You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
372 lines
14 KiB
PHP
372 lines
14 KiB
PHP
<?php
|
|
/*******************************************************************************
|
|
* Title: Help Desk Software HESK
|
|
* Version: 2.6.0 from 22nd February 2015
|
|
* Author: Klemen Stirn
|
|
* Website: http://www.hesk.com
|
|
********************************************************************************
|
|
* COPYRIGHT AND TRADEMARK NOTICE
|
|
* Copyright 2005-2015 Klemen Stirn. All Rights Reserved.
|
|
* HESK is a registered trademark of Klemen Stirn.
|
|
|
|
* The HESK may be used and modified free of charge by anyone
|
|
* AS LONG AS COPYRIGHT NOTICES AND ALL THE COMMENTS REMAIN INTACT.
|
|
* By using this code you agree to indemnify Klemen Stirn from any
|
|
* liability that might arise from it's use.
|
|
|
|
* Selling the code for this program, in part or full, without prior
|
|
* written consent is expressly forbidden.
|
|
|
|
* Using this code, in part or full, to create derivate work,
|
|
* new scripts or products is expressly forbidden. Obtain permission
|
|
* before redistributing this software over the Internet or in
|
|
* any other medium. In all cases copyright and header must remain intact.
|
|
* This Copyright is in full effect in any country that has International
|
|
* Trade Agreements with the United States of America or
|
|
* with the European Union.
|
|
|
|
* Removing any of the copyright notices without purchasing a license
|
|
* is expressly forbidden. To remove HESK copyright notice you must purchase
|
|
* a license for this script. For more information on how to obtain
|
|
* a license please visit the page below:
|
|
* https://www.hesk.com/buy.php
|
|
*******************************************************************************/
|
|
|
|
define('IN_SCRIPT',1);
|
|
define('HESK_PATH','../');
|
|
|
|
/* Get all the required files and functions */
|
|
require(HESK_PATH . 'hesk_settings.inc.php');
|
|
require(HESK_PATH . 'modsForHesk_settings.inc.php');
|
|
require(HESK_PATH . 'inc/common.inc.php');
|
|
|
|
// Is the password reset function enabled?
|
|
if ( ! $hesk_settings['reset_pass'])
|
|
{
|
|
die($hesklang['attempt']);
|
|
}
|
|
|
|
// Allow additional 5 attempts in case the user is already blocked
|
|
$hesk_settings['attempt_limit'] += 5;
|
|
|
|
// Start session
|
|
hesk_session_start();
|
|
|
|
if (!isset($_SESSION['a_iserror']))
|
|
{
|
|
$_SESSION['a_iserror'] = array();
|
|
}
|
|
|
|
$hesk_error_buffer = array();
|
|
|
|
// If this is a POST method, check input
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST')
|
|
{
|
|
// Verify security image
|
|
if ($hesk_settings['secimg_use'])
|
|
{
|
|
// Using ReCaptcha?
|
|
if ($hesk_settings['recaptcha_use'] == 1)
|
|
{
|
|
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
|
|
|
|
$resp = recaptcha_check_answer($hesk_settings['recaptcha_private_key'],
|
|
$_SERVER['REMOTE_ADDR'],
|
|
hesk_POST('recaptcha_challenge_field', ''),
|
|
hesk_POST('recaptcha_response_field', '')
|
|
);
|
|
|
|
if ($resp->is_valid)
|
|
{
|
|
//$_SESSION['img_a_verified']=true;
|
|
}
|
|
else
|
|
{
|
|
$hesk_error_buffer['mysecnum']=$hesklang['recaptcha_error'];
|
|
}
|
|
}
|
|
// Using ReCaptcha API v2?
|
|
elseif ($hesk_settings['recaptcha_use'] == 2)
|
|
{
|
|
require(HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php');
|
|
|
|
$resp = null;
|
|
$reCaptcha = new ReCaptcha($hesk_settings['recaptcha_private_key']);
|
|
|
|
// Was there a reCAPTCHA response?
