passlost_codeoption && isset($_GET['dat'])) { /* Übergabeparameter aufdröseln */ list($uname, $code) = explode('|', base64_decode($_GET['dat'])); } else { $uname = (isset($_GET['uname'])) ? $_GET['uname'] : ''; $code = ''; } if ($userconfig->passlost_codeoption) { $noproblem = _NOPROBLEM; $sendpassword = _SENDPASSWORD; $fieldname = 'code'; $fieldcaption = _CONFIRMATIONCODE; } else { $noproblem = _NOPROBLEM_2; $sendpassword = _SENDPASSWORD_2; $fieldcaption = _EMAIL; } include('header.php'); title(_USERREGLOGIN); userNavigation('passlost'); ?>

passlost_codeoption && empty($_POST['email']): /* ohne Codeoption, Emailadresse beim Senden nicht angegeben */ mxRedirect('modules.php?name=Your_Account&op=pass_lost&uname=' . $userinfo['uname'], _ERROR_NO_USERNAME_EMAIL); return; case !$userconfig->passlost_codeoption && !mxCheckEmail($_POST['email']): /* ohne Codeoption, ungültige Emailadresse beim Senden angegeben */ mxRedirect('modules.php?name=Your_Account&op=pass_lost&uname=' . $userinfo['uname'], _ERRORINVEMAIL); return; //~ case !$userconfig->passlost_codeoption && $_POST['email'] != $userinfo['email']: //~ /* ohne Codeoption, beim Senden angegebene Emailadresse passt nicht zum Usernamen */ //~ mxRedirect('modules.php?name=Your_Account&op=pass_lost&uname=' . $userinfo['uname'], sprintf(_ERROR_USEREMAILNOTMATCH, $uname)); //~ return; //~ case $userconfig->passlost_codeoption && !empty($_POST['code']) && $areyou != $_POST['code']: //~ /* mit Codeoption, kein Code, oder ungültiger Code beim Senden angegeben */ //~ mxRedirect('modules.php?name=Your_Account&op=pass_lost&uname=' . $userinfo['uname'], _ERROR_FALSECODE); //~ return; //~ case $userconfig->passlost_codeoption && empty($_POST['code']): //~ /* mit Codeoption, erste Stufe, alles ok, Code senden */ //~ $addlink = '&dat=' . base64_encode($userinfo['uname'] . '|' . $areyou); //~ $message = (_HELLO . " " . $userinfo['uname'] . ",\n\n" . _CODEREQUESTED . " [ip: " . MX_REMOTE_ADDR . "]\n\n" . _YOURCODEIS . " " . $areyou . "\n\n" . _HASTHISEMAIL . " \n" . PMX_HOME_URL . "/modules.php?name=Your_Account&op=pass_lost" . $addlink . "\n\n" . _IFYOUDIDNOTASK2); //~ $subject = (_CODEFOR . " " . $userinfo['uname'] . " (" . $GLOBALS['sitename'] . ")"); //~ if (mxMail($userinfo['email'], $subject, $message)) { //~ $msg = _CODEFOR . " " . $userinfo['uname'] . " " . _MAILED; //~ } else { //~ $msg = _ERROR_CANNOTSENDMAIL; //~ } //~ mxRedirect('modules.php?name=Your_Account&op=pass_lost&uname=' . $userinfo['uname'], $msg, 10); //~ return; default: /* beide Optionen, alles ok, neues Passwort zusendenn */ $newpass = makepass(); // neues Passwort generieren /* Datenbank aktualisieren */ $query = "UPDATE {$user_prefix}_users SET pass='" . md5($newpass) . "' WHERE uid=" . intval($userinfo['uid']); if (sql_query($query)) { /* Wenn DB aktualisiert werden konnte, Passwort per Mail versenden */ $message = (_HELLO . " " . $userinfo['uname'] . ",\n\n" . _HASREQUESTED . " [ip: " . MX_REMOTE_ADDR . "]\n\n" . _YOURNEWPASSWORD . " " . $newpass . "\n\n" . _YOUCANCHANGE . " \n" . PMX_HOME_URL . "/modules.php?name=Your_Account\n\n" . _IFYOUDIDNOTASK); $subject = (_USERPASSWORD4 . " " . $userinfo['uname'] . " (" . $GLOBALS['sitename'] . ")"); if (mxMail($userinfo['email'], $subject, $message)) { /* ok, mail konnte gesendet werden */ $msg = _PASSWORD4 . " " . $userinfo['uname'] . " " . _MAILED; mxRedirect('modules.php?name=Your_Account', $msg); return; } else { /* mail konnte nicht gesendet werden, Passwort in DB wieder auf alten Wert zurücksetzen */ $query = "UPDATE {$user_prefix}_users SET pass='" . $userinfo['pass'] . "' WHERE uid=" . intval($userinfo['uid']); sql_query($query); $msg = _ERROR_CANNOTSENDMAIL; } /* Modulspezifische Passwortänderungen durchfuehren $uid muss vorhanden sein!! */ $uid = $userinfo['uid']; $files = (array)glob(PMX_MODULES_DIR . DS . '*' . DS . 'core' . DS . 'user.passlost.php', GLOB_NOSORT); foreach ($files as $filename) { if ($filename) { include_once($filename); } } } else { $msg = _UPDATEFAILED; } mxRedirect('modules.php?name=Your_Account&op=pass_lost', $msg, 5); return; } } ?>