+ function handler_recovery_ext($page)
+ {
+ $page->changeTpl('xnet/recovery.tpl');
+
+ if (!Post::has('login')) {
+ return;
+ }
+
+ $user = User::getSilent(Post::t('login'));
+ if (is_null($user)) {
+ $page->trigError('Le compte n\'existe pas.');
+ return;
+ }
+ if ($user->state != 'active') {
+ $page->trigError('Ton compte n\'est pas activé.');
+ return;
+ }
+
+ $page->assign('ok', true);
+
+ $hash = rand_url_id();
+ XDB::execute('INSERT INTO account_lost_passwords (uid, created, certificat)
+ VALUES ({?}, NOW(), {?})',
+ $user->id(), $hash);
+
+ $mymail = new PlMailer('platal/password_recovery_xnet.mail.tpl');
+ $mymail->setTo($user);
+ $mymail->assign('hash', $hash);
+ $mymail->assign('email', Post::t('login'));
+ $mymail->send();
+
+ S::logger($user->id())->log('recovery', $user->bestEmail());
+ }
+
+ function handler_tmpPWD($page, $certif = null)
+ {
+ global $globals;
+ XDB::execute('DELETE FROM account_lost_passwords
+ WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
+
+ if (Post::has('pwhash') && Post::t('pwhash')) {
+ $uid = XDB::fetchOneCell('SELECT uid
+ FROM accounts
+ WHERE hruid = {?}',
+ Post::t('username'));
+ $password = Post::t('pwhash');
+ XDB::query('UPDATE accounts
+ SET password = {?}
+ WHERE uid = {?} AND state = \'active\'',
+ $password, $uid);
+ XDB::query('DELETE FROM account_lost_passwords
+ WHERE certificat = {?}', $certif);
+
+ // If GoogleApps is enabled, and the user did choose to use synchronized passwords,
+ // updates the Google Apps password as well.
+ if ($globals->mailstorage->googleapps_domain) {
+ require_once 'googleapps.inc.php';
+ $account = new GoogleAppsAccount(User::getSilent($uid));
+ if ($account->active() && $account->sync_password) {
+ $account->set_password($password);
+ }
+ }
+
+ S::logger($uid)->log("passwd", "");
+
+ // Try to start a session (so the user don't have to log in); we will use
+ // the password available in Post:: to authenticate the user.
+ Platal::session()->start(AUTH_PASSWD);
+
+ $page->changeTpl('platal/tmpPWD.success.tpl');