option MAIL_RESET_PASS (closes #11)

This commit is contained in:
Andrew Dolgov 2005-12-20 07:51:06 +01:00
parent 8629e09d9b
commit 72932a754f
4 changed files with 56 additions and 17 deletions

View File

@ -3199,8 +3199,10 @@
$login = db_escape_string($_GET["l"]); $login = db_escape_string($_GET["l"]);
$uid = db_escape_string($_GET["id"]); $uid = db_escape_string($_GET["id"]);
$access_level = sprintf("%d", $_GET["al"]); $access_level = sprintf("%d", $_GET["al"]);
$email = db_escape_string($_GET["e"]);
db_query($link, "UPDATE ttrss_users SET login = '$login', access_level = '$access_level' WHERE id = '$uid'"); db_query($link, "UPDATE ttrss_users SET login = '$login',
access_level = '$access_level', email = '$email' WHERE id = '$uid'");
} }
} else if ($subop == "remove") { } else if ($subop == "remove") {
@ -3251,9 +3253,11 @@
$uid = db_escape_string($_GET["id"]); $uid = db_escape_string($_GET["id"]);
$result = db_query($link, "SELECT login FROM ttrss_users WHERE id = '$uid'"); $result = db_query($link, "SELECT login,email
FROM ttrss_users WHERE id = '$uid'");
$login = db_fetch_result($result, 0, "login"); $login = db_fetch_result($result, 0, "login");
$email = db_fetch_result($result, 0, "email");
$tmp_user_pwd = make_password(8); $tmp_user_pwd = make_password(8);
$pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
@ -3261,7 +3265,24 @@
WHERE id = '$uid'"); WHERE id = '$uid'");
print "<div class=\"notice\">Changed password of print "<div class=\"notice\">Changed password of
user <b>$login</b> to <b>$tmp_user_pwd</b>.</div>"; user <b>$login</b> to <b>$tmp_user_pwd</b>.";
if (MAIL_RESET_PASS && $email) {
print " Notifying <b>$email</b>.";
mail("$login <$email>", "Password reset notification",
"Hi, $login.\n".
"\n".
"Your password for this TT-RSS installation was reset by".
" an administrator.\n".
"\n".
"Your new password is $tmp_user_pwd, please remember".
" it for later reference.\n".
"\n".
"Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
}
print "</div>";
} }
} }
@ -3273,7 +3294,7 @@
onclick=\"javascript:addUser()\" value=\"Add user\"></div>"; onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
$result = db_query($link, "SELECT $result = db_query($link, "SELECT
id,login,access_level, id,login,access_level,email,
SUBSTRING(last_login,1,16) as last_login SUBSTRING(last_login,1,16) as last_login
FROM FROM
ttrss_users ttrss_users
@ -3294,9 +3315,10 @@
print "<tr class=\"title\"> print "<tr class=\"title\">
<td align='center' width=\"5%\">&nbsp;</td> <td align='center' width=\"5%\">&nbsp;</td>
<td width='30%'>Username</td> <td width='20%'>Username</td>
<td width='30%'>Access Level</td> <td width='20%'>E-mail</td>
<td width='30%'>Last login</td></tr>"; <td width='20%'>Access Level</td>
<td width='20%'>Last login</td></tr>";
$lnum = 0; $lnum = 0;
@ -3321,40 +3343,49 @@
$line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'), $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
strtotime($line["last_login"])); strtotime($line["last_login"]));
if ($uid == $_SESSION["uid"]) { /* if ($uid == $_SESSION["uid"]) {
print "<td align='center'><input disabled=\"true\" type=\"checkbox\" print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
id=\"UMCHK-".$line["id"]."\"></td>"; id=\"UMCHK-".$line["id"]."\"></td>";
print "<td>".$line["login"]."</td>"; print "<td>".$line["login"]."</td>";
print "<td>".$line["access_level"]."</td>"; print "<td>".$line["email"]."</td>";
print "<td>".$line["access_level"]."</td>";
} else if (!$edit_uid || $subop != "edit") { } else */ if (!$edit_uid || $subop != "edit") {
print "<td align='center'><input onclick='toggleSelectRow(this);' print "<td align='center'><input onclick='toggleSelectRow(this);'
type=\"checkbox\" id=\"UMCHK-$uid\"></td>"; type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
print "<td><a href=\"javascript:editUser($uid);\">" . print "<td><a href=\"javascript:editUser($uid);\">" .
$line["login"] . "</td>"; $line["login"] . "</td>";
print "<td><a href=\"javascript:editUser($uid);\">" .
$line["email"] . "</td>";
print "<td><a href=\"javascript:editUser($uid);\">" . print "<td><a href=\"javascript:editUser($uid);\">" .
$line["access_level"] . "</td>"; $line["access_level"] . "</td>";
} else if ($uid != $edit_uid) { } else if ($uid != $edit_uid) {
print "<td><input disabled=\"true\" type=\"checkbox\" print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
id=\"UMCHK-".$line["id"]."\"></td>"; id=\"UMCHK-".$line["id"]."\"></td>";
print "<td>".$line["login"]."</td>"; print "<td>".$line["login"]."</td>";
print "<td>".$line["email"]."</td>";
print "<td>".$line["access_level"]."</td>"; print "<td>".$line["access_level"]."</td>";
} else { } else {
print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>"; print "<td align='center'>
<input disabled=\"true\" type=\"checkbox\" checked></td>";
print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"]. print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
"\"></td>"; "\"></td>";
print "<td><input id=\"iedit_email\" value=\"".$line["email"].
"\"></td>";
print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"]. print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
"\"></td>"; "\"></td>";

