matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 1 | <?php |
| 2 | require_once 'vendor/autoload.php'; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 3 | include 'config.php'; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 4 | include_once 'redis.php'; |
| 5 | include_once 'utils.php'; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 6 | include_once 'mail.php'; |
| 7 | include_once 'ldap.php'; |
| 8 | include_once 'validators.php'; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 9 | |
| 10 | if (!$DEBUG) error_reporting(0); |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 11 | else error_reporting(1); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 12 | session_start(); |
| 13 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 14 | use Gregwar\Captcha\PhraseBuilder; |
| 15 | |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 16 | $URI = array_slice(explode("/", explode('?', $_SERVER['REQUEST_URI'], 2)[0]), -1)[0]; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 17 | if (strlen($URI) == 2) { |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 18 | $GLOBALS["cc"] = $URI; |
| 19 | $_SESSION["cc"] = $URI; |
| 20 | } |
| 21 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 22 | if (isset($_GET["lang"])) { |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 23 | $GLOBALS["cc"] = $_GET["lang"]; |
| 24 | $_SESSION["cc"] = $_GET["lang"]; |
| 25 | } |
| 26 | |
| 27 | $TEMPLATE = template_path(); |
| 28 | |
| 29 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 30 | function send_confirmation_email(string $mail, object $smtp, string $url) |
| 31 | { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 32 | include 'config.php'; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 33 | $TEMPLATE = template_path(); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 34 | include $TEMPLATE . "email.php"; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 35 | |
| 36 | send_mail($mail, $smtp, (object) [ |
| 37 | "subject" => $MAIL_TEMPLATE->subject, |
| 38 | "text" => str_replace("{{url}}", $url, $MAIL_TEMPLATE->text), |
| 39 | "html" => str_replace("{{url}}", $url, $MAIL_TEMPLATE->html) |
| 40 | ]); |
| 41 | } |
| 42 | |
| 43 | function send_recovery_email(string $mail, object $smtp, string $url) |
| 44 | { |
| 45 | include 'config.php'; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 46 | $TEMPLATE = template_path(); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 47 | include $TEMPLATE . "email.php"; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 48 | |
| 49 | send_mail($mail, $smtp, (object) [ |
| 50 | "subject" => $RECOVERY_EMAIL_TEMPLATE->subject, |
| 51 | "text" => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->text), |
| 52 | "html" => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->html) |
| 53 | ]); |
| 54 | } |
| 55 | |
| 56 | function reload_captcha_script() |
| 57 | { |
| 58 | include 'config.php'; |
| 59 | $TEMPLATE = template_path(); |
| 60 | include $TEMPLATE . "strings.php"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 61 | echo ' |
| 62 | <script> |
| 63 | const reload_captcha = async (e) => { |
| 64 | var cont = document.getElementById("reload_captcha"); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 65 | cont.innerHTML = "<div class=\'spinner-border text-info\' role=\'status\'><span class=\'sr-only\'>' . $STRINGS->reloading_captcha . '</span></div>"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 66 | var img = document.getElementById("captcha") |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 67 | var url = "' . $BASE_URL . '/captcha.php?token=' . $_SESSION["captcha_token"] . '" |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 68 | await fetch(url, { cache: "reload", mode: "no-cors" }) |
| 69 | .then(() => { |
| 70 | img.src = url+"&t=" + new Date().getTime(); |
| 71 | setTimeout( () => { |
| 72 | cont.innerHTML = "<button id=\'reload\' class=\'btn btn-outline-info\' type=\'button\'> <span class=\'glyphicon glyphicon-refresh\' aria-hidden=\'true\'></span></button>"; |
| 73 | bindButton() |
| 74 | }, 500); |
| 75 | }) |
| 76 | } |
| 77 | function bindButton(){ |
| 78 | var button = document.getElementById("reload"); |
| 79 | button.addEventListener("click", reload_captcha) |
| 80 | } |
| 81 | bindButton() |
| 82 | </script> |
| 83 | '; |
| 84 | } |
| 85 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 86 | function register_page($error = false) |
| 87 | { |
| 88 | $TEMPLATE = template_path(); |
| 89 | include 'config.php'; |
| 90 | if ($error) |
| 91 | include $TEMPLATE . 'error.htm'; |
| 92 | $_SESSION["captcha_token"] = generateRandomString(12); |
| 93 | include $TEMPLATE . "register.htm"; |
| 94 | reload_captcha_script(); |
| 95 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 96 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 97 | |
| 98 | function verify_request($user) |
| 99 | { |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 100 | $TEMPLATE = template_path(); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 101 | unset($_SESSION['captcha_token']); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 102 | include $TEMPLATE . 'strings.php'; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 103 | $password = $_POST["password"]; |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 104 | $error = ""; |
| 105 | |
| 106 | $error .= validate_username($user->user_name); |
| 107 | $error .= validate_name($user->name, $FIRST_NAME_VALIDATION_ERROR); |
| 108 | $error .= validate_name($user->last_name, $LAST_NAME_VALIDATION_ERROR); |
| 109 | $error .= validate_email($user->email); |
| 110 | $error .= validate_password($password); |
| 111 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 112 | |
| 113 | if (!(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) { |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 114 | $error = $error . $STRINGS->wrong_captcha; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 115 | } |
