confirmation step required before the password is changed and sent.
Also, many of the email texts have been cleaned up.
TRANSLATORS: check your texts in moodle.php starting with "email.."
A new account has been requested at '\$a->sitename'
using your email address.
-To confirm your new account, please go to the
-following web address:
+To confirm your new account, please go to this web address:
\$a->link
then cut and paste the address into the address
line at the top of your web browser window.
-Cheers from the '\$a->sitename' administrator,
+If you need help, please contact the site administrator,
\$a->admin";
-
+$string['emailconfirmationsubject'] = "\$a: account confirmation";
$string['emaildisplay'] = "Email display";
$string['emaildisplayno'] = "Hide my real email address from everyone";
$string['emaildisplayyes'] = "Allow everyone to see my email address";
$string['emaildisplaycourse'] = "Allow only other course members to see my email address";
$string['emailexists'] = "This email address is already registered.";
$string['emailmustbereal'] = "Note: your email address must be a real one";
+$string['emailpasswordconfirmation'] = "Hi \$a->firstname,
+
+Someone (probably you) has requested a new password for your
+account on '\$a->sitename'.
+
+To confirm this and have a new password sent to you via email,
+go to the following web address:
+
+ \$a->link
+
+In most mail programs, this should appear as a blue link
+which you can just click on. If that doesn't work,
+then cut and paste the address into the address
+line at the top of your web browser window.
+
+If you need help, please contact the site administrator,
+\$a->admin";
+$string['emailpasswordconfirmationsubject'] = "\$a: change password confirmation";
+$string['emailpasswordconfirmsent'] = "An email should have been sent to your address at <b>\$a</b>.
+<p>It contains easy instructions to confirm and complete this password change.
+If you continue to have difficulty, contact the site administrator.";
+$string['emailpasswordsent'] = "Thank you for confirming the change of password.
+<p>An email containing your new password has been sent to your address at <b>\$a->email</b>.
+<p>The new password was automatically generated - you might like to
+<a href=\$a->link>change your password</a> to something easier to remember.";
$string['enrolmentkey'] = "Enrolment key";
$string['enrolmentkeyfrom'] = "This course requires an 'enrolment key' - a one-time<BR>
password that you should have got from \$a";
$string['participants'] = "Participants";
$string['password'] = "Password";
$string['passwordchanged'] = "Password has been changed";
+$string['passwordconfirmchange'] = "Confirm password change";
$string['passwordsdiffer'] = "These passwords do not match";
$string['passwordrecovery'] = "Yes, help me log in";
$string['passwordsent'] = "Password has been sent";
$data->admin = "$from->firstname $from->lastname ($from->email)";
$message = get_string("emailconfirmation", "", $data);
- $subject = "$site->fullname account confirmation";
+ $subject = get_string("emailconfirmationsubject", "", $site->fullname);
return email_to_user($user, $from, $subject, $message);
}
+function send_password_change_confirmation_email($user) {
+
+ global $CFG;
+
+ $site = get_site();
+ $from = get_admin();
+
+ $data->firstname = $user->firstname;
+ $data->sitename = $site->fullname;
+ $data->link = "$CFG->wwwroot/login/forgot_password.php?p=$user->secret&s=$user->username";
+ $data->admin = "$from->firstname $from->lastname ($from->email)";
+
+ $message = get_string("emailpasswordconfirmation", "", $data);
+ $subject = get_string("emailpasswordconfirmationsubject", "", $site->fullname);
+
+ return email_to_user($user, $from, $subject, $message);
+
+}
+
+
/// FILE HANDLING /////////////////////////////////////////////
if (! $site = get_site()) {
$site->shortname = get_string("home");;
}
- echo "<A TARGET=\"{$CFG->framename}\" HREF=\"$CFG->wwwroot/\">$site->shortname</A> -> $navigation";
+ echo "<a target=\"{$CFG->framename}\" href=\"$CFG->wwwroot/\">$site->shortname</a> -> $navigation";
}
}
function print_heading_with_help($text, $helppage, $module="moodle") {
