diff --git a/system/pages/account/lost.php b/system/pages/account/lost.php index 79c739cb..95c16baa 100644 --- a/system/pages/account/lost.php +++ b/system/pages/account/lost.php @@ -9,540 +9,11 @@ * @link https://my-aac.org */ defined('MYAAC') or die('Direct access not allowed!'); -$title = 'Lost Account Interface'; +$title = 'Lost Account'; -if(!setting('core.mail_enabled')) -{ - echo 'Account maker is not configured to send e-mails, you can\'t use Lost Account Interface. Contact with admin to get help.'; +if(!setting('core.mail_enabled')) { + echo "Account maker is not configured to send e-mails, you can't use Lost Account Interface. Contact with admin to get help."; return; } -$action_type = isset($_REQUEST['action_type']) ? $_REQUEST['action_type'] : ''; -if($action == '') -{ - $twig->display('account.lost.form.html.twig'); -} -else if($action == 'step1' && $action_type == '') { - $twig->display('account.lost.noaction.html.twig'); -} -elseif($action == 'step1' && $action_type == 'email') -{ - $nick = stripslashes($_REQUEST['nick']); - if(Validator::characterName($nick)) - { - $player = new OTS_Player(); - $account = new OTS_Account(); - $player->find($nick); - if($player->isLoaded()) - $account = $player->getAccount(); - - if($account->isLoaded()) - { - if($account->getCustomField('email_next') < time()) - echo 'Please enter e-mail to account with this character.
-
- - - - -
Please enter e-mail to account
- Character:
- E-mail to account:
-
-
-
- ' . $twig->render('buttons.submit.html.twig') . '
-
'; - else - { - $insec = (int)$account->getCustomField('email_next') - time(); - $minutesleft = floor($insec / 60); - $secondsleft = $insec - ($minutesleft * 60); - $timeleft = $minutesleft.' minutes '.$secondsleft.' seconds'; - echo 'Account of selected character ('.$nick.') received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.'; - } - } - else - echo 'Player or account of player ' . $nick . ' doesn\'t exist.'; - } - else - echo 'Invalid player name format. If you have other characters on account try with other name.'; - echo '
- Back
-
'; -} -elseif($action == 'sendcode') -{ - $email = $_REQUEST['email']; - $nick = stripslashes($_REQUEST['nick']); - if(Validator::characterName($nick)) - { - $player = new OTS_Player(); - $account = new OTS_Account(); - $player->find($nick); - if($player->isLoaded()) - $account = $player->getAccount(); - - if($account->isLoaded()) - { - if($account->getCustomField('email_next') < time()) - { - if($account->getEMail() == $email) - { - $newcode = generateRandomString(30, true, false, true); - $mailBody = ' - You asked to reset your ' . $config['lua']['serverName'] . ' password.
-

Account name: '.$account->getName().'

-
- To do so, please click this link: -

' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'

-

or open page: ' . getLink('account/lost') . '?action=checkcode and in field "code" write '.$newcode.'

-
-

If you did not request a password change, you may ignore this message and your password will remain unchanged.'; - - $account_mail = $account->getCustomField('email'); - if(_mail($account_mail, $config['lua']['serverName'].' - Recover your account', $mailBody)) - { - $account->setCustomField('email_code', $newcode); - $account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval'))); - echo '
Details about steps required to recover your account has been sent to ' . $account_mail . '. You should receive this email within 15 minutes. Please check your inbox/spam directory.'; - } - else - { - $account->setCustomField('email_next', (time() + 60)); - echo '

