12 changed files with 347 additions and 1 deletions
-
4README.md
-
14email.tpl
-
3footer.tpl
-
9header.tpl
-
43index.php
-
22mailtext.tpl
-
14password_sent.tpl
-
180tfunc.php
-
BINwmde_logo_vert_schwarz.png
-
14wmdepasswd.css
-
7wrongreset.tpl
-
38yourpassword.tpl
@ -1,3 +1,5 @@ |
|||
# wmdeit_wmdepasswd |
|||
|
|||
Password generation/reset tool for WP:@ mail addresses |
|||
Password generation/reset tool for WP:@ mail addresses |
|||
|
|||
This works only in conjunction with nubuilder |
@ -0,0 +1,14 @@ |
|||
<?php |
|||
include_once("header.tpl"); |
|||
?> |
|||
<p>Bitte gib deine E-Mail-Adresse ein!</p> |
|||
<p>Wir werden dir eine E-Mail senden, mit der du Zugangsdaten für |
|||
deine WP:@-Adresse anfordern kannst.</p> |
|||
<form class="emailform" method="POST"> |
|||
<label for="email" name="Email" value="E-Mail">E-Mail:</label> |
|||
<input type = "email" name="email"/> |
|||
<input type = "submit" value="Senden"/> |
|||
</form> |
|||
<?php |
|||
include_once("footer.tpl"); |
|||
?> |
@ -0,0 +1,3 @@ |
|||
<p class="imprint">© 2019ff Wikimedia Deutschland e.V. – <a href="https://www.wikimedia.de/impressum/">Impressum</a> – <a href="https://www.wikimedia.de/datenschutz/">Datenschutz</a></p> |
|||
</body> |
|||
</HTML> |
@ -0,0 +1,9 @@ |
|||
<!DOCTYPE html> |
|||
<HTML> |
|||
<head> |
|||
<link rel="stylesheet" href="/wmdepasswd/wmdepasswd.css"> |
|||
<title><?php echo $title ?></title> |
|||
<meta charset="utf-8"/> |
|||
</head> |
|||
<body class="main"> |
|||
<img src="wmde_logo_vert_schwarz.png" height="150" /> |
@ -0,0 +1,43 @@ |
|||
<?php |
|||
|
|||
require_once "../html/nuserver/nuconfig.php"; |
|||
include "../html/nuserver/nudatabase.php"; |
|||
|
|||
|
|||
require_once "tfunc.php"; |
|||
|
|||
if (isset( $_GET['reset'] )){ |
|||
$community_id = wmde_getCommunityIdBySecret($_GET['reset']); |
|||
if (!$community_id){ |
|||
$title = "Fehler"; |
|||
include "wrongreset.tpl"; |
|||
die; |
|||
} |
|||
wmde_DeleteSecret($_GET['reset']); |
|||
$password = wmde_randomStr(16); |
|||
wmde_setPass($community_id,$password); |
|||
$wikimails = wmde_getWikiMails($community_id); |
|||
|
|||
$title = "WP:@ Zugangsdaten"; |
|||
include "yourpassword.tpl"; |
|||
die; |
|||
} |
|||
|
|||
|
|||
if (isset( $_POST['email']) ){ |
|||
$s = wmde_sendPasswordResetMail($_POST['email']); |
|||
if (!$s){ |
|||
# echo "Password already sent.";
|
|||
} |
|||
$title = "WP:@ Passwort gesendet"; |
|||
include "password_sent.tpl"; |
|||
# echo "Sending password reset mail to: ".htmlspecialchars($_POST['email']);
|
|||
die; |
|||
} |
|||
|
|||
wmde_deleteOldSecrets(); |
|||
|
|||
showReset(); |
|||
|
|||
|
|||
|
@ -0,0 +1,22 @@ |
|||
<?php |
|||
$mail_subject = "Deine WP:@-Zugangsdaten"; |
|||
$mail_text = "Liebes Communitymitglied! |
|||
|
|||
Mit dieser Mail bekommst du einen Link, um dein Passwort |
|||
fuer deine WP:@-Mailadresse zu setzen. |
|||
|
|||
https://email.wikimedia.de/wmdepasswd/index.php?reset=$secret |
|||
|
|||
Dieses Passwort musst du dort eingeben, wo das E-Mail-Programm |
|||
deiner Wahl nach dem SMTP-Server oder Postausgangsserver fragt. |
|||
Ebenfalls dort musst du dann auch den Servernamen |
|||
email.wikimedia.de unter Angabe des Ports 587 angeben. Wähle |
|||
bitte für die Verschlüsselung StartTLS aus. |
|||
|
|||
Solltes du diese Mail nicht angefordert haben, ignoriere sie bitte. |
|||
|
|||
Grüße |
|||
Das IT-Team von Wikimedia Deutschland e. V. |
|||
|
|||
"; |
|||
|
@ -0,0 +1,14 @@ |
|||
<?php |
|||
include_once("header.tpl"); |
|||
?> |
|||
<p> |
|||
Wir haben dir nun eine E-Mail mit einem Link zum |
|||
zurücksetzen deines Passworts gesendet, sofern |