// Centered heading with attached help button (same title text)
- echo "<P ALIGN=\"CENTER\"><FONT SIZE=\"3\"><B>".stripslashes_safe($text);
+ echo "<p align=\"center\"><font size=\"3\"><b>".stripslashes_safe($text);
helpbutton($helppage, $text, $module);
- echo "</B></FONT></P>";
+ echo "</b></font></p>";
}
function print_continue($link) {
$link = $_SERVER["HTTP_REFERER"];
}
- print_heading("<A HREF=\"$link\">".get_string("continue")."</A>");
+ print_heading("<a href=\"$link\">".get_string("continue")."</a>");
}
}
}
- echo "<BR>";
- print_simple_box($message, "center", "", "$THEME->cellheading");
- print_heading("<A HREF=\"$link\">".get_string("continue")."</A>");
+ echo "<br>";
+ print_simple_box($message, "center", "50%", "$THEME->cellheading", "", "noticebox");
+ print_heading("<a href=\"$link\">".get_string("continue")."</a>");
print_footer(get_site());
die;
}
function notice_yesno ($message, $linkyes, $linkno) {
global $THEME;
- print_simple_box_start("center", "", "$THEME->cellheading");
- echo "<P ALIGN=CENTER><FONT SIZE=3>$message</FONT></P>";
- echo "<P ALIGN=CENTER><FONT SIZE=3><B>";
- echo "<A HREF=\"$linkyes\">".get_string("yes")."</A>";
+ print_simple_box_start("center", "60%", "$THEME->cellheading");
+ echo "<p align=center><font size=3>$message</font></p>";
+ echo "<p align=center><font size=3><b>";
+ echo "<a href=\"$linkyes\">".get_string("yes")."</a>";
echo " ";
- echo "<A HREF=\"$linkno\">".get_string("no")."</A>";
- echo "</B></FONT></P>";
+ echo "<a href=\"$linkno\">".get_string("no")."</a>";
+ echo "</b></font></p>";
print_simple_box_end();
}
require_once("../config.php");
- if ($frm = data_submitted()) {
+ optional_variable($p, "");
+ optional_variable($s, "");
- validate_form($frm, $err);
+ if (!empty($p) and !empty($s)) { // User trying to authenticate change password routine
update_login_count();
+ $user = get_user_info_from_db("username", "$s");
+
+ if (!empty($user)) {
+ if ($user->secret == $p) { // They have provided the secret key to get in
+
+ if (isguest($user->id)) {
+ error("Can't change guest password!");
+ }
+
+ if (! reset_password_and_mail($user)) {
+ error("Could not reset password and mail the new one to you");
+ }
+
+ reset_login_count();
+
+ print_header(get_string("passwordsent"), get_string("passwordsent"), get_string("passwordsent"));
+
+ $a->email = $user->email;
+ $a->link = "$CFG->wwwroot/login/change_password.php";
+ notice(get_string("emailpasswordsent", "", $a), $a->link);
+ }
+ }
+ error(get_string("error"));
+ }
+
+ if ($frm = data_submitted()) { // Initial request for new password
+
+ validate_form($frm, $err);
+
if (count((array)$err) == 0) {
if (!$user = get_user_info_from_db("email", $frm->email)) {
error("No such user with this address: $frm->email");
}
-
- if (isguest($user->id)) {
- error("Can't change guest password!");
+
+ $user->secret = random_string(15);
+
+ if (!set_field("user", "secret", $user->secret, "id", $user->id)) {
+ error("Could not set user secret string!");
}
- if (! reset_password_and_mail($user)) {
- error("Could not reset password and mail the new one to you");
+ if (! send_password_change_confirmation_email($user)) {
+ error("Could not send you an email to confirm the password change");
}
- reset_login_count();
- print_header(get_string("passwordsent"), get_string("passwordsent"), get_string("passwordsent"));
- echo "<CENTER>";
- $a->email = $frm->email;
- $a->link = "$CFG->wwwroot/login/change_password.php";
- print_string("passwordsenttext", "", $a);
- echo "</CENTER>";
- print_footer();
- exit;
- }
+ print_header(get_string("passwordconfirmchange"), get_string("passwordconfirmchange"));
+
+ notice(get_string('emailpasswordconfirmsent', '', $user->email), $CFG->wwwroot);
+ }
}
if (empty($frm->email)) {
require_once("../auth/$CFG->auth/lib.php");
if ($user = data_submitted()) {
+
validate_form($user, $err);
$user->username= trim(moodle_strtolower($user->username));
+
if (count((array)$err) == 0) {
$plainpass = $user->password;
$user->password = md5($user->password);
error("Could not add your record to the database!");
}
-
-
if (! send_confirmation_email($user)) {
error("Tried to send you an email but failed!");
}
projects / moodle.git / commitdiff