An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log

'; - } - } - else - echo 'Invalid e-mail to account of character '.$nick.'. Try again.'; - } - else - { - $insec = (int)$account->getCustomField('email_next') - time(); - $minutesleft = floor($insec / 60); - $secondsleft = $insec - ($minutesleft * 60); - $timeleft = $minutesleft.' minutes '.$secondsleft.' seconds'; - echo 'Account of selected character ('.$nick.') received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.'; - } - } - else - echo 'Player or account of player '.$nick.' doesn\'t exist.'; - } - else - echo 'Invalid player name format. If you have other characters on account try with other name.'; - echo '
- Back
-
'; -} -elseif($action == 'step1' && $action_type == 'reckey') -{ - $nick = stripslashes($_REQUEST['nick']); - if(Validator::characterName($nick)) - { - $player = new OTS_Player(); - $account = new OTS_Account(); - $player->find($nick); - if($player->isLoaded()) - $account = $player->getAccount(); - if($account->isLoaded()) - { - $account_key = $account->getCustomField('key'); - if(!empty($account_key)) - { - echo 'If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.
-
- - - -
Please enter your recovery key
- Character name: 
- Recovery key:    
-
-
-
- ' . $twig->render('buttons.submit.html.twig') . '
-
'; - } - else - echo 'Account of this character has no recovery key!'; - } - else - echo 'Player or account of player '.$nick.' doesn\'t exist.'; - } - else - echo 'Invalid player name format. If you have other characters on account try with other name.'; - echo '
- Back
-
'; -} -elseif($action == 'step2') -{ - $rec_key = trim($_REQUEST['key']); - $nick = stripslashes($_REQUEST['nick']); - if(Validator::characterName($nick)) - { - $player = new OTS_Player(); - $account = new OTS_Account(); - $player->find($nick); - if($player->isLoaded()) - $account = $player->getAccount(); - if($account->isLoaded()) - { - $account_key = $account->getCustomField('key'); - if(!empty($account_key)) - { - if($account_key == $rec_key) - { - echo ''; - echo 'Set new password and e-mail to your account.
-
- - - - -
Please enter new password and e-mail
- Account of character:  
- New password:            
- Repeat new password:  
- New e-mail address:     
- -
-
-
- ' . $twig->render('buttons.submit.html.twig') . '
-
'; - } - else - echo 'Wrong recovery key!'; - } - else - echo 'Account of this character has no recovery key!'; - } - else - echo 'Player or account of player '.$nick.' doesn\'t exist.'; - } - else - echo 'Invalid player name format. If you have other characters on account try with other name.'; - echo '
- Back
-
'; -} -elseif($action == 'step3') -{ - $rec_key = trim($_REQUEST['key']); - $nick = stripslashes($_REQUEST['nick']); - $new_pass = trim($_REQUEST['passor']); - $new_email = trim($_REQUEST['email']); - if(Validator::characterName($nick)) - { - $player = new OTS_Player(); - $account = new OTS_Account(); - $player->find($nick); - if($player->isLoaded()) - $account = $player->getAccount(); - if($account->isLoaded()) - { - $account_key = $account->getCustomField('key'); - if(!empty($account_key)) - { - if($account_key == $rec_key) - { - if(Validator::password($new_pass)) - { - if(Validator::email($new_email)) - { - $account->setEMail($new_email); - - $tmp_new_pass = $new_pass; - if(USE_ACCOUNT_SALT) - { - $salt = generateRandomString(10, false, true, true); - $tmp_new_pass = $salt . $new_pass; - } - - $account->setPassword(encrypt($tmp_new_pass)); - $account->save(); - - if(USE_ACCOUNT_SALT) - $account->setCustomField('salt', $salt); - - echo 'Your account name, new password and new e-mail.
-
- - - -
Your account name, new password and new e-mail
- Account name:     '.$account->getName().'
- New password:        '.$new_pass.'
- New e-mail address: '.$new_email.'
'; - if($account->getCustomField('email_next') < time()) - { - $mailBody = ' -

Your account name and new password!

-

Changed password and e-mail to your account in Lost Account Interface on server '.$config['lua']['serverName'].'

-

Account name: '.$account->getName().'

-

New password: '.$new_pass.'

-

E-mail: '.$new_email.' (this e-mail)

-
-

It\'s automatic e-mail from OTS Lost Account System. Do not reply!