|||
<ul> |
|||
<li>deine E-Mail-Adresse bei uns hinterlegt ist</li> |
|||
<li>wir nicht innerhalb der letzten 24 Stunden bereits eine |
|||
E-Mail an dich gesendet haben.</li> |
|||
</ul> |
|||
<?php |
|||
include_once("footer.tpl"); |
|||
?> |
@ -0,0 +1,180 @@ |
|||
<?php |
|||
function wmde_randomStr( |
|||
$length, |
|||
$keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') |
|||
{ |
|||
$pieces = []; |
|||
$max = mb_strlen($keyspace, '8bit') - 1; |
|||
for ($i = 0; $i < $length; ++$i) { |
|||
$pieces []= $keyspace[random_int(0, $max)]; |
|||
} |
|||
return implode('', $pieces); |
|||
} |
|||
|
|||
|
|||
function wmde_createPasswordResetSecret($community_id) |
|||
{ |
|||
$rstr = wmde_randomStr(32); |
|||
$sql = "INSERT INTO community_reset (community_reset_id, secret, valid_until) VALUES('$community_id','$rstr',NOW() + INTERVAL 1 DAY)"; |
|||
$rc = nuRunQuery($sql,[], true); |
|||
if ($rc<0 ) |
|||
return false; |
|||
return $rstr; |
|||
} |
|||
|
|||
function wmde_deleteOldSecrets() |
|||
{ |
|||
$sql = "DELETE from community_reset WHERE valid_until < NOW() "; |
|||
nuRunQuery($sql); |
|||
} |
|||
|
|||
|
|||
function wmde_deleteSecret($secret) |
|||
{ |
|||
$sql = "DELETE from community_reset WHERE secret = :secret "; |
|||
nuRunQuery($sql,['secret'=>$secret]); |
|||
} |
|||
|
|||
|
|||
function wmde_getCommunityId( $email, $private = false ) |
|||
{ |
|||
if (!$private){ |
|||
$sql = "SELECT community.community_id FROM community LEFT JOIN community_mail ON
|
|||
community_mail.cmailkey = community.community_id WHERE |
|||
community_mail.cmail = :cmail OR community.email = :email";
|
|||
$sqlargs = [':cmail'=>$email,':email'=>$email]; |
|||
} |
|||
else { |
|||
$sql = "SELECT community.community_id FROM community
|
|||
WHERE community.email = :email";
|
|||
$sqlargs = [':email'=>$email]; |
|||
} |
|||
|
|||
// echo "Cpommunity Query = $sql - $email\n";
|
|||
|
|||
$t = nuRunQuery($sql, $sqlargs); |
|||
// var_dump($t);
|
|||
|
|||
$a = db_fetch_array($t); |
|||
if ($a) { |
|||
return $a['community_id']; |
|||
} |
|||
return null; |
|||
} |
|||
|
|||
function showReset() |
|||
{ |
|||
global $nuDB; |
|||
$title = "WP:@ Passwort anfordern"; |
|||
include "email.tpl"; |
|||
/*<HTML> |
|||
<body> |
|||
|
|||
<form method="POST"> |
|||
<label for="email" name="Email" value="E-Mail">E-Mail:</label> |
|||
<input type = "email" name="email"/> |
|||
<input type = "submit" value="Senden"/> |
|||
</form> |
|||
</body> |
|||
</HTML>*/ |
|||
} |
|||
|
|||
function getpw() |
|||
{ |
|||
global $nuDB; |
|||
$sql = "SELECT * FROM community WHERE email = :email"; |
|||
$t = nuRunQuery($sql,[':email' => 'tube@surfpoeten.de']); |
|||
var_dump($t); |
|||
$a = db_fetch_array($t); |
|||
var_dump($a); |
|||
|
|||
} |
|||
|
|||
function wmde_getWikiMails($community_id) |
|||
{ |
|||
$sql = "SELECT cmail FROM community LEFT JOIN community_mail ON
|
|||
community_mail.cmailkey = community.community_id WHERE |
|||
community.community_id = :community_id";
|
|||
$t = nuRunQuery($sql,[':community_id' => $community_id]); |
|||
$mails = array(); |
|||
while ( $a = db_fetch_array($t) ) |
|||
{ |
|||
array_push($mails,$a['cmail']); |
|||
} |
|||
return $mails; |
|||
} |
|||
|
|||
function wmde_setPass($community_id,$password) |
|||
{ |
|||
$pass = password_hash($password,PASSWORD_BCRYPT ); |
|||
$sql = "UPDATE community SET pass='$pass' WHERE community_id = :id"; |
|||
// echo "SQL: $sql\n";
|
|||
$t = nuRunQuery($sql,[':id' => $community_id],true); |
|||
// var_dump($t);
|
|||
return $t; |
|||
} |
|||
|
|||
function wmde_getCommunityIdBySecret($secret) |
|||
{ |
|||