|
|
if ( isset($_POST["g-recaptcha-response"]) )
|
|
{
|
|
$resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response") );
|
|
}
|
|
|
|
if ($resp != null && $resp->success)
|
|
{
|
|
//$_SESSION['img_a_verified']=true;
|
|
}
|
|
else
|
|
{
|
|
$hesk_error_buffer['mysecnum']=$hesklang['recaptcha_error'];
|
|
}
|
|
}
|
|
// Using PHP generated image
|
|
else
|
|
{
|
|
$mysecnum = intval( hesk_POST('mysecnum', 0) );
|
|
|
|
if ( empty($mysecnum) )
|
|
{
|
|
$hesk_error_buffer['mysecnum'] = $hesklang['sec_miss'];
|
|
}
|
|
else
|
|
{
|
|
require(HESK_PATH . 'inc/secimg.inc.php');
|
|
$sc = new PJ_SecurityImage($hesk_settings['secimg_sum']);
|
|
if ( isset($_SESSION['checksum']) && $sc->checkCode($mysecnum, $_SESSION['checksum']) )
|
|
{
|
|
//$_SESSION['img_a_verified'] = true;
|
|
}
|
|
else
|
|
{
|
|
$hesk_error_buffer['mysecnum'] = $hesklang['sec_wrng'];
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Connect to database and check for brute force attempts
|
|
hesk_load_database_functions();
|
|
hesk_dbConnect();
|
|
hesk_limitBfAttempts();
|
|
|
|
// Get email
|
|
$email = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email'];
|
|
|
|
// Any errors?
|
|
if (count($hesk_error_buffer)!=0)
|
|
{
|
|
$_SESSION['a_iserror'] = array_keys($hesk_error_buffer);
|
|
|
|
$tmp = '';
|
|
foreach ($hesk_error_buffer as $error)
|
|
{
|
|
$tmp .= "<li>$error</li>\n";
|
|
}
|
|
$hesk_error_buffer = $tmp;
|
|
|
|
$hesk_error_buffer = $hesklang['pcer'].'<br /><br /><ul>'.$hesk_error_buffer.'</ul>';
|
|
hesk_process_messages($hesk_error_buffer,'NOREDIRECT');
|
|
}
|
|
elseif (defined('HESK_DEMO'))
|
|
{
|
|
hesk_process_messages($hesklang['ddemo'],'NOREDIRECT');
|
|
}
|
|
else
|
|
{
|
|
// Get user data from the database
|
|
$res = hesk_dbQuery("SELECT `id`, `name`, `pass` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `email` LIKE '".hesk_dbEscape($email)."' LIMIT 1");
|
|
if (hesk_dbNumRows($res) != 1)
|
|
{
|
|
hesk_process_messages($hesklang['noace'],'NOREDIRECT');
|
|
}
|
|
else
|
|
{
|
|
$row = hesk_dbFetchAssoc($res);
|
|
$hash = sha1(microtime() . $_SERVER['REMOTE_ADDR'] . mt_rand() . $row['id'] . $row['name'] . $row['pass']);
|
|
|
|
// Insert the verification hash into the database
|
|
hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` (`user`, `hash`, `ip`) VALUES (".intval($row['id']).", '{$hash}', '".hesk_dbEscape($_SERVER['REMOTE_ADDR'])."') ");
|
|
|
|
// Prepare and send email
|
|
require(HESK_PATH . 'inc/email_functions.inc.php');
|
|
|
|
// Get the email message
|
|
$msg = hesk_getEmailMessage('reset_password',array(),1,0,1);
|
|
$htmlMsg = hesk_getHtmlMessage('reset_password',array(),1,0,1);
|
|
|
|
// Replace message special tags
|
|
$msg = str_replace('%%NAME%%', hesk_msgToPlain($row['name'],1,1), $msg);
|
|
$msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg);
|
|
$msg = str_replace('%%SITE_TITLE%%', $hesk_settings['site_title'], $msg);
|
|
$msg = str_replace('%%PASSWORD_RESET%%', $hesk_settings['hesk_url'].'/'.$hesk_settings['admin_dir'].'/password.php?h='.$hash, $msg);
|
|
$htmlMsg = str_replace('%%NAME%%', hesk_msgToPlain($row['name'],1,1), $htmlMsg);
|
|
$htmlMsg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $htmlMsg);
|
|
$htmlMsg = str_replace('%%SITE_TITLE%%', $hesk_settings['site_title'], $htmlMsg);
|
|
$htmlMsg = str_replace('%%PASSWORD_RESET%%', $hesk_settings['hesk_url'].'/'.$hesk_settings['admin_dir'].'/password.php?h='.$hash, $htmlMsg);
|
|
|
|
// Send email
|
|
hesk_mail($email, $hesklang['reset_password'], $msg, $htmlMsg);
|
|
|
|
// Show success
|
|
hesk_process_messages($hesklang['pemls'],'NOREDIRECT','SUCCESS');
|
|
}
|
|