'; - - if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody)) - { - echo '
Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!'; - } - else - { - echo '

An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log

'; - } - } - else - { - echo '
You will not receive e-mail with this informations.'; - } - echo ' - -

-
-
-
'; - } - else - echo Validator::getLastError(); - } - else - echo Validator::getLastError(); - } - else - echo 'Wrong recovery key!'; - } - else - echo 'Account of this character has no recovery key!'; - } - else - echo 'Player or account of player '.$nick.' doesn\'t exist.'; - } - else - echo 'Invalid player name format. If you have other characters on account try with other name.'; - echo '
- Back
-
'; -} -elseif($action == 'checkcode') -{ - $code = trim($_REQUEST['code']); - $character = stripslashes(trim($_REQUEST['character'])); - if(empty($code) || empty($character)) - echo 'Please enter code from e-mail and name of one character from account. Then press Submit.
-
- - - -
Code & character name
- Your code: 
- Character: 
-
-
-
- ' . $twig->render('buttons.submit.html.twig') . '
-
'; - else - { - $player = new OTS_Player(); - $account = new OTS_Account(); - $player->find($character); - if($player->isLoaded()) - $account = $player->getAccount(); - if($account->isLoaded()) - { - if($account->getCustomField('email_code') == $code) - { - echo ' - Please enter new password to your account and repeat to make sure you remember password.
-
- - - - - -
Code & account name
- New password:      
- Repeat new password: 
-
-
-
- ' . $twig->render('buttons.submit.html.twig') . '
-
'; - } - else - $error= 'Wrong code to change password.'; - } - else - $error = 'Account of this character or this character doesn\'t exist.'; - } - if(!empty($error)) - echo ''.$error.'
Please enter code from e-mail and name of one character from account. Then press Submit.
-
- - - -
Code & character name
- Your code: 
- Character: 
-
-
-
- ' . $twig->render('buttons.submit.html.twig') . '
-
'; -} -elseif($action == 'setnewpassword') -{ - $newpassword = $_REQUEST['passor']; - $code = $_REQUEST['code']; - $character = stripslashes($_REQUEST['character']); - echo ''; - if(empty($code) || empty($character) || empty($newpassword)) - echo 'Error. Try again.
Please enter code from e-mail and name of one character from account. Then press Submit.
-
-
-
-
'; - else - { - $player = new OTS_Player(); - $account = new OTS_Account(); - $player->find($character); - if($player->isLoaded()) - $account = $player->getAccount(); - if($account->isLoaded()) - { - if($account->getCustomField('email_code') == $code) - { - if(Validator::password($newpassword)) - { - $tmp_new_pass = $newpassword; - if(USE_ACCOUNT_SALT) - { - $salt = generateRandomString(10, false, true, true); - $tmp_new_pass = $salt . $newpassword; - $account->setCustomField('salt', $salt); - } - - $account->setPassword(encrypt($tmp_new_pass )); - $account->save(); - $account->setCustomField('email_code', ''); - echo 'New password to your account is below. Now you can login.
- - - - -
Changed password
- New password: '.$newpassword.'
- Account name:   (Already on your e-mail)
'; - - $mailBody = ' -

Your account name and password!

-

Changed password to your account in Lost Account Interface on server '.$config['lua']['serverName'].'

-

Account name: '.$account->getName().'

-

New password: '.$newpassword.'

-
-

It\'s automatic e-mail from OTS Lost Account System. Do not reply!

'; - - if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - Your new password", $mailBody)) - { - echo '
New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!'; - } - else - { - echo '

New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log'; - } - echo '

