Code Coverage for /data/phpBB/phpbb/ucp/controller/reset

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 189	0.00% covered (danger)	0.00%	0 / 5	CRAP	0.00% covered (danger)	0.00%	0 / 1
reset_password	0.00% covered (danger)	0.00%	0 / 189	0.00% covered (danger)	0.00%	0 / 5	1056	0.00% covered (danger)	0.00%	0 / 1
__construct	0.00% covered (danger)	0.00%	0 / 14	0.00% covered (danger)	0.00%	0 / 1	2
init_controller	0.00% covered (danger)	0.00%	0 / 6	0.00% covered (danger)	0.00%	0 / 1	6
remove_reset_token	0.00% covered (danger)	0.00%	0 / 8	0.00% covered (danger)	0.00%	0 / 1	2
request	0.00% covered (danger)	0.00%	0 / 72	0.00% covered (danger)	0.00%	0 / 1	156
reset	0.00% covered (danger)	0.00%	0 / 89	0.00% covered (danger)	0.00%	0 / 1	272

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	namespace phpbb\ucp\controller;
15
16	use phpbb\auth\auth;
17	use phpbb\config\config;
18	use phpbb\controller\helper;
19	use phpbb\db\driver\driver_interface;
20	use phpbb\event\dispatcher;
21	use phpbb\exception\http_exception;
22	use phpbb\language\language;
23	use phpbb\log\log_interface;
24	use phpbb\passwords\manager;
25	use phpbb\request\request;
26	use phpbb\template\template;
27	use phpbb\user;
28	use phpbb\messenger\method\email;
29	use Symfony\Component\HttpFoundation\Response;
30
31	/**
32	* Handling forgotten passwords via reset password functionality
33	*/
34	class reset_password
35	{
36	/** @var config */
37	protected $config;
38
39	/** @var driver_interface */
40	protected $db;
41
42	/** @var dispatcher */
43	protected $dispatcher;
44
45	/** @var helper */
46	protected $helper;
47
48	/** @var language */
49	protected $language;
50
51	/** @var log_interface */
52	protected $log;
53
54	/** @var email */
55	protected $email_method;
56
57	/** @var manager */
58	protected $passwords_manager;
59
60	/** @var request */
61	protected $request;
62
63	/** @var template */
64	protected $template;
65
66	/** @var user */
67	protected $user;
68
69	/** @var string Users table name */
70	protected $users_table;
71
72	/** @var string phpBB root path */
73	protected $root_path;
74
75	/** @var string PHP extension */
76	protected $php_ext;
77
78	/**
79	* Reset password controller constructor.
80	*
81	* @param config $config
82	* @param driver_interface $db
83	* @param dispatcher $dispatcher
84	* @param helper $helper
85	* @param language $language
86	* @param log_interface $log
87	* @param email $email_method
88	* @param manager $passwords_manager
89	* @param request $request
90	* @param template $template
91	* @param user $user
92	* @param string $users_table
93	* @param string $root_path
94	* @param string $php_ext
95	*/
96	public function __construct(config $config, driver_interface $db, dispatcher $dispatcher, helper $helper,
97	language $language, log_interface $log, email $email_method, manager $passwords_manager,
98	request $request, template $template, user $user, string $users_table,
99	string $root_path, string $php_ext)
100	{
101	$this->config = $config;
102	$this->db = $db;
103	$this->dispatcher = $dispatcher;
104	$this->helper = $helper;
105	$this->language = $language;
106	$this->log = $log;
107	$this->email_method = $email_method;
108	$this->passwords_manager = $passwords_manager;
109	$this->request = $request;
110	$this->template = $template;
111	$this->user = $user;
112	$this->users_table = $users_table;
113	$this->root_path = $root_path;
114	$this->php_ext = $php_ext;
115	}
116
117	/**
118	* Init controller
119	*/
120	protected function init_controller()
121	{
122	$this->language->add_lang('ucp');
123
124	if (!$this->config['allow_password_reset'])
125	{
126	throw new http_exception(Response::HTTP_OK, 'UCP_PASSWORD_RESET_DISABLED', [
127	'<a href="mailto:' . htmlspecialchars($this->config['board_contact'], ENT_COMPAT) . '">',
128	'</a>'
129	]);
130	}
131	}
132
133	/**
134	* Remove reset token for specified user
135	*
136	* @param int $user_id User ID
137	*/
138	protected function remove_reset_token(int $user_id)
139	{
140	$sql_ary = [
141	'reset_token' => '',
142	'reset_token_expiration' => 0,
143	];
144
145	$sql = 'UPDATE ' . $this->users_table . '
146	SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
147	WHERE user_id = ' . $user_id;
148	$this->db->sql_query($sql);
149	}
150
151	/**
152	* Handle password reset request
153	*
154	* @return Response
155	*/
156	public function request()
157	{
158	$this->init_controller();
159
160	$submit = $this->request->is_set_post('submit');
161	$username = $this->request->variable('username', '', true);
162	$email = strtolower($this->request->variable('email', ''));
163
164	add_form_key('ucp_reset_password');
165
166	if ($submit)
167	{
168	if (!check_form_key('ucp_reset_password'))
169	{
170	throw new http_exception(Response::HTTP_UNAUTHORIZED, 'FORM_INVALID');
171	}
172
173	if (empty($email))
174	{
175	return $this->helper->message('NO_EMAIL_USER');
176	}
177
178	$sql_array = [
179	'SELECT' => 'user_id, username, user_permissions, user_email, user_type,'
180	. ' user_lang, user_inactive_reason, reset_token, reset_token_expiration',
181	'FROM' => [$this->users_table => 'u'],
182	'WHERE' => "user_email = '" . $this->db->sql_escape($email) . "'" .
