operator email, password retrieval - part 1

git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@650 c66351dc-e62f-0410-b875-e3a5c0b9693f
This commit is contained in:
Evgeny Gryaznov 2009-08-31 22:43:30 +00:00
parent 60a305b45c
commit 03eab80aca
10 changed files with 238 additions and 11 deletions

View File

@ -368,6 +368,15 @@ div.errinfo {
padding-top: 10px;
}
.fbutton .links {
float: right;
margin-top: 5px;
}
.fbutton .submitbutton {
float: left;
}
.formauth {
}

View File

@ -76,6 +76,8 @@ $dbtables = array(
"vcavatar" => "varchar(255)",
"vcjabbername" => "varchar(255)",
"iperm" => "int DEFAULT 65535",
"dtmrestore" => "datetime DEFAULT 0",
"vcrestoretoken" => "varchar(64)",
),
"chatrevision" => array(
@ -115,7 +117,7 @@ $memtables = array();
$dbtables_can_update = array(
"chatthread" => array("agentId", "userTyping", "agentTyping", "messageCount", "nextagent", "shownmessageid", "userid", "userAgent", "groupid"),
"chatmessage" => array("agentId"),
"chatoperator" => array("vcavatar", "vcjabbername", "iperm", "istatus", "vcemail"),
"chatoperator" => array("vcavatar", "vcjabbername", "iperm", "istatus", "vcemail", "dtmrestore", "vcrestoretoken"),
"chatban" => array(),
"chatgroup" => array("vcemail"),
"chatgroupoperator" => array(),
@ -159,7 +161,7 @@ function create_table($id,$link) {
mysql_query($query,$link) or show_install_err(' Query failed: '.mysql_error());
if( $id == 'chatoperator' ) {
create_operator_("admin", "", "Administrator", "Administrator", "", $link);
create_operator_("admin", "", "", "Administrator", "Administrator", "", $link);
} else if( $id == 'chatrevision' ) {
perform_query("INSERT INTO chatrevision VALUES (1)",$link);
}

View File

@ -133,6 +133,14 @@ if ($act == "silentcreateall") {
if( in_array("chatoperator.vcemail", $absent) ) {
runsql("ALTER TABLE chatoperator ADD vcemail varchar(64)", $link);
}
if( in_array("chatoperator.dtmrestore", $absent) ) {
runsql("ALTER TABLE chatoperator ADD dtmrestore datetime DEFAULT 0", $link);
}
if( in_array("chatoperator.vcrestoretoken", $absent) ) {
runsql("ALTER TABLE chatoperator ADD vcrestoretoken varchar(64)", $link);
}
if( in_array("chatthread.groupid", $absent) ) {
runsql("ALTER TABLE chatthread ADD groupid int references chatgroup(groupid)", $link);

View File

@ -41,6 +41,14 @@ function operator_by_login($login) {
return $operator;
}
function operator_by_email($mail) {
$link = connect();
$operator = select_one_row(
"select * from chatoperator where vcemail = '".mysql_real_escape_string($mail)."'", $link );
mysql_close($link);
return $operator;
}
function operator_by_id_($id,$link) {
return select_one_row(
"select * from chatoperator where operatorid = $id", $link );
@ -53,16 +61,17 @@ function operator_by_id($id) {
return $operator;
}
function update_operator($operatorid,$login,$password,$localename,$commonname) {
function update_operator($operatorid,$login,$email,$password,$localename,$commonname) {
$link = connect();
$query = sprintf(
"update chatoperator set vclogin = '%s',%s vclocalename = '%s', vccommonname = '%s'".
", vcjabbername= '%s'".
", vcemail = '%s', vcjabbername= '%s'".
" where operatorid = %s",
mysql_real_escape_string($login),
($password ? " vcpassword='".md5($password)."'," : ""),
mysql_real_escape_string($localename),
mysql_real_escape_string($commonname),
mysql_real_escape_string($email),
'',
$operatorid );
@ -80,14 +89,15 @@ function update_operator_avatar($operatorid,$avatar) {
mysql_close($link);
}
function create_operator_($login,$password,$localename,$commonname,$avatar,$link) {
function create_operator_($login,$email,$password,$localename,$commonname,$avatar,$link) {
$query = sprintf(
"insert into chatoperator (vclogin,vcpassword,vclocalename,vccommonname,vcavatar,vcjabbername) values ('%s','%s','%s','%s','%s','%s')",
"insert into chatoperator (vclogin,vcpassword,vclocalename,vccommonname,vcavatar,vcemail,vcjabbername) values ('%s','%s','%s','%s','%s','%s','%s')",
mysql_real_escape_string($login),
md5($password),
mysql_real_escape_string($localename),
mysql_real_escape_string($commonname),
mysql_real_escape_string($avatar), '');
mysql_real_escape_string($avatar),
mysql_real_escape_string($email), '');
perform_query($query,$link);
$id = mysql_insert_id($link);
@ -95,9 +105,9 @@ function create_operator_($login,$password,$localename,$commonname,$avatar,$link
return select_one_row("select * from chatoperator where operatorid = $id", $link );
}
function create_operator($login,$password,$localename,$commonname,$avatar) {
function create_operator($login,$email,$password,$localename,$commonname,$avatar) {
$link = connect();
$newop = create_operator_($login,$password,$localename,$commonname,$avatar,$link);
$newop = create_operator_($login,$email,$password,$localename,$commonname,$avatar,$link);
mysql_close($link);
return $newop;
}