-
-
-
-
-
'; - } - else - $error= Validator::getLastError(); - } - else - $error= 'Wrong code to change password.'; - } - else - $error = 'Account of this character or this character doesn\'t exist.'; - } - if(!empty($error)) - echo ''.$error.'
Please enter code from e-mail and name of one character from account. Then press Submit.
-
- - - -
Code & character name
- Your code: 
- Character: 
-
-
-
- ' . $twig->render('buttons.submit.html.twig') . '
-
'; -} +$twig->display('account/lost/form.html.twig'); diff --git a/system/pages/account/lost/base.php b/system/pages/account/lost/base.php new file mode 100644 index 00000000..58f115ce --- /dev/null +++ b/system/pages/account/lost/base.php @@ -0,0 +1,18 @@ +display('error_box.html.twig', [ + 'errors' => ["Account of selected character (" . escapeHtml($nick) . ") received e-mail in last $timeRounded minutes. You must wait $timeLeft before you can use Lost Account Interface again."] + ]); +} diff --git a/system/pages/account/lost/check-code.php b/system/pages/account/lost/check-code.php new file mode 100644 index 00000000..44c3c622 --- /dev/null +++ b/system/pages/account/lost/check-code.php @@ -0,0 +1,51 @@ +display('account/lost/check-code.html.twig', [ + 'code' => $code, + 'characters' => $character, + ]); +} +else { + $player = new OTS_Player(); + $account = new OTS_Account(); + $player->find($character); + if($player->isLoaded()) { + $account = $player->getAccount(); + } + + if($account->isLoaded()) { + if($account->getCustomField('email_code') == $code) { + $twig->display('account/lost/check-code.finish.html.twig', [ + 'character' => $character, + 'code' => $code, + ]); + } + else { + $error = 'Wrong code to change password.'; + } + } + else { + $error = "Account of this character or this character doesn't exist."; + } +} + +if(!empty($error)) { + $twig->display('error_box.html.twig', [ + 'errors' => [$error], + ]); + + echo '
'; + + $twig->display('account/lost/check-code.html.twig', [ + + ]); +} diff --git a/system/pages/account/lost/email/send-code.php b/system/pages/account/lost/email/send-code.php new file mode 100644 index 00000000..8dec8274 --- /dev/null +++ b/system/pages/account/lost/email/send-code.php @@ -0,0 +1,75 @@ +find($nick); +if($player->isLoaded()) { + $account = $player->getAccount(); +} + +if($account->isLoaded()) { + if($account->getCustomField('email_next') < time()) { + if($account->getEMail() == $email) { + $newCode = generateRandomString(30, true, false, true); + $mailBody = $twig->render('mail.account.lost.code.html.twig', [ + 'newCode' => $newCode, + 'account' => $account, + 'nick' => $nick, + ]); + + $accountEMail = $account->getCustomField('email'); + if(_mail($accountEMail, configLua('serverName') . ' - Recover your account', $mailBody)) { + $account->setCustomField('email_code', $newCode); + $account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval'))); + + $twig->display('success.html.twig', [ + 'title' => 'Email has been sent', + 'description' => 'Details about steps required to recover your account has been sent to ' . $accountEMail . '. You should receive this email within 15 minutes. Please check your inbox/spam directory.', + 'custom_buttons' => '', + ]); + + $twig->display('account.back_button.html.twig', [ + 'new_line' => true, + 'center' => true, + 'action' => getLink('news'), + ]); + + return; + } + + $account->setCustomField('email_next', (time() + 60)); + error('An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log