| 116 | unset($_SESSION["captcha"]); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 117 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 118 | return $error; |
| 119 | } |
| 120 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 121 | function approve_request($user) |
| 122 | { |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 123 | include 'config.php'; |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 124 | $token = generateRandomString(); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 125 | redis_set($token, $user, $MAIL_CONFIRMATION_AWAIT_DELAY); |
| 126 | $pending = redis_get("pending"); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 127 | if ($pending) { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 128 | $maillist = $pending->mails; |
| 129 | array_push($maillist, $user->email); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 130 | } else |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 131 | $maillist = [$user->email]; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 132 | redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 133 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 134 | $url = $BASE_URL . "?type=confirmation&token=" . $token; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 135 | if (in_array(explode("@", $user->email)[1], $MAIL_HOST_DIRECT_FALLBACK)) |
| 136 | $smtp = $FALLBACK_SMTP; |
| 137 | else |
| 138 | $smtp = $SMTP; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 139 | send_confirmation_email($user->email, $smtp, $url); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 140 | $_SESSION['resend'] = generateRandomString(12); |
| 141 | $_SESSION['token'] = $token; |
| 142 | $_SESSION['email'] = $user->email; |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 143 | $TEMPLATE = template_path(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 144 | include $TEMPLATE . "confirm_your_email.htm"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 145 | } |
| 146 | |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 147 | function recover_form($error = null) |
| 148 | { |
| 149 | $TEMPLATE = template_path(); |
| 150 | include 'config.php'; |
| 151 | $_SESSION["captcha_token"] = generateRandomString(12); |
| 152 | if ($error) |
| 153 | include $TEMPLATE . 'error.htm'; |
| 154 | include $TEMPLATE . "recover_email_form.htm"; |
| 155 | reload_captcha_script(); |
| 156 | } |
| 157 | |
| 158 | function new_password_form($error = null) |
| 159 | { |
| 160 | $TEMPLATE = template_path(); |
| 161 | if ($error) |
| 162 | include $TEMPLATE . 'error.htm'; |
| 163 | include $TEMPLATE . "recover_new_password_form.htm"; |
| 164 | } |
| 165 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 166 | |
| 167 | // PAGE |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 168 | include $TEMPLATE . "header.htm"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 169 | |
| 170 | if ($_SERVER["REQUEST_METHOD"] == "POST") { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 171 | if (isset($_POST['type'])) { |
| 172 | switch ($_POST['type']) { |
| 173 | case "register": |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 174 | $user = new User($_POST["username"], $_POST["name"], $_POST["last_name"], $_POST["email"], $_POST["password"]); |
| 175 | if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) { |
| 176 | include $TEMPLATE . "registration_limit.htm"; |
| 177 | } else { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 178 | $error = verify_request($user); |
| 179 | if ($error) |
| 180 | register_page($error); |
| 181 | else |
| 182 | approve_request($user); |
| 183 | } |
| 184 | break; |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 185 | case "recover": |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 186 | $TEMPLATE = template_path(); |
| 187 | unset($_SESSION['captcha_token']); |
| 188 | include $TEMPLATE . 'strings.php'; |
| 189 | |
| 190 | $email = $_POST["email"]; |
| 191 | if (!ldap_mail_count($email)) { |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 192 | unset($_POST['email']); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 193 | $error = $error . $STRINGS->recover_email_not_registered; |
| 194 | } |
| 195 | |
| 196 | if (!(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) { |
| 197 | $error = $error . $STRINGS->wrong_captcha; |
| 198 | } |
| 199 | |
| 200 | unset($_SESSION["captcha"]); |
| 201 | if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) { |
| 202 | include $TEMPLATE . "registration_limit.htm"; |
| 203 | } else { |
| 204 | if ($error) { |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 205 | recover_form($error); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 206 | } else { |
| 207 | include $TEMPLATE . 'strings.php'; |
| 208 | $token = generateRandomString(); |
| 209 | redis_set($token, $email, $MAIL_CONFIRMATION_AWAIT_DELAY); |
| 210 | |
| 211 | $url = $BASE_URL . "?type=password_change&token=" . $token; |
| 212 | if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK)) |
| 213 | $smtp = $FALLBACK_SMTP; |
| 214 | else |
| 215 | $smtp = $SMTP; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 216 | $_SESSION['resend'] = generateRandomString(12); |
| 217 | $_SESSION['token'] = $token; |
| 218 | $_SESSION['email'] = $email; |
| 219 | $_SESSION['recover'] = $email; |
| 220 | $TEMPLATE = template_path(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 221 | send_recovery_email($email, $smtp, $url); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 222 | include $TEMPLATE . "confirm_your_email.htm"; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 223 | } |
| 224 | } |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 225 | break; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 226 | |
| 227 | case "password_change": |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 228 | $password = $_POST['password']; |
| 229 | $error = validate_password($password); |
