set new password

git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@652 c66351dc-e62f-0410-b875-e3a5c0b9693f

src/messenger/webim/locales/en/properties

@@ -142,9 +142,9 @@ form.field.groupname.description=Name to identify the group.
 form.field.groupname=Name
 form.field.login.description=Login can consist of small Latin letters and underscore.
 form.field.login=Login
-form.field.message=Message
 form.field.mail.description=For notifications and password retrieval.
 form.field.mail=E-mail
+form.field.message=Message
 form.field.name=Your name
 form.field.password.description=Enter new password or leave the field empty to keep previous one.
 form.field.password=Password
@@ -373,16 +373,22 @@ report.byoperator.4=Average message length (in chars)
 report.byoperator.title=Threads by operator
 report.no_items=Not enough data
 report.total=Total:
-restore.pwd.message=Forgot your password?
-restore.title=Trouble Accessing Your Account?
-restore.intro=You can't retrieve your password, but you can set a new one by following a link sent to you by email.
-restore.emailorlogin=Login or E-mail:
+resetpwd.changed.title=Your password has been changed!
+resetpwd.changed=Login using your new password.
+resetpwd.intro=Please choose a password to use with your Mibew account.
+resetpwd.login=Proceed to login
+resetpwd.submit=Change
+resetpwd.title=Change your Mibew password
 restore.back_to_login=Back to login
-restore.submit=Reset password
-restore.sent.title=Password retrieval
-restore.sent=We've sent the instructions to your email. Please, check it!
+restore.emailorlogin=Login or E-mail:
+restore.intro=You can't retrieve your password, but you can set a new one by following a link sent to you by email.
 restore.mailsubj=Reset your Mibew password
 restore.mailtext=Hi, {0}\n\nPlease click on the link below or copy and paste the URL into your browser:\n{1}\n\nThis will let you choose another password.\n\nMibew Messenger.
+restore.pwd.message=Forgot your password?
+restore.sent.title=Password retrieval
+restore.sent=We've sent the instructions to your email. Please, check it!
+restore.submit=Reset password
+restore.title=Trouble Accessing Your Account?
 right.administration=Administration
 right.main=Main
 right.other=Other

src/messenger/webim/operator/resetpwd.php

@@ -0,0 +1,71 @@
+<?php
+/*
+ * This file is part of Mibew Messenger project.
+ * 
+ * Copyright (c) 2005-2009 Mibew Messenger Community
+ * All rights reserved. The contents of this file are subject to the terms of
+ * the Eclipse Public License v1.0 which accompanies this distribution, and
+ * is available at http://www.eclipse.org/legal/epl-v10.html
+ * 
+ * Alternatively, the contents of this file may be used under the terms of
+ * the GNU General Public License Version 2 or later (the "GPL"), in which case
+ * the provisions of the GPL are applicable instead of those above. If you wish
+ * to allow use of your version of this file only under the terms of the GPL, and
+ * not to allow others to use your version of this file under the terms of the
+ * EPL, indicate your decision by deleting the provisions above and replace them
+ * with the notice and other provisions required by the GPL.
+ * 
+ * Contributors:
+ *    Evgeny Gryaznov - initial API and implementation
+ */
+
+require_once('../libs/common.php');
+require_once('../libs/operator.php');
+require_once('../libs/settings.php');
+
+$errors = array();
+$page = array('version' => $version, 'showform' => true);
+
+$opId = verifyparam( "id", "/^\d{1,9}$/");
+$token = verifyparam("token", "/^[\dabcdef]+$/");
+
+$operator = operator_by_id($opId);
+
+if(!$operator) {
+	$errors[] = "No such operator";
+	$page['showform'] = false;
+} else if($token != $operator['vcrestoretoken']) {
+	$errors[] = "Wrong token";
+	$page['showform'] = false;
+}
+
+if (count($errors) == 0 && isset($_POST['password'])) {
+	$password = getparam('password');
+	$passwordConfirm = getparam('passwordConfirm');
+		
+	if( !$password )
+		$errors[] = no_field("form.field.password");
+
+	if( $password != $passwordConfirm )
+		$errors[] = getlocal("my_settings.error.password_match");
+		
+	if (count($errors) == 0) {
+		$page['isdone'] = true;
+
+		$link = connect();
+		$query = "update chatoperator set vcpassword = '".md5($password)."', vcrestoretoken = '' where operatorid = ".$opId;
+		perform_query($query, $link);
+		mysql_close($link);
+		
+		start_html_output();
+		require('../view/resetpwd.php');
+		exit;
+    }
+}
+
+$page['id'] = $opId;
+$page['token'] = $token;
+$page['isdone'] = false;
+start_html_output();
+require('../view/resetpwd.php');
+?>