'); + } + else { + $errors[] = 'Invalid e-mail to account of character ' . escapeHtml($nick) . '. Try again.'; + } + } + else { + lostAccountWriteCooldown($nick, (int)$account->getCustomField('email_next')); + } +} +else { + $errors[] = "Player or account of player " . escapeHtml($nick) . " doesn't exist."; +} + +if (!empty($errors)) { + $twig->display('error_box.html.twig', [ + 'errors' => $errors, + ]); +} + +$twig->display('account.back_button.html.twig', [ + 'new_line' => true, + 'center' => true, + 'action' => getLink('account/lost/step-1') . '?action=email&nick=' . urlencode($nick), +]); diff --git a/system/pages/account/lost/email/set-new-password.php b/system/pages/account/lost/email/set-new-password.php new file mode 100644 index 00000000..f4801ad6 --- /dev/null +++ b/system/pages/account/lost/email/set-new-password.php @@ -0,0 +1,128 @@ +display('error_box.html.twig', [ + 'errors' => $errors, + ]); + + $twig->display('account/lost/check-code.html.twig', [ + 'code' => $code, + 'character' => $character, + ]); + + $twig->display('account.back_button.html.twig', [ + 'new_line' => true, + 'center' => true, + 'action' => getLink('account/lost/check-code') + ]); + + return; +} + +if (empty($newPassword) || empty($passwordRepeat)) { + $errors[] = 'Please enter both passwords.'; + + $twig->display('error_box.html.twig', [ + 'errors' => $errors, + ]); + + $twig->display('account/lost/check-code.finish.html.twig', [ + 'character' => $character, + 'code' => $code, + ]); + + return; +} + +$player = new OTS_Player(); +$account = new OTS_Account(); +$player->find($character); +if($player->isLoaded()) { + $account = $player->getAccount(); +} + +$passwordFailed = false; + +if($account->isLoaded()) { + if($account->getCustomField('email_code') == $code) { + if ($newPassword == $passwordRepeat) { + if (Validator::password($newPassword)) { + + $hooks->trigger(HOOK_ACCOUNT_LOST_EMAIL_SET_NEW_PASSWORD_POST); + + if (empty($errors)) { + $tmp_new_pass = $newPassword; + if (USE_ACCOUNT_SALT) { + $salt = generateRandomString(10, false, true, true); + $tmp_new_pass = $salt . $newPassword; + $account->setCustomField('salt', $salt); + } + + $account->setPassword(encrypt($tmp_new_pass)); + $account->save(); + $account->setCustomField('email_code', ''); + + $mailBody = $twig->render('mail.account.lost.new-password.html.twig', [ + 'account' => $account, + 'newPassword' => $newPassword, + ]); + + $statusMsg = ''; + if (_mail($account->getCustomField('email'), configLua('serverName') . ' - Your new password', $mailBody)) { + $statusMsg = '
New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!'; + } else { + $statusMsg = '

