2019-07-16 15:43:15 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
$skip_permissions = true;
|
|
|
|
|
include_once __DIR__.'/core.php';
|
|
|
|
|
|
|
|
|
|
use Models\User;
|
2019-08-29 10:25:14 +02:00
|
|
|
use Modules\Emails\Mail;
|
|
|
|
|
use Modules\Emails\Template;
|
2019-08-27 15:42:13 +02:00
|
|
|
use Notifications\EmailNotification;
|
2019-07-16 15:43:15 +02:00
|
|
|
|
|
|
|
|
$token = get('reset_token');
|
|
|
|
|
|
|
|
|
|
switch (post('op')) {
|
|
|
|
|
case 'reset':
|
|
|
|
|
$username = post('username');
|
|
|
|
|
$email = post('email');
|
|
|
|
|
|
|
|
|
|
$database->insert('zz_logs', [
|
|
|
|
|
'username' => $username,
|
|
|
|
|
'ip' => get_client_ip(),
|
|
|
|
|
'stato' => Auth::getStatus()['failed']['code'],
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$utente = User::where('username', $username)->where('email', $email)->first();
|
|
|
|
|
if (!empty($utente)) {
|
|
|
|
|
$utente->reset_token = secure_random_string();
|
|
|
|
|
$utente->save();
|
|
|
|
|
|
2019-08-29 10:25:14 +02:00
|
|
|
$template = Template::get('Reset password');
|
2019-07-16 15:43:15 +02:00
|
|
|
|
2019-08-27 15:42:13 +02:00
|
|
|
$mail = Mail::build($user, $template, $utente->id);
|
|
|
|
|
$mail->addReceiver($utente->email);
|
|
|
|
|
$mail->save();
|
2019-07-16 15:43:15 +02:00
|
|
|
|
2019-08-27 15:42:13 +02:00
|
|
|
$email = EmailNotification::build($mail);
|
|
|
|
|
$email->send();
|
2019-07-16 15:43:15 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//$message_email = substr($email, 0, 2).str_repeat('*', strlen($email)-8).substr($email, -6);
|
|
|
|
|
|
|
|
|
|
flash()->info(tr("Se le informazioni inserite corrispondono ai dati di un utente, riceverai a breve un'email all'indirizzo collegato").'.');
|
|
|
|
|
|
|
|
|
|
redirect(ROOTDIR.'/index.php');
|
2020-04-15 14:28:30 +02:00
|
|
|
exit();
|
2019-07-16 15:43:15 +02:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'update':
|
|
|
|
|
$password = post('password');
|
|
|
|
|
|
|
|
|
|
$utente = User::where('reset_token', $token)->first();
|
|
|
|
|
if (!empty($utente)) {
|
|
|
|
|
$utente->password = $password;
|
|
|
|
|
$utente->reset_token = null;
|
|
|
|
|
|
|
|
|
|
$utente->save();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
flash()->info(tr('Password cambiata!'));
|
|
|
|
|
|
|
|
|
|
redirect(ROOTDIR.'/index.php');
|
2020-04-08 21:58:54 +02:00
|
|
|
exit();
|
2019-07-16 15:43:15 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$pageTitle = tr('Reimpostazione password');
|
|
|
|
|
|
|
|
|
|
include_once App::filepath('include|custom|', 'top.php');
|
|
|
|
|
|
|
|
|
|
// Controllo se è una beta e in caso mostro un warning
|
|
|
|
|
if (Auth::isBrute()) {
|
|
|
|
|
echo '
|
|
|
|
|
<div class="box box-danger box-center" id="brute">
|
|
|
|
|
<div class="box-header with-border text-center">
|
|
|
|
|
<h3 class="box-title">'.tr('Attenzione').'</h3>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="box-body text-center">
|
|
|
|
|
<p>'.tr('Sono stati effettuati troppi tentativi di accesso consecutivi!').'</p>
|
|
|
|
|
<p>'.tr('Tempo rimanente (in secondi)').': <span id="brute-timeout">'.(Auth::getBruteTimeout() + 1).'</span></p>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
<script>
|
|
|
|
|
$(document).ready(function(){
|
|
|
|
|
$("#reset").fadeOut();
|
|
|
|
|
brute();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
function brute() {
|
|
|
|
|
var value = parseFloat($("#brute-timeout").html()) - 1;
|
|
|
|
|
$("#brute-timeout").html(value);
|
|
|
|
|
|
|
|
|
|
if(value > 0){
|
|
|
|
|
setTimeout("brute()", 1000);
|
|
|
|
|
} else{
|
|
|
|
|
$("#brute").fadeOut();
|
|
|
|
|
$("#reset").fadeIn();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
</script>';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
echo '
|
|
|
|
|
<form action="" method="post" class="box box-center-large box-warning" id="reset">
|
|
|
|
|
<div class="box-header with-border text-center">
|
2019-10-03 12:09:14 +02:00
|
|
|
<a href="'.ROOTDIR.'/index.php"><i class="fa fa-arrow-left btn btn-xs btn-warning pull-left tip" title="'.tr('Torna indietro').'" ></i></a>
|
2019-07-16 15:43:15 +02:00
|
|
|
<h3 class="box-title">'.$pageTitle.'</h3>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="box-body">';
|
|
|
|
|
|
|
|
|
|
if (empty($token)) {
|
|
|
|
|
echo '
|
|
|
|
|
<input type="hidden" name="op" value="reset">
|
|
|
|
|
|
2019-10-03 12:09:14 +02:00
|
|
|
<p>'.tr("Per reimpostare password, inserisci l'username con cui hai accesso al gestionale e l'indirizzo email associato all'utente").'.<br>
|
|
|
|
|
'.tr("Se i dati inseriti risulteranno corretti riceverai un'email dove sarà indicato il link da cui potrai reimpostare la tua password").'.</p>
|
2019-07-16 15:43:15 +02:00
|
|
|
|
|
|
|
|
{[ "type": "text", "label": "'.tr('Username').'", "placeholder": "'.tr('Username').'", "name": "username", "icon-before": "<i class=\"fa fa-user\"></i>", "required": 1 ]}
|
|
|
|
|
|
|
|
|
|
{[ "type": "email", "label": "'.tr('Email').'", "placeholder": "'.tr('Email').'", "name": "email", "icon-before": "<i class=\"fa fa-envelope\"></i>", "required": 1 ]}';
|
|
|
|
|
} else {
|
|
|
|
|
echo '
|
|
|
|
|
<input type="hidden" name="op" value="update">
|
|
|
|
|
|
|
|
|
|
<p>'.tr('Inserisci la nuova password per il tuo account').':</p>
|
|
|
|
|
|
2019-07-18 18:33:56 +02:00
|
|
|
{[ "type": "password", "label": "'.tr('Password').'", "name": "password", "required": 1, "strength": "#submit-button", "icon-before": "<i class=\"fa fa-lock\"></i>" ]}';
|
2019-07-16 15:43:15 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
echo '
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<div class="box-footer">
|
2019-07-18 18:33:56 +02:00
|
|
|
<button type="submit" id="submit-button" class="btn btn-success btn-block">
|
2019-10-03 12:09:14 +02:00
|
|
|
<i class="fa fa-arrow-right"></i> '.tr('Invia richiesta').'
|
2019-07-16 15:43:15 +02:00
|
|
|
</button>
|
|
|
|
|
</div>
|
|
|
|
|
</form>';
|
|
|
|
|
|
|
|
|
|
include_once App::filepath('include|custom|', 'bottom.php');
|
