登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
4 Star 9 Fork 5

Gitee 极速下载/mantisbt

代码 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
此仓库是为了提升国内下载速度的镜像仓库,每日同步一次。 原始仓库: https://github.com/mantisbt/mantisbt
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
项目仓库所选许可证以仓库主分支所使用许可证为准
克隆/下载
verify.php 6.30 KB
一键复制 编辑 原始数据 按行查看 历史
Damien Regad 提交于 2024-05-06 02:18 . Use g_reauthentication_expiry to set token timeout
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194
<?php

# MantisBT - A PHP based bugtracking system



# MantisBT is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 2 of the License, or

# (at your option) any later version.

#

# MantisBT is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.



/**

 * Verify Page

 *

 * @package MantisBT

 * @copyright Copyright 2000 - 2002  Kenzaburo Ito - kenito@300baud.org

 * @copyright Copyright 2002  MantisBT Team - mantisbt-dev@lists.sourceforge.net

 * @author Marcello Scata' <marcelloscata at users.sourceforge.net> ITALY

 * @link http://www.mantisbt.org

 *

 * @uses core.php

 * @uses authentication_api.php

 * @uses config_api.php

 * @uses constant_inc.php

 * @uses gpc_api.php

 * @uses print_api.php

 * @uses user_api.php

 *

 * Unhandled exceptions will be caught by the default error handler

 * @noinspection PhpUnhandledExceptionInspection

 */



# don't auto-login when trying to verify new user

$g_login_anonymous = false;



require_once( 'core.php' );

require_api( 'authentication_api.php' );

require_api( 'config_api.php' );

require_api( 'constant_inc.php' );

require_api( 'gpc_api.php' );

require_api( 'html_api.php' );

require_api( 'lang_api.php' );

require_api( 'print_api.php' );

require_api( 'string_api.php' );

require_api( 'user_api.php' );

require_api( 'utility_api.php' );

require_css( 'login.css' );





# check if at least one way to get here is enabled

if( !auth_signup_enabled() &&

	OFF == config_get( 'lost_password_feature' ) &&

	OFF == config_get( 'send_reset_password' ) ) {

	trigger_error( ERROR_LOST_PASSWORD_NOT_ENABLED, ERROR );

}



$f_user_id = gpc_get_string( 'id' );

$f_confirm_hash = gpc_get_string( 'confirm_hash' );



# force logout on the current user if already authenticated

if( auth_is_user_authenticated() ) {

	auth_logout();



	# reload the page after logout

	print_header_redirect( 'verify.php?id=' . $f_user_id . '&confirm_hash=' . $f_confirm_hash );

}



$t_token_confirm_hash = token_get_value( TOKEN_ACCOUNT_ACTIVATION, $f_user_id );



if( $t_token_confirm_hash == null || $f_confirm_hash !== $t_token_confirm_hash ) {

	trigger_error( ERROR_LOST_PASSWORD_CONFIRM_HASH_INVALID, ERROR );

}



user_reset_failed_login_count_to_zero( $f_user_id );

user_reset_lost_password_in_progress_count_to_zero( $f_user_id );



# fake login so the user can set their password

auth_attempt_script_login( user_get_username( $f_user_id ) );



user_increment_login_count( $f_user_id );





# extracts the user information

# and prefixes it with u_

$t_row = user_get_row( $f_user_id );



extract( $t_row, EXTR_PREFIX_ALL, 'u' );



$t_can_change_password = auth_can_set_password( $f_user_id );



layout_login_page_begin();



?>



<div class="col-md-offset-4 col-md-4 col-sm-8 col-sm-offset-1">

	<div class="login-container">

		<div class="space-12 hidden-480"></div>

		<?php layout_login_page_logo() ?>

		<div class="space-24 hidden-480"></div>



		<div id="reset-passwd-msg" class="alert alert-sm alert-warning ">

		<?php

			if( $t_can_change_password ) {

				echo lang_get( 'verify_warning' ) . '<br />';

				echo lang_get( 'verify_change_password' );

			} else {

				echo auth_password_managed_elsewhere_message();

			}

		?>

		</div>



		<?php

		if( $t_can_change_password ) {

		?>



			<div class="position-relative">

			<div class="signup-box visible widget-box no-border" id="login-box">

			<div class="widget-body">

				<div class="widget-main">



					<!-- Login Form BEGIN -->



		<div id="verify-div" class="form-container">

			<form id="account-update-form" method="post" action="account_update.php">

				<fieldset>

					<legend><span><?php echo lang_get( 'edit_account_title' ) . ' - ' . string_display_line( $u_username ) ?></span></legend>

					<div class="space-10"></div>

					<input type="hidden" name="verify_user_id" value="<?php echo $u_id ?>">

					<input type="hidden" name="confirm_hash" value="<?php echo string_html_specialchars( $f_confirm_hash ) ?>">

					<?php

					echo form_security_field( 'account_update' );

					# When verifying account, set a token to limit time to submit new password

					token_set( TOKEN_ACCOUNT_VERIFY,

						true,

						config_get( 'reauthentication_expiry' ),

						$u_id

					);

					?>

					<div class="field-container">

						<label class="block clearfix">

							<span class="block input-icon input-icon-right">

								<input id="realname" class="form-control" placeholder="<?php echo lang_get( 'realname' ) ?>" type="text" size="32" maxlength="<?php echo DB_FIELD_SIZE_REALNAME ?>" name="realname" value="<?php echo string_attribute( $u_realname ) ?>" />

								<?php print_icon( 'fa-user', 'ace-icon' ); ?>

							</span>

						</label>

						<span class="label-style"></span>

					</div>



					<div class="field-container">

						<label class="block clearfix">

							<span class="block input-icon input-icon-right">

								<input id="password" class="form-control" placeholder="<?php echo lang_get( 'password' ) ?>" type="password" size="32" maxlength="<?php echo auth_get_password_max_size(); ?>" name="password"/>

								<?php print_icon( 'fa-lock', 'ace-icon' ); ?>

							</span>

						</label>

						<span class="label-style"></span>

					</div>

					

					<div class="field-container">

						<label class="block clearfix">

							<span class="block input-icon input-icon-right">

								<input id="password-confirm" class="form-control" placeholder="<?php echo lang_get( 'confirm_password' ) ?>" type="password" size="32" maxlength="<?php echo auth_get_password_max_size(); ?>" name="password_confirm"/>

								<?php print_icon( 'fa-lock', 'ace-icon' ); ?>

							</span>

						</label>

						<span class="label-style"></span>

					</div>

					<div class="space-18"></div>

					<span class="submit-button">

						<button type="submit" class="width-100 width-40 pull-right btn btn-success btn-inverse bigger-110">

							<span class="bigger-110"><?php echo lang_get( 'update_user_button' ) ?></span>

						</button>

					</span>



				</fieldset>

			</form>

		</div>

	</div>

</div>



			</div>

			</div>

			</div>

			</div>



<?php

}



layout_login_page_end();
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
PHP
1
https://gitee.com/mirrors/mantisbt.git
git@gitee.com:mirrors/mantisbt.git
mirrors
mantisbt
mantisbt
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部