Initial commit
This commit is contained in:
parent
99fcef3abf
commit
c8dcd0338b
|
@ -1,3 +1,5 @@
|
||||||
# wmdeit_wmdepasswd
|
# wmdeit_wmdepasswd
|
||||||
|
|
||||||
Password generation/reset tool for WP:@ mail addresses
|
Password generation/reset tool for WP:@ mail addresses
|
||||||
|
|
||||||
|
This works only in conjunction with nubuilder
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
<?php
|
||||||
|
include_once("header.tpl");
|
||||||
|
?>
|
||||||
|
<p>Bitte gib deine E-Mail-Adresse ein!</p>
|
||||||
|
<p>Wir werden dir eine E-Mail senden, mit der du Zugangsdaten für
|
||||||
|
deine WP:@-Adresse anfordern kannst.</p>
|
||||||
|
<form class="emailform" method="POST">
|
||||||
|
<label for="email" name="Email" value="E-Mail">E-Mail:</label>
|
||||||
|
<input type = "email" name="email"/>
|
||||||
|
<input type = "submit" value="Senden"/>
|
||||||
|
</form>
|
||||||
|
<?php
|
||||||
|
include_once("footer.tpl");
|
||||||
|
?>
|
|
@ -0,0 +1,3 @@
|
||||||
|
<p class="imprint">© 2019ff Wikimedia Deutschland e.V. – <a href="https://www.wikimedia.de/impressum/">Impressum</a> – <a href="https://www.wikimedia.de/datenschutz/">Datenschutz</a></p>
|
||||||
|
</body>
|
||||||
|
</HTML>
|
|
@ -0,0 +1,9 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<HTML>
|
||||||
|
<head>
|
||||||
|
<link rel="stylesheet" href="/wmdepasswd/wmdepasswd.css">
|
||||||
|
<title><?php echo $title ?></title>
|
||||||
|
<meta charset="utf-8"/>
|
||||||
|
</head>
|
||||||
|
<body class="main">
|
||||||
|
<img src="wmde_logo_vert_schwarz.png" height="150" />
|
|
@ -0,0 +1,43 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
require_once "../html/nuserver/nuconfig.php";
|
||||||
|
include "../html/nuserver/nudatabase.php";
|
||||||
|
|
||||||
|
|
||||||
|
require_once "tfunc.php";
|
||||||
|
|
||||||
|
if (isset( $_GET['reset'] )){
|
||||||
|
$community_id = wmde_getCommunityIdBySecret($_GET['reset']);
|
||||||
|
if (!$community_id){
|
||||||
|
$title = "Fehler";
|
||||||
|
include "wrongreset.tpl";
|
||||||
|
die;
|
||||||
|
}
|
||||||
|
wmde_DeleteSecret($_GET['reset']);
|
||||||
|
$password = wmde_randomStr(16);
|
||||||
|
wmde_setPass($community_id,$password);
|
||||||
|
$wikimails = wmde_getWikiMails($community_id);
|
||||||
|
|
||||||
|
$title = "WP:@ Zugangsdaten";
|
||||||
|
include "yourpassword.tpl";
|
||||||
|
die;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (isset( $_POST['email']) ){
|
||||||
|
$s = wmde_sendPasswordResetMail($_POST['email']);
|
||||||
|
if (!$s){
|
||||||
|
# echo "Password already sent.";
|
||||||
|
}
|
||||||
|
$title = "WP:@ Passwort gesendet";
|
||||||
|
include "password_sent.tpl";
|
||||||
|
# echo "Sending password reset mail to: ".htmlspecialchars($_POST['email']);
|
||||||
|
die;
|
||||||
|
}
|
||||||
|
|
||||||
|
wmde_deleteOldSecrets();
|
||||||
|
|
||||||
|
showReset();
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
<?php
|
||||||
|
$mail_subject = "Deine WP:@-Zugangsdaten";
|
||||||
|
$mail_text = "Liebes Communitymitglied!
|
||||||
|
|
||||||
|
Mit dieser Mail bekommst du einen Link, um dein Passwort
|
||||||
|
fuer deine WP:@-Mailadresse zu setzen.