New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log'; + } + + $twig->display('account/lost/finish.new-password.html.twig', [ + 'statusMsg' => $statusMsg, + 'newPassword' => $newPassword, + ]); + } + } else { + $passwordFailed = true; + $errors[] = Validator::getLastError(); + } + } + else { + $passwordFailed = true; + $errors[] = 'Passwords are not the same!'; + } + } + else { + $errors[] = 'Wrong code to change password.'; + } +} +else { + $errors[] = "Account of this character or this character doesn't exist."; +} + +if(!empty($errors)) { + $twig->display('error_box.html.twig', [ + 'errors' => $errors, + ]); + + echo '
'; + + $template = 'account/lost/check-code.html.twig'; + if($passwordFailed) { + $template = 'account/lost/check-code.finish.html.twig'; + } + + $twig->display($template, [ + 'code' => $code, + 'character' => $character, + ]); +} diff --git a/system/pages/account/lost/email/step-1.php b/system/pages/account/lost/email/step-1.php new file mode 100644 index 00000000..d36e3b4d --- /dev/null +++ b/system/pages/account/lost/email/step-1.php @@ -0,0 +1,36 @@ +isLoaded()) { + if($account->getCustomField('email_next') < time()) { + $twig->display('account/lost/email.html.twig', [ + 'nick' => $nick, + ]); + } + else { + lostAccountWriteCooldown($nick, (int)$account->getCustomField('email_next')); + } +} +else { + $errors[] = "Player or account of player " . escapeHtml($nick) . " doesn't exist."; +} + +if (!empty($errors)) { + $twig->display('error_box.html.twig', [ + 'errors' => $errors, + ]); +} + +$twig->display('account.back_button.html.twig', [ + 'new_line' => true, + 'center' => true, + 'action' => getLink('account/lost'), +]); diff --git a/system/pages/account/lost/recovery-key/step-1.php b/system/pages/account/lost/recovery-key/step-1.php new file mode 100644 index 00000000..6ced04fc --- /dev/null +++ b/system/pages/account/lost/recovery-key/step-1.php @@ -0,0 +1,38 @@ +isLoaded()) { + $account_key = $account->getCustomField('key'); + + if(!empty($account_key)) { + $twig->display('account/lost/recovery-key.step-1.html.twig', [ + 'nick' => $nick, + 'key' => $key, + ]); + } + else { + $errors[] = 'Account of this character has no recovery key!'; + } +} +else { + $errors[] = "Player or account of player " . escapeHtml($nick) . " doesn't exist."; +} + +if (!empty($errors)) { + $twig->display('error_box.html.twig', [ + 'errors' => $errors, + ]); +} + +$twig->display('account.back_button.html.twig', [ + 'new_line' => true, + 'center' => true, + 'action' => getLink('account/lost'), +]); diff --git a/system/pages/account/lost/recovery-key/step-2.php b/system/pages/account/lost/recovery-key/step-2.php new file mode 100644 index 00000000..347e9612 --- /dev/null +++ b/system/pages/account/lost/recovery-key/step-2.php @@ -0,0 +1,49 @@ +find($nick); +if($player->isLoaded()) { + $account = $player->getAccount(); +} + +if($account->isLoaded()) { + $accountKey = $account->getCustomField('key'); + if(!empty($accountKey)) { + if($accountKey == $key) { + $twig->display('account/lost/recovery-key.step-2.html.twig', [ + 'nick' => $nick, + 'key' => $key, + ]); + } + else { + $errors[] = 'Wrong recovery key!'; + } + } + else { + $errors[] = 'Account of this character has no recovery key!'; + } +} +else { + $errors[] = "Player or account of player " . escapeHtml($nick) . " doesn't exist."; +} + +if (!empty($errors)) { + $twig->display('error_box.html.twig', [ + 'errors' => $errors, + ]); +} + +$twig->display('account.back_button.html.twig', [ + 'new_line' => true, + 'center' => true, + 'action' => getLink('account/lost/step-1') . '?action=recovery-key&nick=' . urlencode($nick) . '&key=' . urlencode($key), +]); diff --git a/system/pages/account/lost/recovery-key/step-3.php b/system/pages/account/lost/recovery-key/step-3.php new file mode 100644 index 00000000..ddf8bdff --- /dev/null +++ b/system/pages/account/lost/recovery-key/step-3.php @@ -0,0 +1,117 @@ +find($nick); +if($player->isLoaded()) { + $account = $player->getAccount(); +} + +if($account->isLoaded()) { + $accountKey = $account->getCustomField('key'); + + if(!empty($accountKey)) { + if($accountKey == $key) { + if(Validator::password($newPassword)) { + if ($newPassword == $passwordRepeat) { + if (Validator::email($newEmail)) { + $emailExists = AccountModel::where('email', $newEmail)->count() > 0; + if (!$emailExists) { + + $hooks->trigger(HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_3_POST); + + if (empty($errors)) { + $account->setEMail($newEmail); + + $tmp_new_pass = $newPassword; + if (USE_ACCOUNT_SALT) { + $salt = generateRandomString(10, false, true, true); + $tmp_new_pass = $salt . $newPassword; + } + + $account->setPassword(encrypt($tmp_new_pass)); + $account->save(); + + if (USE_ACCOUNT_SALT) { + $account->setCustomField('salt', $salt); + } + + $statusMsg = ''; + if ($account->getCustomField('email_next') < time()) { + $mailBody = $twig->render('mail.account.lost.new-email.html.twig', [ + 'account' => $account, + 'newPassword' => $newPassword, + 'newEmail' => $newEmail, + ]); + + if (_mail($account->getCustomField('email'), configLua('serverName') . ' - New password to your account', $mailBody)) { + $statusMsg = '
Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!'; + } else { + $statusMsg = '