$sql = "SELECT community_reset_id FROM community_reset WHERE secret = :secret"; |
|||
// AND valid_until > NOW() ";
|
|||
|
|||
$t = nuRunQuery($sql, ['secret' => $secret]); |
|||
// echo "the t $secret\n";
|
|||
// var_dump($t);
|
|||
|
|||
$a = db_fetch_array($t); |
|||
// echo "the a\n";
|
|||
// var_dump($a);
|
|||
|
|||
if ($a) { |
|||
return $a['community_reset_id']; |
|||
} |
|||
return null; |
|||
} |
|||
|
|||
|
|||
function wmde_setPassByMail($email,$pass) |
|||
{ |
|||
$id = wmde_getCommunityId($email); |
|||
if (!$id) |
|||
return false; |
|||
return wmde_setPass($id,$pass); |
|||
} |
|||
|
|||
|
|||
function wmde_sendPasswordResetMail($email) |
|||
{ |
|||
$community_id = wmde_getCommunityId($email,false); |
|||
// var_dump($community_id);
|
|||
// var_dump($email);
|
|||
if (!$community_id) |
|||
return false; |
|||
|
|||
$secret = wmde_createPasswordResetSecret($community_id); |
|||
if (!$secret ) { |
|||
return false; |
|||
} |
|||
|
|||
include "mailtext.tpl"; |
|||
|
|||
$sender='noc@wikipedia.de'; |
|||
$sendmail = "/usr/sbin/sendmail"; |
|||
$text = "To: $email\n"; |
|||
$text.= "From: Wikimedia Team IT <noc@wikipedia.de>\n"; |
|||
$text.= "MIME-Version: 1.0\n"; |
|||
$text.= "Content-Transfer-Encoding: 8bit\n"; |
|||
$text.= "Content-Type: text/plain; charset=utf-8\n"; |
|||
$text.= "Subject: $mail_subject\n\n"; |
|||
$text.= $mail_text; |
|||
|
|||
|
|||
$cmd = "echo '$text' | $sendmail -f noc@wikipedia.de $email"; |
|||
exec ($cmd); |
|||
return $secret; |
|||
|
|||
} |
|||
|
|||
|
|||
|
|||
|
After Width: 1119 | Height: 910 | Size: 33 KiB |
@ -0,0 +1,14 @@ |
|||
|
|||
* { |
|||
font-family: Montserrat, sans-serif; |
|||
font-size: 100%; /*1vw;*/ |
|||
} |
|||
|
|||
body {padding:1em; max-width: 60ex; text-align: justify;} |
|||
|
|||
img, body { display: block; margin-left: auto; margin-right: auto; } |
|||
dt { font-weight: bold; } |
|||
|
|||
.notice { color: green; } |
|||
|
|||
.imprint { color: grey; } |
@ -0,0 +1,7 @@ |
|||
<?php include("header.tpl"); ?> |
|||
<p>Der vom dir aufgerufene Link zum Setzen des WP:@-Passworts |
|||
ist nicht oder nicht mehr gültig.</p> |
|||
<p> |
|||
Um einen gültigen Link zu erhalten, musst du erneut <a href=" https://email.wikimedia.de/wmdepasswd">Zugangsdaten anfordern</a>. |
|||
</p> |
|||
<?php include("footer.tpl"); ?> |
@ -0,0 +1,38 @@ |
|||
<?php |
|||
include_once("header.tpl"); |
|||
?> |
|||
<p>Hier sind deine Zugangsdaten, um Mails mit deiner WP:@-Adresse |
|||
zu versenden. Bitte notiere dir diese Daten an einem sicheren Ort (z.B. |
|||
in deiner durch KeePassXC gesicherten Passwortdatenbank).</p> |
|||
|
|||
<p class="notice">Ein erneuter Aufruf dieser Seite ist nicht möglich, es sei denn, du |
|||
forderst ein neues Passwort an.</p> |
|||
<dl> |
|||
<dt>Absenderadresse(n):</dt> |
|||
<dd> |
|||
<?php |
|||
foreach ($wikimails as $wm){ |
|||
echo "$k$wm<br>"; |
|||
} |
|||
|
|||
?> |
|||
</dd> |
|||
<dt>Postausgangsserver:</dt><dd>email.wikimedia.de</dd> |
|||
<dt>Port:</dt><dd>587</dd> |
|||
<dt>Verschlüsselung:</dt><dd>StartTLS</dd> |
|||
<dt>WP:@-Benutzername:</dt> |
|||
<dd> |
|||
<?php |
|||
echo "$community_id"; |
|||
?> |
|||
</dd> |
|||
<dt>WP:@-Passwort:</dt><dd><?php echo $password ?></dd> |
|||
</dl> |
|||
<p> |
|||
Hilfe bei der Einrichtung in verschiedenen E-Mail-Anwendungen kannst du auf der Seite |
|||
<a href="https://de.wikipedia.org/wiki/Wikipedia:F%C3%B6rderung/Wikimedia_Deutschland/Anleitung_E-Mail-Konfiguration">WP:@/Anleitung_E-Mail-Konfiguration</a> |
|||
finden. |
|||
</p> |
|||
<?php |
|||
include_once("footer.tpl"); |
|||
?> |
Write
Preview
Loading…
Cancel
Save
Reference in new issue