|
||||||
|
|
||||||
|
https://email.wikimedia.de/wmdepasswd/index.php?reset=$secret
|
||||||
|
|
||||||
|
Dieses Passwort musst du dort eingeben, wo das E-Mail-Programm
|
||||||
|
deiner Wahl nach dem SMTP-Server oder Postausgangsserver fragt.
|
||||||
|
Ebenfalls dort musst du dann auch den Servernamen
|
||||||
|
email.wikimedia.de unter Angabe des Ports 587 angeben. Wähle
|
||||||
|
bitte für die Verschlüsselung StartTLS aus.
|
||||||
|
|
||||||
|
Solltes du diese Mail nicht angefordert haben, ignoriere sie bitte.
|
||||||
|
|
||||||
|
Grüße
|
||||||
|
Das IT-Team von Wikimedia Deutschland e. V.
|
||||||
|
|
||||||
|
";
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
<?php
|
||||||
|
include_once("header.tpl");
|
||||||
|
?>
|
||||||
|
<p>
|
||||||
|
Wir haben dir nun eine E-Mail mit einem Link zum
|
||||||
|
zurücksetzen deines Passworts gesendet, sofern
|
||||||
|
<ul>
|
||||||
|
<li>deine E-Mail-Adresse bei uns hinterlegt ist</li>
|
||||||
|
<li>wir nicht innerhalb der letzten 24 Stunden bereits eine
|
||||||
|
E-Mail an dich gesendet haben.</li>
|
||||||
|
</ul>
|
||||||
|
<?php
|
||||||
|
include_once("footer.tpl");
|
||||||
|
?>
|
|
@ -0,0 +1,180 @@
|
||||||
|
<?php
|
||||||
|
function wmde_randomStr(
|
||||||
|
$length,
|
||||||
|
$keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
|
||||||
|
{
|
||||||
|
$pieces = [];
|
||||||
|
$max = mb_strlen($keyspace, '8bit') - 1;
|
||||||
|
for ($i = 0; $i < $length; ++$i) {
|
||||||
|
$pieces []= $keyspace[random_int(0, $max)];
|
||||||
|
}
|
||||||
|
return implode('', $pieces);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function wmde_createPasswordResetSecret($community_id)
|
||||||
|
{
|
||||||
|
$rstr = wmde_randomStr(32);
|
||||||
|
$sql = "INSERT INTO community_reset (community_reset_id, secret, valid_until) VALUES('$community_id','$rstr',NOW() + INTERVAL 1 DAY)";
|
||||||
|
$rc = nuRunQuery($sql,[], true);
|
||||||
|
if ($rc<0 )
|
||||||
|
return false;
|
||||||
|
return $rstr;
|
||||||
|
}
|
||||||
|
|
||||||
|
function wmde_deleteOldSecrets()
|
||||||
|
{
|
||||||
|
$sql = "DELETE from community_reset WHERE valid_until < NOW() ";
|
||||||
|
nuRunQuery($sql);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function wmde_deleteSecret($secret)
|
||||||
|
{
|
||||||
|
$sql = "DELETE from community_reset WHERE secret = :secret ";
|
||||||
|
nuRunQuery($sql,['secret'=>$secret]);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function wmde_getCommunityId( $email, $private = false )
|
||||||
|
{
|
||||||
|
if (!$private){
|
||||||
|
$sql = "SELECT community.community_id FROM community LEFT JOIN community_mail ON
|
||||||
|
community_mail.cmailkey = community.community_id WHERE
|
||||||
|
community_mail.cmail = :cmail OR community.email = :email";
|
||||||
|
$sqlargs = [':cmail'=>$email,':email'=>$email];
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$sql = "SELECT community.community_id FROM community
|
||||||
|
WHERE community.email = :email";
|
||||||
|
$sqlargs = [':email'=>$email];
|
||||||
|
}
|
||||||
|
|
||||||
|
// echo "Cpommunity Query = $sql - $email\n";
|
||||||
|
|
||||||
|
$t = nuRunQuery($sql, $sqlargs);
|
||||||
|
// var_dump($t);
|
||||||
|
|
||||||
|
$a = db_fetch_array($t);
|
||||||
|
if ($a) {
|
||||||
|
return $a['community_id'];
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
function showReset()
|
||||||
|
{
|
||||||
|
global $nuDB;
|
||||||
|
$title = "WP:@ Passwort anfordern";
|
||||||
|
include "email.tpl";