An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log

'; + } + } else { + $statusMsg = '
You will not receive e-mail with this informations.'; + } + + $twig->display('account/lost/finish.new-email.html.twig', [ + 'statusMsg' => $statusMsg, + 'account' => $account, + 'newPassword' => $newPassword, + 'newEmail' => $newEmail, + ]); + + return; + } + } + else { + $errors[] = 'This email is already registered!'; + } + } else { + $errors[] = Validator::getLastError(); + } + } + else { + $errors[] = 'Passwords are not the same!'; + } + } + else { + $errors[] = Validator::getLastError(); + } + } + else { + $errors[] = 'Wrong recovery key!'; + } + } + else { + $errors[] = 'Account of this character has no recovery key!'; + } +} +else { + $errors[] = "Player or account of player " . escapeHtml($nick) . " doesn't exist."; +} + +if (!empty($errors)) { + $twig->display('error_box.html.twig', [ + 'errors' => $errors, + ]); +} + +$twig->display('account.back_button.html.twig', [ + 'new_line' => true, + 'center' => true, + 'action' => getLink('account/lost/recovery-key/step-2') . '?nick=' . urlencode($nick) . '&key=' . urlencode($key), +]); diff --git a/system/pages/account/lost/step-1.php b/system/pages/account/lost/step-1.php new file mode 100644 index 00000000..5a7db7fe --- /dev/null +++ b/system/pages/account/lost/step-1.php @@ -0,0 +1,26 @@ +find($nick); +if($player->isLoaded()) { + $account = $player->getAccount(); +} + +if (ACTION == 'email') { + require __DIR__ . '/email/step-1.php'; +} +else if (ACTION == 'recovery-key') { + require __DIR__ . '/recovery-key/step-1.php'; +} +else { + $twig->display('account/lost/no-action.html.twig'); +} + diff --git a/system/src/global.php b/system/src/global.php index a5701f00..8206945a 100644 --- a/system/src/global.php +++ b/system/src/global.php @@ -69,6 +69,14 @@ define('HOOK_ACCOUNT_LOGIN_AFTER_PASSWORD', ++$i); define('HOOK_ACCOUNT_LOGIN_AFTER_REMEMBER_ME', ++$i); define('HOOK_ACCOUNT_LOGIN_AFTER_PAGE', ++$i); define('HOOK_ACCOUNT_LOGIN_POST', ++$i); +define('HOOK_ACCOUNT_LOST_CHECK_CODE_FINISH_AFTER_PASSWORD', ++$i); +define('HOOK_ACCOUNT_LOST_CHECK_CODE_FINISH_AFTER_PASSWORD_REPEAT', ++$i); +define('HOOK_ACCOUNT_LOST_EMAIL_SET_NEW_PASSWORD_POST', ++$i); +define('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_2_AFTER_CHARACTER', ++$i); +define('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_2_AFTER_EMAIL', ++$i); +define('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_2_AFTER_PASSWORD', ++$i); +define('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_2_AFTER_PASSWORD_REPEAT', ++$i); +define('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_3_POST', ++$i); define('HOOK_ACCOUNT_CREATE_CHARACTER_AFTER', ++$i); define('HOOK_ACCOUNT_CREATE_CHARACTER_BEFORE_FIRST_TABLE', ++$i); define('HOOK_ACCOUNT_CREATE_CHARACTER_BEFORE_VOCATIONS', ++$i); diff --git a/system/templates/account.back_button.html.twig b/system/templates/account.back_button.html.twig index e2d784ca..90d92aa3 100644 --- a/system/templates/account.back_button.html.twig +++ b/system/templates/account.back_button.html.twig @@ -1,7 +1,26 @@ {% if new_line is defined and new_line %}
{% endif %} -
- {{ csrf() }} - {{ include('buttons.back.html.twig') }} -
+ +{% set _center = false %} + +{% if center is defined and center %} +{% set _center = true %} +{% endif %} + +{% if _center %} + + + + + + +
+{% endif %} +
+ {{ csrf() }} + {{ include('buttons.back.html.twig') }} +
+{% if _center %} +
+{% endif %} diff --git a/system/templates/account.lost.form.html.twig b/system/templates/account.lost.form.html.twig deleted file mode 100644 index fd3c1312..00000000 --- a/system/templates/account.lost.form.html.twig +++ /dev/null @@ -1,36 +0,0 @@ -The Lost Account Interface can help you to get back your account name and password. Please enter your character name and select what you want to do.
-
- {{ csrf() }} - - - - - - - - -
Please enter your character name
-
-
- - - - - - - -
What do you want?
- -
- -
-
-
- - - - -
- {{ include('buttons.submit.html.twig') }} -
-
