181 lines
3.9 KiB
PHP
181 lines
3.9 KiB
PHP
|
<?php
|
||
|
function wmde_randomStr(
|
||
|
$length,
|
||
|
$keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
|
||
|
{
|
||
|
$pieces = [];
|
||
|
$max = mb_strlen($keyspace, '8bit') - 1;
|
||
|
for ($i = 0; $i < $length; ++$i) {
|
||
|
$pieces []= $keyspace[random_int(0, $max)];
|
||
|
}
|
||
|
return implode('', $pieces);
|
||
|
}
|
||
|
|
||
|
|
||
|
function wmde_createPasswordResetSecret($community_id)
|
||
|
{
|
||
|
$rstr = wmde_randomStr(32);
|
||
|
$sql = "INSERT INTO community_reset (community_reset_id, secret, valid_until) VALUES('$community_id','$rstr',NOW() + INTERVAL 1 DAY)";
|
||
|
$rc = nuRunQuery($sql,[], true);
|
||
|
if ($rc<0 )
|
||
|
return false;
|
||
|
return $rstr;
|
||
|
}
|
||
|
|
||
|
function wmde_deleteOldSecrets()
|
||
|
{
|
||
|
$sql = "DELETE from community_reset WHERE valid_until < NOW() ";
|
||
|
nuRunQuery($sql);
|
||
|
}
|
||
|
|
||
|
|
||
|
function wmde_deleteSecret($secret)
|
||
|
{
|
||
|
$sql = "DELETE from community_reset WHERE secret = :secret ";
|
||
|
nuRunQuery($sql,['secret'=>$secret]);
|
||
|
}
|
||
|
|
||
|
|
||
|
function wmde_getCommunityId( $email, $private = false )
|
||
|
{
|
||
|
if (!$private){
|
||
|
$sql = "SELECT community.community_id FROM community LEFT JOIN community_mail ON
|
||
|
community_mail.cmailkey = community.community_id WHERE
|
||
|
community_mail.cmail = :cmail OR community.email = :email";
|
||
|
$sqlargs = [':cmail'=>$email,':email'=>$email];
|
||
|
}
|
||
|
else {
|
||
|
$sql = "SELECT community.community_id FROM community
|
||
|
WHERE community.email = :email";
|
||
|
$sqlargs = [':email'=>$email];
|
||
|
}
|
||
|
|
||
|
// echo "Cpommunity Query = $sql - $email\n";
|
||
|
|
||
|
$t = nuRunQuery($sql, $sqlargs);
|
||
|
// var_dump($t);
|
||
|
|
||
|
$a = db_fetch_array($t);
|
||
|
if ($a) {
|
||
|
return $a['community_id'];
|
||
|
}
|
||
|
return null;
|
||
|
}
|
||
|
|
||
|
function showReset()
|
||
|
{
|
||
|
global $nuDB;
|
||
|
$title = "WP:@ Passwort anfordern";
|
||
|
include "email.tpl";
|
||
|
/*<HTML>
|
||
|
<body>
|
||
|
|
||
|
<form method="POST">
|
||
|
<label for="email" name="Email" value="E-Mail">E-Mail:</label>
|
||
|
<input type = "email" name="email"/>
|
||
|
<input type = "submit" value="Senden"/>
|
||
|
</form>
|
||
|
</body>
|
||
|
</HTML>*/
|
||
|
}
|
||
|
|
||
|
function getpw()
|
||
|
{
|
||
|
global $nuDB;
|
||
|
$sql = "SELECT * FROM community WHERE email = :email";
|
||
|
$t = nuRunQuery($sql,[':email' => 'tube@surfpoeten.de']);
|
||
|
var_dump($t);
|
||
|
$a = db_fetch_array($t);
|
||
|
var_dump($a);
|
||
|
|
||
|
}
|
||
|
|
||
|
function wmde_getWikiMails($community_id)
|
||
|
{
|
||
|
$sql = "SELECT cmail FROM community LEFT JOIN community_mail ON
|
||
|
community_mail.cmailkey = community.community_id WHERE
|
||
|
community.community_id = :community_id";
|
||
|
$t = nuRunQuery($sql,[':community_id' => $community_id]);
|
||
|
$mails = array();
|
||
|
while ( $a = db_fetch_array($t) )
|
||
|
{
|
||
|
array_push($mails,$a['cmail']);
|
||
|
}
|
||
|
return $mails;
|
||
|
}
|
||
|
|
||
|
function wmde_setPass($community_id,$password)
|
||
|
{
|
||
|
$pass = password_hash($password,PASSWORD_BCRYPT );
|
||
|
$sql = "UPDATE community SET pass='$pass' WHERE community_id = :id";
|
||
|
// echo "SQL: $sql\n";
|
||
|
$t = nuRunQuery($sql,[':id' => $community_id],true);
|
||
|
// var_dump($t);
|
||
|
return $t;
|
||
|
}
|
||
|
|
||
|
function wmde_getCommunityIdBySecret($secret)
|
||
|
{
|
||
|
$sql = "SELECT community_reset_id FROM community_reset WHERE secret = :secret";
|
||
|
// AND valid_until > NOW() ";
|
||
|
|
||
|
$t = nuRunQuery($sql, ['secret' => $secret]);
|
||
|
// echo "the t $secret\n";
|
||
|
// var_dump($t);
|
||
|
|
||
|
$a = db_fetch_array($t);
|
||
|
// echo "the a\n";
|
||
|
// var_dump($a);
|
||
|
|
||
|
if ($a) {
|
||
|
return $a['community_reset_id'];
|
||
|
}
|
||
|
return null;
|
||
|
}
|
||
|
|
||
|
|
||
|
function wmde_setPassByMail($email,$pass)
|
||
|
{
|
||
|
$id = wmde_getCommunityId($email);
|
||
|
if (!$id)
|
||
|
return false;
|
||
|
return wmde_setPass($id,$pass);
|
||
|
}
|
||
|
|
||
|
|
||
|
function wmde_sendPasswordResetMail($email)
|
||
|
{
|
||
|
$community_id = wmde_getCommunityId($email,false);
|
||
|
// var_dump($community_id);
|
||
|
// var_dump($email);
|
||
|
if (!$community_id)
|
||
|
return false;
|
||
|
|
||
|
$secret = wmde_createPasswordResetSecret($community_id);
|
||
|
if (!$secret ) {
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
include "mailtext.tpl";
|
||
|
|
||
|
$sender='noc@wikipedia.de';
|
||
|
$sendmail = "/usr/sbin/sendmail";
|
||
|
$text = "To: $email\n";
|
||
|
$text.= "From: Wikimedia Team IT <noc@wikipedia.de>\n";
|
||
|
$text.= "MIME-Version: 1.0\n";
|
||
|
$text.= "Content-Transfer-Encoding: 8bit\n";
|
||
|
$text.= "Content-Type: text/plain; charset=utf-8\n";
|
||
|
$text.= "Subject: $mail_subject\n\n";
|
||
|
$text.= $mail_text;
|
||
|
|
||
|
|
||
|
$cmd = "echo '$text' | $sendmail -f noc@wikipedia.de $email";
|
||
|
exec ($cmd);
|
||
|
return $secret;
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
|
||
|
|