|
||||||
|
/*<HTML>
|
||||||
|
<body>
|
||||||
|
|
||||||
|
<form method="POST">
|
||||||
|
<label for="email" name="Email" value="E-Mail">E-Mail:</label>
|
||||||
|
<input type = "email" name="email"/>
|
||||||
|
<input type = "submit" value="Senden"/>
|
||||||
|
</form>
|
||||||
|
</body>
|
||||||
|
</HTML>*/
|
||||||
|
}
|
||||||
|
|
||||||
|
function getpw()
|
||||||
|
{
|
||||||
|
global $nuDB;
|
||||||
|
$sql = "SELECT * FROM community WHERE email = :email";
|
||||||
|
$t = nuRunQuery($sql,[':email' => 'tube@surfpoeten.de']);
|
||||||
|
var_dump($t);
|
||||||
|
$a = db_fetch_array($t);
|
||||||
|
var_dump($a);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
function wmde_getWikiMails($community_id)
|
||||||
|
{
|
||||||
|
$sql = "SELECT cmail FROM community LEFT JOIN community_mail ON
|
||||||
|
community_mail.cmailkey = community.community_id WHERE
|
||||||
|
community.community_id = :community_id";
|
||||||
|
$t = nuRunQuery($sql,[':community_id' => $community_id]);
|
||||||
|
$mails = array();
|
||||||
|
while ( $a = db_fetch_array($t) )
|
||||||
|
{
|
||||||
|
array_push($mails,$a['cmail']);
|
||||||
|
}
|
||||||
|
return $mails;
|
||||||
|
}
|
||||||
|
|
||||||
|
function wmde_setPass($community_id,$password)
|
||||||
|
{
|
||||||
|
$pass = password_hash($password,PASSWORD_BCRYPT );
|
||||||
|
$sql = "UPDATE community SET pass='$pass' WHERE community_id = :id";
|
||||||
|
// echo "SQL: $sql\n";
|
||||||
|
$t = nuRunQuery($sql,[':id' => $community_id],true);
|
||||||
|
// var_dump($t);
|
||||||
|
return $t;
|
||||||
|
}
|
||||||
|
|
||||||
|
function wmde_getCommunityIdBySecret($secret)
|
||||||
|
{
|
||||||
|
$sql = "SELECT community_reset_id FROM community_reset WHERE secret = :secret";
|
||||||
|
// AND valid_until > NOW() ";
|
||||||
|
|
||||||
|
$t = nuRunQuery($sql, ['secret' => $secret]);
|
||||||
|
// echo "the t $secret\n";
|
||||||
|
// var_dump($t);
|
||||||
|
|
||||||
|
$a = db_fetch_array($t);
|
||||||
|
// echo "the a\n";
|
||||||
|
// var_dump($a);
|
||||||
|
|
||||||
|
if ($a) {
|
||||||
|
return $a['community_reset_id'];
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function wmde_setPassByMail($email,$pass)
|
||||||
|
{
|
||||||
|
$id = wmde_getCommunityId($email);
|
||||||
|
if (!$id)
|
||||||
|
return false;
|
||||||
|
return wmde_setPass($id,$pass);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function wmde_sendPasswordResetMail($email)
|
||||||
|
{
|
||||||
|
$community_id = wmde_getCommunityId($email,false);
|
||||||
|
// var_dump($community_id);
|
||||||
|
// var_dump($email);
|
||||||
|
if (!$community_id)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
$secret = wmde_createPasswordResetSecret($community_id);
|
||||||
|
if (!$secret ) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
include "mailtext.tpl";
|
||||||
|
|
||||||
|
$sender='noc@wikipedia.de';
|
||||||
|
$sendmail = "/usr/sbin/sendmail";
|
||||||
|
$text = "To: $email\n";
|
||||||
|
$text.= "From: Wikimedia Team IT <noc@wikipedia.de>\n";
|
||||||
|
$text.= "MIME-Version: 1.0\n";
|
||||||
|
$text.= "Content-Transfer-Encoding: 8bit\n";
|
||||||
|
$text.= "Content-Type: text/plain; charset=utf-8\n";
|
||||||
|
$text.= "Subject: $mail_subject\n\n";
|
||||||
|
$text.= $mail_text;
|
||||||
|
|
||||||
|
|
||||||
|
$cmd = "echo '$text' | $sendmail -f noc@wikipedia.de $email";
|
||||||
|
exec ($cmd);
|
||||||
|
return $secret;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
Binary file not shown.