View File

@ -59,4 +59,11 @@
define('ENABLE_LOGIN_SSL', false); define('ENABLE_LOGIN_SSL', false);
// Redirect to SSL url for login // Redirect to SSL url for login
define('MAIL_RESET_PASS', true);
// Send mail to user on password reset
define('MAIL_FROM', 'TT-RSS Daemon <noreply@ttrss.your-shiny-host.org>');
// Pretty obvious, I suppose.
// vim:ft=php
?> ?>

View File

@ -864,6 +864,7 @@ function userEditSave() {
var login = document.getElementById("iedit_ulogin").value; var login = document.getElementById("iedit_ulogin").value;
var level = document.getElementById("iedit_ulevel").value; var level = document.getElementById("iedit_ulevel").value;
var email = document.getElementById("iedit_email").value;
if (login.length == 0) { if (login.length == 0) {
notify("Login cannot be blank."); notify("Login cannot be blank.");
@ -880,8 +881,8 @@ function userEditSave() {
notify("Saving user..."); notify("Saving user...");
xmlhttp.open("GET", "backend.php?op=pref-users&subop=editSave&id=" + xmlhttp.open("GET", "backend.php?op=pref-users&subop=editSave&id=" +
user + "&l=" + param_escape(login) + "&al=" + param_escape(level), user + "&l=" + param_escape(login) + "&al=" + param_escape(level) +
true); "&e=" + param_escape(email), true);
xmlhttp.onreadystatechange=userlist_callback; xmlhttp.onreadystatechange=userlist_callback;
xmlhttp.send(null); xmlhttp.send(null);

View File

@ -319,7 +319,7 @@ a:hover {
#iedit_title, #iedit_link, #iedit_regexp, #iedit_descr, #iedit_expr, #iedit_updintl, #iedit_title, #iedit_link, #iedit_regexp, #iedit_descr, #iedit_expr, #iedit_updintl,
#iedit_purgintl, #iedit_ulogin, #iedit_ulevel, #iedit_match, #iedit_feed, #iedit_purgintl, #iedit_ulogin, #iedit_ulevel, #iedit_match, #iedit_feed,
#iedit_fcat, #iedit_filter_action, #iedit_login, #iedit_pass { #iedit_fcat, #iedit_filter_action, #iedit_login, #iedit_pass, #iedit_email {
width : 100%; width : 100%;
padding-left : 2px; padding-left : 2px;
} }