". t('Login') .' '; } /** * Returns complete form for password reset request (if enabled) * * @return * HTML used in the Secure Site dialog when the HTTP Auth dialog is cancelled */ function _securesite_request_form() { $securesite_enabled = variable_get('securesite_enabled', SECURESITE_DISABLED); $output = ''; if ($form_msg = variable_get('securesite_request_form', t('

Enter your username or e-mail address.

'))) { if ($securesite_enabled == SECURESITE_FORM) { // Only output the HR if also outputting the login form $output = "

\n\n "; } $output .= "\n

". t('Password Reset') .'

'. $form_msg .'

'. theme('status_messages') .' '; } else if ($securesite_enabled == SECURESITE_AUTH) { // If password reset is disabled and the login form isn't being used, // output a message to the user informing them how to login $output = theme('status_messages') .'

'. t('Reload the page to try logging in again.') ."

\n"; } return $output; } /** * Print HTML dialog page for Secure Site * * @param $content * HTML to output for the login and/or password reset form */ function _securesite_dialog_page($content) { $theme_path = drupal_get_path('theme', variable_get('theme_default', 'garland')); $dialog_file = '/securesite-dialog.tpl.php'; if (file_exists($theme_path . $dialog_file)) { include_once($theme_path . $dialog_file); } else { include_once(drupal_get_path('module', 'securesite') . $dialog_file); } } /** * Process password reset requests * * @param $edit * Username or e-mail address of user requesting password reset */ function _securesite_password_reset($edit = array()) { global $base_url; // Only look-up information if input was given if ($edit['name'] || $edit['mail']) { // User must have an active account $load['status'] = 1; // Only create array keys/values if something was entered, otherwise // user_load() will fail if (!empty($edit['name'])) { $load['name'] = $edit['name']; } if (!empty($edit['mail'])) { $load['mail'] = $edit['mail']; } // Check account information $account = user_load($load); if ($account && $account->uid) { // Valid account, e-mail the user a new password // Generate a new password for this user $account = user_save($account, array('pass' => user_password())); // Mail new password $language = user_preferred_language($account); $variables = array( '!username' => $account->name, '!site' => variable_get('site_name', 'Drupal'), '!login_url' => user_pass_reset_url($account), '!uri' => $base_url, '!uri_brief' => preg_replace('`^https?://`i', '', $base_url), '!mailto' => $account->mail, '!date' => format_date(time()), '!login_uri' => url('user', array('absolute' => TRUE, 'language' => $language)), '!edit_uri' => url('user/'. $account->uid .'/edit', array('absolute' => TRUE, 'language' => $language)), ); $params['subject'] = _user_mail_text('password_reset_subject', $language, $variables); $params['body'] = _user_mail_text('password_reset_body', $language, $variables); $message = drupal_mail('securesite', 'password', $account->mail, $language, $params); if ($message['result']) { watchdog('user', 'Password mailed to %name at %email.', array('%name' => $account->name, '%email' => $account->mail)); // Exit here because presumably the user can't do anything more before // visiting the password reset URL _securesite_dialog_page('

'. t('Further instructions have been e-mailed to you.') ."

\n"); session_write_close(); module_invoke_all('exit', request_uri()); exit(); } else { // Note: At this point, the user's password has already been reset watchdog('mail', 'Error mailing password to %name at %email.', array('%name' => $account->name, '%email' => $account->mail), WATCHDOG_ERROR); drupal_set_message(t('Unable to send e-mail. Please contact the site admin.'), 'error'); } } else { // Name or mail not valid or account disabled drupal_set_message(t('Unrecognized username or e-mail address.'), 'error'); } } else { // Nothing entered drupal_set_message(t('Unrecognized username or e-mail address.'), 'error'); } }