After Width: | Height: | Size: 33 KiB |
|
@ -0,0 +1,14 @@
|
||||||
|
|
||||||
|
* {
|
||||||
|
font-family: Montserrat, sans-serif;
|
||||||
|
font-size: 100%; /*1vw;*/
|
||||||
|
}
|
||||||
|
|
||||||
|
body {padding:1em; max-width: 60ex; text-align: justify;}
|
||||||
|
|
||||||
|
img, body { display: block; margin-left: auto; margin-right: auto; }
|
||||||
|
dt { font-weight: bold; }
|
||||||
|
|
||||||
|
.notice { color: green; }
|
||||||
|
|
||||||
|
.imprint { color: grey; }
|
|
@ -0,0 +1,7 @@
|
||||||
|
<?php include("header.tpl"); ?>
|
||||||
|
<p>Der vom dir aufgerufene Link zum Setzen des WP:@-Passworts
|
||||||
|
ist nicht oder nicht mehr gültig.</p>
|
||||||
|
<p>
|
||||||
|
Um einen gültigen Link zu erhalten, musst du erneut <a href=" https://email.wikimedia.de/wmdepasswd">Zugangsdaten anfordern</a>.
|
||||||
|
</p>
|
||||||
|
<?php include("footer.tpl"); ?>
|
|
@ -0,0 +1,38 @@
|
||||||
|
<?php
|
||||||
|
include_once("header.tpl");
|
||||||
|
?>
|
||||||
|
<p>Hier sind deine Zugangsdaten, um Mails mit deiner WP:@-Adresse
|
||||||
|
zu versenden. Bitte notiere dir diese Daten an einem sicheren Ort (z.B.
|
||||||
|
in deiner durch KeePassXC gesicherten Passwortdatenbank).</p>
|
||||||
|
|
||||||
|
<p class="notice">Ein erneuter Aufruf dieser Seite ist nicht möglich, es sei denn, du
|
||||||
|
forderst ein neues Passwort an.</p>
|
||||||
|
<dl>
|
||||||
|
<dt>Absenderadresse(n):</dt>
|
||||||
|
<dd>
|
||||||
|
<?php
|
||||||
|
foreach ($wikimails as $wm){
|
||||||
|
echo "$k$wm<br>";
|
||||||
|
}
|
||||||
|
|
||||||
|
?>
|
||||||
|
</dd>
|
||||||
|
<dt>Postausgangsserver:</dt><dd>email.wikimedia.de</dd>
|
||||||
|
<dt>Port:</dt><dd>587</dd>
|
||||||
|
<dt>Verschlüsselung:</dt><dd>StartTLS</dd>
|
||||||
|
<dt>WP:@-Benutzername:</dt>
|
||||||
|
<dd>
|
||||||
|
<?php
|
||||||
|
echo "$community_id";
|
||||||
|
?>
|
||||||
|
</dd>
|
||||||
|
<dt>WP:@-Passwort:</dt><dd><?php echo $password ?></dd>
|
||||||
|
</dl>
|
||||||
|
<p>
|
||||||
|
Hilfe bei der Einrichtung in verschiedenen E-Mail-Anwendungen kannst du auf der Seite
|
||||||
|
<a href="https://de.wikipedia.org/wiki/Wikipedia:F%C3%B6rderung/Wikimedia_Deutschland/Anleitung_E-Mail-Konfiguration">WP:@/Anleitung_E-Mail-Konfiguration</a>
|
||||||
|
finden.
|
||||||
|
</p>
|
||||||
|
<?php
|
||||||
|
include_once("footer.tpl");
|
||||||
|
?>
|
Loading…
Reference in New Issue