user = $_REQUEST['user'];
$obj->captcha = $_REQUEST['captcha'];
$obj->reloadCaptcha = false;
$obj->session_id = session_id();
/*
$obj->post = $_POST;
$obj->get = $_GET;
$obj->input = file_get_contents("php://input");
$obj->request = $_REQUEST;
*/
header('Content-Type: application/json');
if (empty($user->getStatus())) {
$obj->error = __("User not found");
die(json_encode($obj));
}
if ($user->getStatus() !== 'a') {
$obj->error = __("The user is not active");
die(json_encode($obj));
}
if (!empty($user->getEmail())) {
$recoverPass = $user->setRecoverPass();
if (empty($_REQUEST['captcha'])) {
$obj->error = __("Captcha is empty");
} else {
require_once 'captcha.php';
$valid = Captcha::validation($_REQUEST['captcha']);
if ($valid) {
if ($user->save()) {
if (empty($advancedCustomUser)) {
$advancedCustomUser = AVideoPlugin::getObjectData("CustomizeUser");
}
$url = "{$global['webSiteRootURL']}recoverPass";
$url = addQueryStringParameter($url, 'user', $_REQUEST['user']);
$url = addQueryStringParameter($url, 'recoverpass', $recoverPass);
$to = $user->getEmail();
$subject = __($advancedCustomUser->recoverPassSubject) . ' ' . $config->getWebSiteTitle();
$message = __($advancedCustomUser->recoverPassText) . "
" . __("Reset password") . "
IP: " . getRealIpAddr();
$fromEmail = $config->getContactEmail();
$resp = sendSiteEmail($to, $subject, $message, $fromEmail);
//send the message, check for errors
if (!$resp) {
$obj->error = __("Message could not be sent") . " " . $mail->ErrorInfo;
} else {
$obj->success = __("Message sent");
}
} else {
$obj->error = __("Recover password could not be saved!");
}
} else {
$obj->error = __("Your code is not valid");
$obj->reloadCaptcha = true;
}
}
} else {
$obj->error = __("You do not have an e-mail");
}
die(json_encode($obj));
} else {
_error_log("RecoverPass start user={$_POST['user']} " .' IP='.getRealIpAddr().' '. ' Line='.__LINE__.' '.$_SERVER['HTTP_USER_AGENT'] . json_encode(debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS)));
$readonly = '';
if ($user->getRecoverPass() !== $_REQUEST['recoverpass']) {
//forbiddenPage('The recover pass does not match!');
$recoverPass = '';
} else {
$readonly = 'readonly';
$recoverPass = $user->getRecoverPass();
}
$_page = new Page(array('Recover Password'));
?>
print();
exit;
}