View File

@ -143,6 +143,8 @@ form.field.groupname=Name
form.field.login.description=Login can consist of small Latin letters and underscore.
form.field.login=Login
form.field.message=Message
form.field.mail.description=For notifications and password retrieval.
form.field.mail=E-mail
form.field.name=Your name
form.field.password.description=Enter new password or leave the field empty to keep previous one.
form.field.password=Password
@ -371,6 +373,16 @@ report.byoperator.4=Average message length (in chars)
report.byoperator.title=Threads by operator
report.no_items=Not enough data
report.total=Total:
restore.pwd.message=Forgot your password?
restore.title=Trouble Accessing Your Account?
restore.intro=You can't retrieve your password, but you can set a new one by following a link sent to you by email.
restore.emailorlogin=Login or E-mail:
restore.back_to_login=Back to login
restore.submit=Reset password
restore.sent.title=Password retrieval
restore.sent=We've sent the instructions to your email. Please, check it!
restore.mailsubj=Reset your Mibew password
restore.mailtext=Hi, {0}\n\nPlease click on the link below or copy and paste the URL into your browser:\n{1}\n\nThis will let you choose another password.\n\nMibew Messenger.
right.administration=Administration
right.main=Main
right.other=Other

View File

@ -32,6 +32,7 @@ $opId = '';
if( isset($_POST['login']) && isset($_POST['password']) ) {
$opId = verifyparam( "opid", "/^(\d{1,9})?$/", "");
$login = getparam('login');
$email = getparam('email');
$password = getparam('password');
$passwordConfirm = getparam('passwordConfirm');
$localname = getparam('name');
@ -49,6 +50,9 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
$errors[] = getlocal("page_agent.error.wrong_login");
}
if($email != '' && !is_valid_email($email))
$errors[] = wrong_field("form.field.mail");
if( !$opId && !$password )
$errors[] = no_field("form.field.password");
@ -68,17 +72,18 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
if( count($errors) == 0 ) {
if (!$opId) {
$newop = create_operator($login,$password,$localname,$commonname,"");
$newop = create_operator($login,$email,$password,$localname,$commonname,"");
header("Location: $webimroot/operator/avatar.php?op=".$newop['operatorid']);
exit;
} else {
update_operator($opId,$login,$password,$localname,$commonname);
update_operator($opId,$login,$email,$password,$localname,$commonname);
header("Location: $webimroot/operator/operator.php?op=$opId&stored");
exit;
}
} else {
$page['formlogin'] = topage($login);
$page['formname'] = topage($localname);
$page['formemail'] = topage($email);
$page['formcommonname'] = topage($commonname);
$page['opid'] = topage($opId);
}
@ -93,6 +98,7 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
} else {
$page['formlogin'] = topage($op['vclogin']);
$page['formname'] = topage($op['vclocalename']);
$page['formemail'] = topage($op['vcemail']);
$page['formcommonname'] = topage($op['vccommonname']);
$page['opid'] = topage($op['operatorid']);
}

View File

@ -0,0 +1,67 @@
<?php
/*
* This file is part of Mibew Messenger project.
*
* Copyright (c) 2005-2009 Mibew Messenger Community
* All rights reserved. The contents of this file are subject to the terms of
* the Eclipse Public License v1.0 which accompanies this distribution, and
* is available at http://www.eclipse.org/legal/epl-v10.html
*
* Alternatively, the contents of this file may be used under the terms of
* the GNU General Public License Version 2 or later (the "GPL"), in which case
* the provisions of the GPL are applicable instead of those above. If you wish
* to allow use of your version of this file only under the terms of the GPL, and
* not to allow others to use your version of this file under the terms of the
* EPL, indicate your decision by deleting the provisions above and replace them
* with the notice and other provisions required by the GPL.
*
* Contributors:
* Evgeny Gryaznov - initial API and implementation
*/
require_once('../libs/common.php');
require_once('../libs/operator.php');
require_once('../libs/settings.php');
$errors = array();
$page = array('version' => $version);
$loginoremail = "";
if (isset($_POST['loginoremail'])) {
$loginoremail = getparam("loginoremail");
$torestore = is_valid_email($loginoremail) ? operator_by_email($loginoremail) : operator_by_login($loginoremail);
if(!$torestore) {
$errors[] = getlocal("no_such_operator");
}
$email = $torestore['vcemail'];
if(count($errors) == 0 && !is_valid_email($email)) {
$errors[] = "Operator hasn't set his e-mail";
}
if (count($errors) == 0) {
$token = md5((time() + microtime()).rand(0,99999999));
$link = connect();
$query = "update chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '$token' where operatorid = ".$torestore['operatorid'];
perform_query($query, $link);
mysql_close($link);
$link = get_app_location(true,false)."/operator/resetpwd.php?id=".$torestore['operatorid']."&token=$token";
webim_mail($email, $email, getstring("restore.mailsubj"), getstring2("restore.mailtext",array(get_operator_name($torestore), $link)));
$page['isdone'] = true;
require('../view/restore.php');
exit;
}
}
$page['formloginoremail'] = topage($loginoremail);
$page['localeLinks'] = get_locale_links("$webimroot/operator/restore.php");
$page['isdone'] = false;
start_html_output();
require('../view/restore.php');
?>