| 230 | if ($error) { |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 231 | new_password_form($error); |
| 232 | } else { |
| 233 | $TEMPLATE = template_path(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 234 | include $TEMPLATE . "recover_success.htm"; |
| 235 | include $TEMPLATE . "email.php"; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 236 | $email = $_SESSION["email_change"]; |
| 237 | if (change_password($email, $password)) { |
| 238 | if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK)) |
| 239 | $smtp = $FALLBACK_SMTP; |
| 240 | else |
| 241 | $smtp = $SMTP; |
| 242 | send_mail($email, $smtp, $PASSWORD_CHANGED_EMAIL_TEMPLATE); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 243 | } else { |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 244 | include $TEMPLATE . "strings.php"; |
| 245 | echo $STRINGS->change_password_ldap_error; |
| 246 | } |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 247 | unset($_SESSION["email_change"]); |
| 248 | redis_delete($_SESSION['token']); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 249 | } |
| 250 | break; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 251 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 252 | } |
| 253 | } elseif (isset($_GET['type'])) { |
| 254 | switch ($_GET['type']) { |
| 255 | case "confirmation": |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 256 | if (!isset($_GET["token"])) { |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 257 | echo $RUNTIME_ERROR->user_trying_invalid_get; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 258 | } else { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 259 | $token = $_GET["token"]; |
| 260 | $user = redis_get($token); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 261 | if ($user && gettype($user) == "object") { |
| 262 | if (ldap_add_user($user)) { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 263 | if ($REDIRECT_TO) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 264 | header("refresh:5;url=" . $REDIRECT_TO); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 265 | |
| 266 | $pending = redis_get("pending"); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 267 | if ($pending) { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 268 | $maillist = $pending->mails; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 269 | if (in_array($user->email, $maillist)) { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 270 | unset($maillist[array_search($user->email, $maillist)]); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 271 | redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 272 | } |
| 273 | } |
| 274 | redis_inc_ipdata(getClientIP(), "register"); |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 275 | echo $STRINGS->email_confirmation; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 276 | include $TEMPLATE . "mail_confirmed.htm"; |
| 277 | } else { |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 278 | echo $STRINGS->email_confirmation; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 279 | include $TEMPLATE . "registration_error.htm"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 280 | } |
| 281 | redis_delete($token); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 282 | } else { |
| 283 | include $TEMPLATE . "token_expired.htm"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 284 | } |
| 285 | } |
| 286 | break; |
| 287 | case "resend": |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 288 | if (isset($_GET['token']) && isset($_SESSION['resend']) && $_GET['token'] == $_SESSION['resend']) { |
| 289 | include $TEMPLATE . "resend_mail.htm"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 290 | $token = $_SESSION['token']; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 291 | $url = $BASE_URL . "?type=confirmation&token=" . $token; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 292 | $smtp = $FALLBACK_SMTP; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 293 | $address = $_SESSION["email"]; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 294 | if (isset($_SESSION['recover'])) { |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 295 | $url = $BASE_URL . "?type=password_change&token=" . $token; |
| 296 | send_recovery_email($address, $smtp, $url); |
| 297 | unset($_SESSION['recover']); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 298 | } else |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 299 | send_confirmation_email($address, $smtp, $url); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 300 | unset($_SESSION['resend']); |
| 301 | unset($_SESSION['token']); |
| 302 | unset($_SESSION['email']); |
| 303 | } |
| 304 | break; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 305 | |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 306 | case "recover": |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 307 | recover_form(); |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 308 | break; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 309 | |
| 310 | case "password_change": |
| 311 | $TEMPLATE = template_path(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 312 | $token = $_GET["token"]; |
| 313 | $email = redis_get($token); |
| 314 | $_SESSION["email_change"] = $email; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 315 | $_SESSION["token"] = $token; |
| 316 | if ($email && gettype($email) == "string") { |
| 317 | new_password_form(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 318 | } else { |
| 319 | include $TEMPLATE . "token_expired.htm"; |
| 320 | } |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 321 | break; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 322 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 323 | } else { |
| 324 | unset($_SESSION['captcha_token']); |
| 325 | register_page(); |
| 326 | } |
| 327 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 328 | include $TEMPLATE . "bottom.htm"; |