183	(!empty($username) ? " AND username_clean = '" . $this->db->sql_escape(utf8_clean_string($username)) . "'" : ''),
184	];
185
186	/**
187	* Change SQL query for fetching user data
188	*
189	* @event core.ucp_remind_modify_select_sql
190	* @var string email User's email from the form
191	* @var string username User's username from the form
192	* @var array sql_array Fully assembled SQL query with keys SELECT, FROM, WHERE
193	* @since 3.1.11-RC1
194	* @changed 3.3.0-b1 Moved to reset password controller
195	*/
196	$vars = [
197	'email',
198	'username',
199	'sql_array',
200	];
201	extract($this->dispatcher->trigger_event('core.ucp_remind_modify_select_sql', compact($vars)));
202
203	$sql = $this->db->sql_build_query('SELECT', $sql_array);
204	$result = $this->db->sql_query_limit($sql, 2); // don't waste resources on more rows than we need
205	$rowset = $this->db->sql_fetchrowset($result);
206	$this->db->sql_freeresult($result);
207
208	if (count($rowset) > 1)
209	{
210	$this->template->assign_vars([
211	'USERNAME_REQUIRED' => true,
212	'EMAIL' => $email,
213	]);
214	}
215	else
216	{
217	$message = $this->language->lang('PASSWORD_RESET_LINK_SENT') . '<br /><br />' . $this->language->lang('RETURN_INDEX', '<a href="' . append_sid("{$this->root_path}index.{$this->php_ext}") . '">', '</a>');
218
219	if (empty($rowset))
220	{
221	return $this->helper->message($message);
222	}
223
224	$user_row = $rowset[0];
225
226	if ($user_row['user_type'] == USER_IGNORE \|\| $user_row['user_type'] == USER_INACTIVE)
227	{
228	return $this->helper->message($message);
229	}
230
231	// Do not create multiple valid reset tokens
232	if (!empty($user_row['reset_token']) && (int) $user_row['reset_token_expiration'] >= time())
233	{
234	return $this->helper->message($message);
235	}
236
237	// Check users permissions
238	$auth = new auth();
239	$auth->acl($user_row);
240
241	if (!$auth->acl_get('u_chgpasswd'))
242	{
243	return $this->helper->message($message);
244	}
245
246	// Generate reset token
247	$reset_token = strtolower(gen_rand_string(32));
248
249	$sql_ary = [
250	'reset_token' => $reset_token,
251	'reset_token_expiration' => $this->user::get_token_expiration(),
252	];
253
254	$sql = 'UPDATE ' . $this->users_table . '
255	SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
256	WHERE user_id = ' . $user_row['user_id'];
257	$this->db->sql_query($sql);
258
259	$this->email_method->set_use_queue(false);
260	$this->email_method->template('user_forgot_password', $user_row['user_lang']);
261	$this->email_method->set_addresses($user_row);
262	$this->email_method->anti_abuse_headers($this->config, $this->user);
263	$this->email_method->assign_vars([
264	'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT),
265	'U_RESET_PASSWORD' => generate_board_url(true) . $this->helper->route('phpbb_ucp_reset_password_controller', [
266	'u' => $user_row['user_id'],
267	'token' => $reset_token,
268	], false)
269	]);
270	$this->email_method->send();
271
272	return $this->helper->message($message);
273	}
274	}
275
276	$this->template->assign_vars([
277	'USERNAME' => $username,
278	'EMAIL' => $email,
279	'U_RESET_PASSWORD_ACTION' => $this->helper->route('phpbb_ucp_forgot_password_controller'),
280	]);
281
282	return $this->helper->render('ucp_reset_password.html', $this->language->lang('RESET_PASSWORD'));
283	}
284
285	/**
286	* Handle controller requests
287	*
288	* @return Response
289	*/
290	public function reset()
291	{
292	$this->init_controller();
293
294	$submit = $this->request->is_set_post('submit');
295	$reset_token = $this->request->variable('token', '');
296	$user_id = $this->request->variable('u', 0);
297
298	if (empty($reset_token))
299	{
300	return $this->helper->message('NO_RESET_TOKEN');
301	}
302
303	if (!$user_id)
304	{
305	return $this->helper->message('NO_USER');
306	}
307
308	add_form_key('ucp_reset_password');
309
310	$sql_array = [
311	'SELECT' => 'user_id, username, user_permissions, user_email, user_type,'
312	. ' user_lang, user_inactive_reason, reset_token, reset_token_expiration',
313	'FROM' => [$this->users_table => 'u'],
314	'WHERE' => 'user_id = ' . $user_id,
