'] = 'Das Zurücksetzen des Passworts wurde erfolgreich angefordert. Sie sollten nun eine E-Mail mit weiteren Anweisungen erhalten.'; $lng['pwdreminder']['success'] = 'Das Zurücksetzen des Passworts wurde erfolgreich angefordert. Sie sollten nun eine E-Mail mit weiteren Anweisungen erhalten.';
// ADDED IN 1.2.19-svn18 // ADDED IN 1.2.19-svn18