}
|
|
}
|
|
// If the "h" parameter is set verify it and reset the password
|
|
elseif ( isset($_GET['h']) )
|
|
{
|
|
// Get the hash
|
|
$hash = preg_replace('/[^a-zA-Z0-9]/', '', $_GET['h']);
|
|
|
|
// Connect to database
|
|
hesk_load_database_functions();
|
|
hesk_dbConnect();
|
|
|
|
// Expire verification hashes older than 2 hours
|
|
hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `dt` < (NOW() - INTERVAL 2 HOUR)");
|
|
|
|
// Verify the hash exists
|
|
$res = hesk_dbQuery("SELECT `user`, `ip` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `hash` = '{$hash}' LIMIT 1");
|
|
if (hesk_dbNumRows($res) != 1)
|
|
{
|
|
// Not a valid hash
|
|
hesk_limitBfAttempts();
|
|
hesk_process_messages($hesklang['ehash'],'NOREDIRECT');
|
|
}
|
|
else
|
|
{
|
|
// Get info from database
|
|
$row = hesk_dbFetchAssoc($res);
|
|
|
|
// Only allow resetting password from the same IP address that submitted password reset request
|
|
if ($row['ip'] != $_SERVER['REMOTE_ADDR'])
|
|
{
|
|
hesk_limitBfAttempts();
|
|
hesk_process_messages($hesklang['ehaip'],'NOREDIRECT');
|
|
}
|
|
else
|
|
{
|
|
// Expire all verification hashes for this user
|
|
hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `user`=".intval($row['user']));
|
|
|
|
// Get user details
|
|
$res = hesk_dbQuery('SELECT * FROM `'.$hesk_settings['db_pfix']."users` WHERE `id`=".intval($row['user'])." LIMIT 1");
|
|
$row = hesk_dbFetchAssoc($res);
|
|
foreach ($row as $k=>$v)
|
|
{
|
|
$_SESSION[$k]=$v;
|
|
}
|
|
unset($_SESSION['pass']);
|
|
|
|
// Clean brute force attempts
|
|
hesk_cleanBfAttempts();
|
|
|
|
// Regenerate session ID (security)
|
|
hesk_session_regenerate_id();
|
|
|
|
// Get allowed categories
|
|
if (empty($_SESSION['isadmin']))
|
|
{
|
|
$_SESSION['categories']=explode(',',$_SESSION['categories']);
|
|
}
|
|
|
|
// Redirect to the profile page
|
|
hesk_process_messages($hesklang['resim'],'profile.php','NOTICE');
|
|
exit();
|
|
|
|
} // End IP matches
|
|
}
|
|
}
|
|
|
|
// Tell header to load reCaptcha API if needed
|
|
if ($hesk_settings['recaptcha_use'] == 2)
|
|
{
|
|
define('RECAPTCHA',1);
|
|
}
|
|
|
|
$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' .$hesklang['passr'];
|
|
require_once(HESK_PATH . 'inc/header.inc.php');
|
|
?>
|
|
<ol class="breadcrumb">
|
|
<li><a href="<?php echo $hesk_settings['site_url']; ?>"><?php echo $hesk_settings['site_title']; ?></a></li>
|
|
<li><a href="index.php"><?php echo $hesklang['admin_login']; ?></a></li>
|
|
<li class="active"><?php echo $hesklang['passr']; ?></li>
|
|
</ol>
|
|
|
|
<div class="row">
|
|
<div class="col-md-10 col-md-offset-1">
|
|
<form action="password.php" method="post" name="form1" class="form-signin form-horizontal" role="form">
|
|
<?php
|
|
/* This will handle error, success and notice messages */
|
|
hesk_handle_messages();
|
|
?>
|
|
<h2><span <?php echo $iconDisplay; ?>><span class="mega-octicon octicon-sign-in"></span> </span><?php echo $hesklang['passr']; ?></h2>
|
|
<div class="footerWithBorder blankSpace"></div>
|
|
<div class="form-group <?php echo in_array('email',$_SESSION['a_iserror']) ? 'has-error' : ''; ?>">
|
|
<label for="email" class="col-sm-3 control-label"><?php echo $hesklang['email']; ?></label>
|
|
<div class="col-sm-9">
|
|
<input type="text" name="email" size="35" value="<?php if (isset($email)) {echo stripslashes(hesk_input($email));} ?>" class="form-control" placeholder="<?php echo $hesklang['email']; ?>">
|
|
</div>
|
|
</div>
|
|
<?php
|
|
if ($hesk_settings['secimg_use'])
|
|
{
|
|
?>
|
|
<div class="form-group">
|
|
<div class="col-sm-11 col-sm-offset-1">
|
|
<?php
|
|
// Should we use Recaptcha?
