". t('Login') .'
'. variable_get('securesite_login_form', t('

Enter your username and password.

')) . (!isset($_POST['securesite_request_form']) ? theme('status_messages') : '') .'

'; } /** * Returns complete form for password reset request (if enabled) * * @return * HTML used in the Secure Site dialog when the HTTP Auth dialog is cancelled */ function _securesite_request_form() { $securesite_enabled = variable_get('securesite_enabled', SECURESITE_DISABLED); $output = ''; if ($form_msg = variable_get('securesite_request_form', t('

Enter your username or e-mail address.

'))) { if ($securesite_enabled == SECURESITE_FORM) { // Only output the HR if also outputting the login form $output = "
\n\n "; } $output .= "\n

". t('Password Reset') .'

'. $form_msg .'
'. theme('status_messages') .'

'; } else if ($securesite_enabled == SECURESITE_AUTH) { // If password reset is disabled and the login form isn't being used, // output a message to the user informing them how to login $output = theme('status_messages') .'

'. t('Reload the page to try logging in again.') ."

\n"; } return $output; } /** * Print HTML dialog page for Secure Site * * @param $content * HTML to output for the login and/or password reset form */ function _securesite_dialog_page($content) { $theme_path = drupal_get_path('theme', variable_get('theme_default', 'garland')); $dialog_file = '/securesite-dialog.tpl.php'; if (file_exists($theme_path . $dialog_file)) { include_once($theme_path . $dialog_file); } else { include_once(drupal_get_path('module', 'securesite') . $dialog_file); } } /** * Process password reset requests * * @param $edit * Username or e-mail address of user requesting password reset */ function _securesite_password_reset($edit = array()) { // Only look-up information if input was given if (($edit['name'] || $edit['mail'])) { // User must have an active account $load['status'] = 1; // Only create array keys/values if something was entered, otherwise // user_load() will fail if (!empty($edit['name'])) { $load['name'] = $edit['name']; } if (!empty($edit['mail'])) { $load['mail'] = $edit['mail']; } // Check account information $account = user_load($load); if ($account->uid) { // Valid account, e-mail the user a new password // Generate a new password for this user $account = user_save($account, array('pass' => user_password())); // Mail new password $variables = array( '!username' => $account->name, '!site' => variable_get('site_name', 'Drupal'), '!login_url' => user_pass_reset_url($account), '!uri' => $base_url, '!uri_brief' => preg_replace('`^https?://`i', '', $base_url), '!mailto' => $account->mail, '!date' => format_date(time()), '!login_uri' => url('user', NULL, NULL, TRUE), '!edit_uri' => url('user/'. $account->uid .'/edit', NULL, NULL, TRUE), ); $subject = _user_mail_text('pass_subject', $variables); $body = _user_mail_text('pass_body', $variables); $mail_success = drupal_mail('securesite-password', $account->mail, $subject, $body); if ($mail_success) { watchdog('user', t('Password mailed to %name at %email.', array('%name' => $account->name, '%email' => $account->mail))); // Exit here because presumably the user can't do anything more before // visiting the password reset URL _securesite_dialog_page('

'. t('Further instructions have been e-mailed to you.') ."

\n"); session_write_close(); module_invoke_all('exit', request_uri()); exit(); } else { // Note: At this point, the user's password has already been reset watchdog('user', t('Error mailing password to %name at %email.', array('%name' => $account->name, '%email' => $account->mail)), WATCHDOG_ERROR); drupal_set_message(t('Unable to send mail. Please contact the site admin.'), 'error'); } } else { // Name or mail not valid or account disabled drupal_set_message(t('Unrecognized username or e-mail address.'), 'error'); } } else { // Nothing entered drupal_set_message(t('Unrecognized username or e-mail address.'), 'error'); } }