315	];
316
317	/**
318	* Change SQL query for fetching user data
319	*
320	* @event core.ucp_reset_password_modify_select_sql
321	* @var int user_id User ID from the form
322	* @var string reset_token Reset token
323	* @var array sql_array Fully assembled SQL query with keys SELECT, FROM, WHERE
324	* @since 3.3.0-b1
325	*/
326	$vars = [
327	'user_id',
328	'reset_token',
329	'sql_array',
330	];
331	extract($this->dispatcher->trigger_event('core.ucp_reset_password_modify_select_sql', compact($vars)));
332
333	$sql = $this->db->sql_build_query('SELECT', $sql_array);
334	$result = $this->db->sql_query_limit($sql, 1);
335	$user_row = $this->db->sql_fetchrow($result);
336	$this->db->sql_freeresult($result);
337
338	$message = $this->language->lang('RESET_TOKEN_EXPIRED_OR_INVALID') . '<br /><br />' . $this->language->lang('RETURN_INDEX', '<a href="' . append_sid("{$this->root_path}index.{$this->php_ext}") . '">', '</a>');
339
340	if (empty($user_row))
341	{
342	return $this->helper->message($message);
343	}
344
345	if (!hash_equals($reset_token, $user_row['reset_token']))
346	{
347	return $this->helper->message($message);
348	}
349
350	if ($user_row['reset_token_expiration'] < time())
351	{
352	$this->remove_reset_token($user_id);
353
354	return $this->helper->message($message);
355	}
356
357	$errors = [];
358
359	if ($submit)
360	{
361	if (!check_form_key('ucp_reset_password'))
362	{
363	return $this->helper->message('FORM_INVALID');
364	}
365
366	if ($user_row['user_type'] == USER_IGNORE \|\| $user_row['user_type'] == USER_INACTIVE)
367	{
368	return $this->helper->message($message);
369	}
370
371	// Check users permissions
372	$auth = new auth();
373	$auth->acl($user_row);
374
375	if (!$auth->acl_get('u_chgpasswd'))
376	{
377	return $this->helper->message($message);
378	}
379
380	if (!function_exists('validate_data'))
381	{
382	include($this->root_path . 'includes/functions_user.' . $this->php_ext);
383	}
384
385	$data = [
386	'new_password' => $this->request->untrimmed_variable('new_password', '', true),
387	'password_confirm' => $this->request->untrimmed_variable('new_password_confirm', '', true),
388	];
389	$check_data = [
390	'new_password' => [
391	['string', false, $this->config['min_pass_chars'], 0],
392	['password'],
393	],
394	'password_confirm' => ['string', true, $this->config['min_pass_chars'], 0],
395	];
396	$errors = array_merge($errors, validate_data($data, $check_data));
397	if (strcmp($data['new_password'], $data['password_confirm']) !== 0)
398	{
399	$errors[] = $data['password_confirm'] ? 'NEW_PASSWORD_ERROR' : 'NEW_PASSWORD_CONFIRM_EMPTY';
400	}
401	if (empty($errors))
402	{
403	$sql_ary = [
404	'user_password' => $this->passwords_manager->hash($data['new_password']),
405	'user_passchg' => time(),
406	'user_login_attempts' => 0,
407	'reset_token' => '',
408	'reset_token_expiration' => 0,
409	];
410	$sql = 'UPDATE ' . $this->users_table . '
411	SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
412	WHERE user_id = ' . (int) $user_row['user_id'];
413	$this->db->sql_query($sql);
414	$this->user->reset_login_keys($user_row['user_id']);
415	$this->log->add('user', $user_row['user_id'], $this->user->ip, 'LOG_USER_NEW_PASSWORD', false, [
416	'reportee_id' => $user_row['user_id'],
417	$user_row['username']
418	]);
419	meta_refresh(3, append_sid("{$this->root_path}index.{$this->php_ext}"));
420	return $this->helper->message($this->language->lang('PASSWORD_RESET'));
421	}
422	}
423
424	$this->template->assign_vars([
425	'PASSWORD_RESET_ERRORS' => !empty($errors) ? array_map([$this->language, 'lang'], $errors) : '',
426	'S_IS_PASSWORD_RESET' => true,
427	'U_RESET_PASSWORD_ACTION' => $this->helper->route('phpbb_ucp_reset_password_controller'),
428	'L_CHANGE_PASSWORD_EXPLAIN' => $this->language->lang($this->config['pass_complex'] . '_EXPLAIN', $this->language->lang('CHARACTERS', (int) $this->config['min_pass_chars'])),
429	'S_HIDDEN_FIELDS' => build_hidden_fields([
430	'u' => $user_id,
431	'token' => $reset_token,
432	]),
433	]);
434
435	return $this->helper->render('ucp_reset_password.html', $this->language->lang('RESET_PASSWORD'));
436	}
437	}