--- /dev/null
+<?php
+/**********************************************************************
+ Copyright (C) FrontAccounting, LLC.
+ Released under the terms of the GNU General Public License, GPL,
+ as published by the Free Software Foundation, either version 3
+ of the License, or (at your option) any later version.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+ if (!isset($path_to_root) || isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
+ die(_("Restricted access"));
+ include_once($path_to_root . "/includes/ui.inc");
+ include_once($path_to_root . "/includes/page/header.inc");
+
+ $js = "<script language='JavaScript' type='text/javascript'>
+function defaultCompany()
+{
+ document.forms[0].company_login_name.options[".$_SESSION["wa_current_user"]->company."].selected = true;
+}
+</script>";
+ add_js_file('login.js');
+
+ if (!isset($def_coy))
+ $def_coy = 0;
+ $def_theme = "default";
+
+ $login_timeout = $_SESSION["wa_current_user"]->last_act;
+
+ $title = $app_title." ".$version." - "._("Password reset");
+ $encoding = isset($_SESSION['language']->encoding) ? $_SESSION['language']->encoding : "iso-8859-1";
+ $rtl = isset($_SESSION['language']->dir) ? $_SESSION['language']->dir : "ltr";
+ $onload = !$login_timeout ? "onload='defaultCompany()'" : "";
+
+ echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n";
+ echo "<html dir='$rtl' >\n";
+ echo "<head profile=\"http://www.w3.org/2005/10/profile\"><title>$title</title>\n";
+ echo "<meta http-equiv='Content-type' content='text/html; charset=$encoding' />\n";
+ echo "<link href='$path_to_root/themes/$def_theme/default.css' rel='stylesheet' type='text/css'> \n";
+ echo "<link href='$path_to_root/themes/default/images/favicon.ico' rel='icon' type='image/x-icon'> \n";
+ send_scripts();
+ echo $js;
+ echo "</head>\n";
+
+ echo "<body id='loginscreen' $onload>\n";
+
+ echo "<table class='titletext'><tr><td>$title</td></tr></table>\n";
+
+ div_start('_page_body');
+ br();br();
+ start_form(false, false, @$_SESSION['timeout']['uri'], "resetform");
+ start_table(false, "class='login'");
+ start_row();
+ echo "<td align='center' colspan=2>";
+ echo "<a target='_blank' href='$power_url'><img src='$path_to_root/themes/$def_theme/images/logo_frontaccounting.png' alt='FrontAccounting' height='50' onload='fixPNG(this)' border='0' /></a>";
+ echo "</td>\n";
+ end_row();
+
+ echo "<input type='hidden' id=ui_mode name='ui_mode' value='".$_SESSION["wa_current_user"]->ui_mode."' />\n";
+ table_section_title(_("Version")." $version Build $build_version - "._("Password reset"));
+
+ text_row(_("Email"), "email_entry_field", "", 20, 30);
+
+ if (isset($_SESSION['wa_current_user']->company))
+ $coy = $_SESSION['wa_current_user']->company;
+ else
+ $coy = $def_coy;
+ if (!@$text_company_selection) {
+ echo "<tr><td>"._("Company")."</td><td><select name='company_login_name'>\n";
+ for ($i = 0; $i < count($db_connections); $i++)
+ echo "<option value=$i ".($i==$coy ? 'selected':'') .">" . $db_connections[$i]["name"] . "</option>";
+ echo "</select>\n";
+ echo "</td></tr>";
+ } else {
+// $coy = $def_coy;
+ text_row(_("Company"), "company_login_nickname", "", 20, 50);
+ }
+ start_row();
+ label_cell("Please enter your e-mail", "colspan=2 align='center' id='log_msg'");
+ end_row();
+ end_table(1);
+ echo "<center><input type='submit' value=' "._("Send password -->")." ' name='SubmitReset'
+ onclick='set_fullmode();' /></center>\n";
+
+ end_form(1);
+ $Ajax->addScript(true, "document.forms[0].password.focus();");
+
+ echo "<script language='JavaScript' type='text/javascript'>
+ //<![CDATA[
+ <!--
+ document.forms[0].email_entry_field.select();
+ document.forms[0].email_entry_field.focus();
+ //-->
+ //]]>
+ </script>";
+ div_end();
+ echo "<table class='bottomBar'>\n";
+ echo "<tr>";
+ if (isset($_SESSION['wa_current_user']))
+ $date = Today() . " | " . Now();
+ else
+ $date = date("m/d/Y") . " | " . date("h.i am");
+ echo "<td class='bottomBarCell'>$date</td>\n";
+ echo "</tr></table>\n";
+ echo "<table class='footer'>\n";
+ echo "<tr>\n";
+ echo "<td><a target='_blank' href='$power_url' tabindex='-1'>$app_title $version - " . _("Theme:") . " " . $def_theme . "</a></td>\n";
+ echo "</tr>\n";
+ echo "<tr>\n";
+ echo "<td><a target='_blank' href='$power_url' tabindex='-1'>$power_by</a></td>\n";
+ echo "</tr>\n";
+ echo "</table><br><br>\n";
+ echo "</body></html>\n";
+
+?>
die();
}
+function password_reset_fail()
+{
+ global $path_to_root;
+
+ echo "<center><br><br><font size='5' color='red'><b>" . _("Incorrect Email") . "<b></font><br><br>";
+ echo "<b>" . _("The email address does not exist in the system.") . "<b><br><br>";
+
+ echo _("If you are not an authorized user, please contact your system administrator to obtain an account to enable you to use the system.");
+ echo "<br><a href='$path_to_root/index.php?reset=1'>" . _("Try again") . "</a>";
+ echo "</center>";
+
+ kill_login();
+ die();
+}
+
+function password_reset_success()
+{
+ global $path_to_root;
+
+ echo "<center><br><br><font size='5' color='green'><b>" . _("New password sent") . "<b></font><br><br>";
+ echo "<b>" . _("A new password has been sent to your mailbox.") . "<b><br><br>";
+
+ echo "<br><a href='$path_to_root/index.php'>" . _("Login here") . "</a>";
+ echo "</center>";
+
+ kill_login();
+ die();
+}
+
function check_faillog()
{
global $login_delay, $login_faillog, $login_max_attempts;
if (!$_SESSION["wa_current_user"]->logged_in())
{
+ if (@$allow_password_reset && !$allow_demo_mode
+ && (isset($_GET['reset']) || isset($_POST['email_entry_field']))) {
+ if (!isset($_POST["email_entry_field"])) {
+ include($path_to_root . "/access/password_reset.php");
+ exit();
+ }
+ else {
+ if (isset($_POST["company_login_nickname"]) && !isset($_POST["company_login_name"])) {
+ for ($i = 0; $i < count($db_connections); $i++) {
+ if ($db_connections[$i]["name"] == $_POST["company_login_nickname"]) {
+ $_POST["company_login_name"] = $i;
+ unset($_POST["company_login_nickname"]);
+ break 1; // cannot pass variables to break from PHP v5.4 onwards
+ }
+ }
+ }
+ $_succeed = isset($db_connections[$_POST["company_login_name"]]) &&
+ $_SESSION["wa_current_user"]->reset_password($_POST["company_login_name"],
+ $_POST["email_entry_field"]);
+ if ($_succeed)
+ {
+ password_reset_success();
+ }
+
+ password_reset_fail();
+ }
+ }
// Show login screen
if (!isset($_POST["user_name_entry_field"]) or $_POST["user_name_entry_field"] == "")
{
projects / fa-stable.git / commitdiff