View File

@ -66,6 +66,15 @@ require_once('inc_errors.php');
<br clear="all"/>
</div>
<div class="field">
<div class="flabel"><?php echo getlocal('form.field.mail') ?></div>
<div class="fvalue">
<input type="text" name="email" size="40" value="<?php echo form_value('email') ?>" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
</div>
<div class="fdescr"> &mdash; <?php echo getlocal('form.field.mail.description') ?></div>
<br clear="all"/>
</div>
<div class="field">
<div class="flabel"><?php echo getlocal('form.field.password') ?><?php if( !$page['opid'] ) { ?><span class="required">*</span><?php } ?></div>
<div class="fvalue">

View File

@ -77,6 +77,10 @@ require_once('inc_errors.php');
<div class="fbutton">
<input type="image" name="login" src='<?php echo $webimroot.getlocal("image.button.login") ?>' alt='<?php echo getlocal("button.enter") ?>'/>
<div class="links">
<a href="restore.php"><?php echo getlocal("restore.pwd.message") ?></a><br/>
</div>
</div>
</div>

View File

@ -0,0 +1,100 @@
<?php
/*
* This file is part of Mibew Messenger project.
*
* Copyright (c) 2005-2009 Mibew Messenger Community
* All rights reserved. The contents of this file are subject to the terms of
* the Eclipse Public License v1.0 which accompanies this distribution, and
* is available at http://www.eclipse.org/legal/epl-v10.html
*
* Alternatively, the contents of this file may be used under the terms of
* the GNU General Public License Version 2 or later (the "GPL"), in which case
* the provisions of the GPL are applicable instead of those above. If you wish
* to allow use of your version of this file only under the terms of the GPL, and
* not to allow others to use your version of this file under the terms of the
* EPL, indicate your decision by deleting the provisions above and replace them
* with the notice and other provisions required by the GPL.
*
* Contributors:
* Evgeny Gryaznov - initial API and implementation
*/
if(isset($page) && isset($page['localeLinks'])) {
require_once('inc_locales.php');
}
$page['title'] = getlocal("restore.title");
$page['headertitle'] = getlocal("app.title");
$page['show_small_login'] = true;
$page['fixedwrap'] = true;
function tpl_content() {
global $page, $webimroot, $errors;
if($page['isdone']) {
?>
<div id="loginpane">
<div class="header">
<h2><?php echo getlocal("restore.sent.title") ?></h2>
</div>
<div class="fieldForm">
<?php echo getlocal("restore.sent") ?>
<br/>
<br/>
<a href="login.php"><?php echo getlocal("restore.back_to_login") ?></a>
</div>
</div>
<?php
} else {
?>
<form name="restoreForm" method="post" action="<?php echo $webimroot ?>/operator/restore.php">
<div id="loginpane">
<div class="header">
<h2><?php echo getlocal("restore.title") ?></h2>
</div>
<div class="fieldForm">
<?php echo getlocal("restore.intro") ?><br/><br/>
<?php
require_once('inc_errors.php');
?>
<div class="field">
<div class="fleftlabel"><?php echo getlocal("restore.emailorlogin") ?></div>
<div class="fvalue">
<input type="text" name="loginoremail" size="25" value="<?php echo form_value('loginoremail') ?>" class="formauth"/>
</div>
<br clear="all"/>
</div>
<div class="fbutton">
<table class="submitbutton"><tr>
<td><a href="javascript:restoreForm.submit();">
<img src='<?php echo $webimroot ?>/images/submit.gif' width="40" height="35" border="0" alt="" /></a></td>
<td class="submit"><a href="javascript:restoreForm.submit();">
<?php echo getlocal("restore.submit") ?></a></td>
<td><a href="javascript:restoreForm.submit();">
<img src='<?php echo $webimroot ?>/images/submitrest.gif' width="10" height="35" border="0" alt="" /></a></td>
</tr></table>
<div class="links">
<a href="login.php"><?php echo getlocal("restore.back_to_login") ?></a>
</div>
</div>
</div>
</div>
</form>
<?php
}
} /* content */
require_once('inc_main.php');
?>