quote($_REQUEST['guid']) . "' AND COALESCE(deleted, 0) = '0'"; $result = DBManagerFactory::getInstance()->limitQuery($Q, 0, 1, false); $row = DBManagerFactory::getInstance()->fetchByAssoc($result); if (!empty($row)) { $pwd_settings = $GLOBALS['sugar_config']['passwordsetting']; $expired = '0'; if ($pwd_settings['linkexpiration']) { $delay = $pwd_settings['linkexpirationtime'] * $pwd_settings['linkexpirationtype']; $stim = strtotime($row['date_generated']) + date('Z'); $expiretime = TimeDate::getInstance()->fromTimestamp($stim)->get("+$delay minutes")->asDb(); $timenow = TimeDate::getInstance()->nowDb(); if ($timenow > $expiretime) { $expired = '1'; } } if (!$expired) { // if the form is filled and we want to login if (isset($_REQUEST['login']) && $_REQUEST['login'] == '1') { if ($row['username'] == $_POST['user_name']) { $password = $_POST['new_password']; $usr = new user(); $errors = $usr->passwordValidationCheck($password); if (!$errors) { $usr_id = $usr->retrieve_user_id($_POST['user_name']); $usr->retrieve($usr_id); $usr->setNewPassword($password); $query2 = "UPDATE users_password_link SET deleted='1' where id='" . $db->quote($_REQUEST['guid']) . "'"; DBManagerFactory::getInstance()->query($query2, true, "Error setting link for $usr->user_name: "); $_POST['user_name'] = $_REQUEST['user_name']; $_POST['username_password'] = $_REQUEST['new_password']; $_POST['module'] = 'Users'; $_POST['action'] = 'Authenticate'; $_POST['login_module'] = 'Home'; $_POST['login_action'] = 'index'; $_POST['Login'] = 'Login'; foreach ($_POST as $k => $v) { $_REQUEST[$k] = $v; $_GET[$k] = $v; } unset($_REQUEST['entryPoint']); unset($_GET['entryPoint']); $GLOBALS['app']->execute(); die(); } $redirect = 0; } } else { $redirect = '0'; } } else { $query2 = "UPDATE users_password_link SET deleted='1' where id='" . $db->quote($_REQUEST['guid']) . "'"; DBManagerFactory::getInstance()->query($query2, true, "Error setting link"); } } } if ($redirect != '0') { header('location:index.php?action=Login&module=Users'); exit(); } //// PASSWORD GENERATED LINK CHECK USING /////////////////////////////////////////////////////////////////////////////// require_once('include/MVC/View/SugarView.php'); $view = new SugarView(); $view->init(); $view->displayHeader(); $sugar_smarty = new Sugar_Smarty(); $pwd_settings = $GLOBALS['sugar_config']['passwordsetting']; $sugar_smarty->assign('sugar_md', getWebPath('include/images/sugar_md_open.png')); $sugar_smarty->assign("MOD", $mod_strings); $sugar_smarty->assign("CAPTCHA", displayRecaptcha()); $sugar_smarty->assign("IS_ADMIN", '1'); $sugar_smarty->assign("ENTRY_POINT", 'Changenewpassword'); $sugar_smarty->assign('return_action', 'login'); $sugar_smarty->assign("APP", $app_strings); $sugar_smarty->assign("INSTRUCTION", $app_strings['NTC_LOGIN_MESSAGE']); $sugar_smarty->assign("ERRORS", $errors); $sugar_smarty->assign( "USERNAME_FIELD", '' . $mod_strings['LBL_USER_NAME'] . ':' ); $sugar_smarty->assign('PWDSETTINGS', $GLOBALS['sugar_config']['passwordsetting']); $rules = "'','',''"; $sugar_smarty->assign('SUBMIT_BUTTON', '
 '); if (!empty($_REQUEST['guid'])) { $sugar_smarty->assign("GUID", $_REQUEST['guid']); } $sugar_smarty->display('modules/Users/Changenewpassword.tpl'); $view->displayFooter();