|
|
if ($hesk_settings['recaptcha_use'] == 1)
|
|
{
|
|
?>
|
|
<script type="text/javascript">
|
|
var RecaptchaOptions = {
|
|
theme : '<?php echo ( isset($_SESSION['a_iserror']) && in_array('mysecnum',$_SESSION['a_iserror']) ) ? 'red' : 'white'; ?>',
|
|
custom_translations : {
|
|
visual_challenge : "<?php echo hesk_slashJS($hesklang['visual_challenge']); ?>",
|
|
audio_challenge : "<?php echo hesk_slashJS($hesklang['audio_challenge']); ?>",
|
|
refresh_btn : "<?php echo hesk_slashJS($hesklang['refresh_btn']); ?>",
|
|
instructions_visual : "<?php echo hesk_slashJS($hesklang['instructions_visual']); ?>",
|
|
instructions_context : "<?php echo hesk_slashJS($hesklang['instructions_context']); ?>",
|
|
instructions_audio : "<?php echo hesk_slashJS($hesklang['instructions_audio']); ?>",
|
|
help_btn : "<?php echo hesk_slashJS($hesklang['help_btn']); ?>",
|
|
play_again : "<?php echo hesk_slashJS($hesklang['play_again']); ?>",
|
|
cant_hear_this : "<?php echo hesk_slashJS($hesklang['cant_hear_this']); ?>",
|
|
incorrect_try_again : "<?php echo hesk_slashJS($hesklang['incorrect_try_again']); ?>",
|
|
image_alt_text : "<?php echo hesk_slashJS($hesklang['image_alt_text']); ?>",
|
|
},
|
|
};
|
|
</script>
|
|
<?php
|
|
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
|
|
echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, true);
|
|
}
|
|
// Use reCaptcha API v2?
|
|
elseif ($hesk_settings['recaptcha_use'] == 2)
|
|
{
|
|
?>
|
|
<div class="g-recaptcha" data-sitekey="<?php echo $hesk_settings['recaptcha_public_key']; ?>"></div>
|
|
<?php
|
|
}
|
|
// At least use some basic PHP generated image (better than nothing)
|
|
else
|
|
{
|
|
$cls = in_array('mysecnum',$_SESSION['a_iserror']) ? ' class="isError" ' : '';
|
|
|
|
echo $hesklang['sec_enter'].'<br /> <br /><img src="'.HESK_PATH.'print_sec_img.php?'.rand(10000,99999).'" width="150" height="40" alt="'.$hesklang['sec_img'].'" title="'.$hesklang['sec_img'].'" border="1" name="secimg" style="vertical-align:text-bottom" /> '.
|
|
'<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\''.HESK_PATH.'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="'.HESK_PATH.'img/reload.png" height="24" width="24" alt="'.$hesklang['reload'].'" title="'.$hesklang['reload'].'" border="0" style="vertical-align:text-bottom" /></a>'.
|
|
'<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" '.$cls.' />';
|
|
}
|
|
?>
|
|
</div>
|
|
</div>
|
|
<?php
|
|
}
|
|
?>
|
|
<div class="form-group">
|
|
<div class="col-sm-10 col-sm-offset-1">
|
|
<input type="submit" value="<?php echo $hesklang['passs']; ?>" class="btn btn-default">
|
|
</div>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<?php
|
|
// Clean session errors
|
|
hesk_cleanSessionVars('a_iserror');
|
|
hesk_cleanSessionVars('img_a_verified');
|
|
|
|
// Print footer
|
|
require_once(HESK_PATH . 'inc/footer.inc.php');
|
|
?>
|