src/messenger/webim/view/resetpwd.php

@@ -0,0 +1,114 @@
+<?php
+/*
+ * This file is part of Mibew Messenger project.
+ * 
+ * Copyright (c) 2005-2009 Mibew Messenger Community
+ * All rights reserved. The contents of this file are subject to the terms of
+ * the Eclipse Public License v1.0 which accompanies this distribution, and
+ * is available at http://www.eclipse.org/legal/epl-v10.html
+ * 
+ * Alternatively, the contents of this file may be used under the terms of
+ * the GNU General Public License Version 2 or later (the "GPL"), in which case
+ * the provisions of the GPL are applicable instead of those above. If you wish
+ * to allow use of your version of this file only under the terms of the GPL, and
+ * not to allow others to use your version of this file under the terms of the
+ * EPL, indicate your decision by deleting the provisions above and replace them
+ * with the notice and other provisions required by the GPL.
+ * 
+ * Contributors:
+ *    Evgeny Gryaznov - initial API and implementation
+ */
+
+if(isset($page) && isset($page['localeLinks'])) {
+	require_once('inc_locales.php');
+}
+$page['title'] = getlocal("resetpwd.title");
+$page['headertitle'] = getlocal("app.title");
+$page['show_small_login'] = true;
+$page['fixedwrap'] = true;
+
+function tpl_content() { 
+	global $page, $webimroot, $errors;
+	
+	if($page['isdone']) {
+?>
+<div id="loginpane">
+	<div class="header">	
+		<h2><?php echo getlocal("resetpwd.changed.title") ?></h2>
+	</div>
+
+	<div class="fieldForm">
+		<?php echo getlocal("resetpwd.changed") ?>
+		<br/>
+		<br/>
+		<a href="login.php"><?php echo getlocal("resetpwd.login") ?></a>
+	</div>
+</div>	
+	
+<?php 		
+	} else {
+?>
+
+<form name="resetForm" method="post" action="<?php echo $webimroot ?>/operator/resetpwd.php">
+<input type="hidden" name="id" value="<?php echo $page['id'] ?>"/>
+<input type="hidden" name="token" value="<?php echo $page['token'] ?>"/>
+
+	<div id="loginpane">
+
+	<div class="header">	
+		<h2><?php echo getlocal("resetpwd.title") ?></h2>
+	</div>
+
+	<div class="fieldForm">
+	
+		<?php echo getlocal("resetpwd.intro") ?><br/><br/>
+
+<?php 
+require_once('inc_errors.php');
+?>
+	
+<?php if($page['showform']) { ?>
+		<div class="field">
+			<div class="fleftlabel"><?php echo getlocal('form.field.password') ?></div>
+			<div class="fvalue">
+				<input type="password" name="password" size="25" value="" class="formauth"/>
+			</div>
+			<br clear="all"/>
+		</div>
+
+		<div class="field">
+			<div class="fleftlabel"><?php echo getlocal('form.field.password_confirm') ?></div>
+			<div class="fvalue">
+				<input type="password" name="passwordConfirm" size="25" value="" class="formauth"/>
+			</div>
+			<br clear="all"/>
+		</div>
+
+		<div class="fbutton">
+			<table class="submitbutton"><tr>
+				<td><a href="javascript:resetForm.submit();">
+					<img src='<?php echo $webimroot ?>/images/submit.gif' width="40" height="35" border="0" alt="" /></a></td>
+				<td class="submit"><a href="javascript:resetForm.submit();">
+					<?php echo getlocal("resetpwd.submit") ?></a></td>
+				<td><a href="javascript:resetForm.submit();">
+					<img src='<?php echo $webimroot ?>/images/submitrest.gif' width="10" height="35" border="0" alt="" /></a></td>
+			</tr></table>
+
+			<div class="links">
+				<a href="login.php"><?php echo getlocal("restore.back_to_login") ?></a>
+			</div>
+		</div>
+<?php } else { ?>
+		<a href="login.php"><?php echo getlocal("restore.back_to_login") ?></a>
+<?php } ?>
+	</div>
+
+	</div>		
+</form>
+
+<?php 
+	}
+} /* content */
+
+require_once('inc_main.php');
+?>