diff --git a/system/templates/account.lost.noaction.html.twig b/system/templates/account.lost.noaction.html.twig deleted file mode 100644 index c74ca45b..00000000 --- a/system/templates/account.lost.noaction.html.twig +++ /dev/null @@ -1,10 +0,0 @@ -Please select action.
- - - - -
- - {{ include('buttons.back.html.twig') }} - -
\ No newline at end of file diff --git a/system/templates/account/lost/check-code.finish.html.twig b/system/templates/account/lost/check-code.finish.html.twig new file mode 100644 index 00000000..51ff2e4e --- /dev/null +++ b/system/templates/account/lost/check-code.finish.html.twig @@ -0,0 +1,56 @@ +Please enter new password to your account and repeat to make sure you remember password.
+
+ + {{ csrf() }} + + + + + + + + + + + + + + + + + + +
Passwords
+ + + + + + {{ hook('HOOK_ACCOUNT_LOST_CHECK_CODE_FINISH_AFTER_PASSWORD') }} + + + + + {{ hook('HOOK_ACCOUNT_LOST_CHECK_CODE_FINISH_AFTER_PASSWORD_REPEAT') }} +
+ + + +
+ + + +
+
+
+ + + + +
+
+ {% set button_name = 'Submit' %} + {% include('buttons.base.html.twig') %} +
+
+
diff --git a/system/templates/account/lost/check-code.html.twig b/system/templates/account/lost/check-code.html.twig new file mode 100644 index 00000000..e394ecbb --- /dev/null +++ b/system/templates/account/lost/check-code.html.twig @@ -0,0 +1,33 @@ +Please enter code from e-mail and name of one character from account. Then press Submit.
+
+ + {{ csrf() }} + + + + + + + + + + + + + +
+ Code & character name +
+ Your code: 
+ Character: 
+
+
+ + + + +
+ {% set button_name = 'Submit' %} + {% include('buttons.base.html.twig') %} +
+
diff --git a/system/templates/account/lost/email.html.twig b/system/templates/account/lost/email.html.twig new file mode 100644 index 00000000..4f43efea --- /dev/null +++ b/system/templates/account/lost/email.html.twig @@ -0,0 +1,54 @@ +Please enter e-mail to account with this character.
+
+ + {{ csrf() }} + + + + + + + + + + + + + + + + +
Please enter e-mail to account
+ + + + + + + + + + +
+ + + +
+ + + +
+ +
+
+ + + + +
+
+ {% set button_name = 'Submit' %} + {% include('buttons.base.html.twig') %} +
+
+
diff --git a/system/templates/account/lost/finish.new-email.html.twig b/system/templates/account/lost/finish.new-email.html.twig new file mode 100644 index 00000000..e4a5f1ee --- /dev/null +++ b/system/templates/account/lost/finish.new-email.html.twig @@ -0,0 +1,58 @@ +Your account name, new password and new e-mail.
+ + + + + + + + + + + + + + +
+ Your account name, new password and new e-mail +
+ + + + + + + + + + + + + + +
+ Account name: + + {{ account.getName() }} +
+ New password: + + {{ newPassword }} +
+ New e-mail address: + + {{ newEmail }} +
+ + {{ statusMsg|raw }} +
+
+ + + + +
+
+ {{ include('buttons.login.html.twig') }} +
+
diff --git a/system/templates/account/lost/finish.new-password.html.twig b/system/templates/account/lost/finish.new-password.html.twig new file mode 100644 index 00000000..2f7c2134 --- /dev/null +++ b/system/templates/account/lost/finish.new-password.html.twig @@ -0,0 +1,30 @@ +New password to your account is below. Now you can log in.
+ + + + + + + + + + + + + +
Changed password
+ New password: {{ newPassword }}
+ Account name:   (Already on your e-mail)
+ {{ statusMsg|raw }} +
+
+ + + + +
+
+ {% set button_name = 'Login' %} + {% include('buttons.base.html.twig') %} +
+
diff --git a/system/templates/account/lost/form.html.twig b/system/templates/account/lost/form.html.twig new file mode 100644 index 00000000..7eafa047 --- /dev/null +++ b/system/templates/account/lost/form.html.twig @@ -0,0 +1,43 @@ +The Lost Account Interface can help you to get back your account name and password. Please enter your character name and select what you want to do.
+
+ + {{ csrf() }} + + + + + + + + + + + + + +
Please enter your character name
+
+
+ + + + + + + +
What do you want?
+ +
+ +
+
+
+ + + + +
+ {% set button_name = 'Submit' %} + {% include('buttons.base.html.twig') %} +
+
diff --git a/system/templates/account/lost/no-action.html.twig b/system/templates/account/lost/no-action.html.twig new file mode 100644 index 00000000..84b97e82 --- /dev/null +++ b/system/templates/account/lost/no-action.html.twig @@ -0,0 +1,10 @@ +Please select action.
+ + + + +
+ + {{ include('buttons.back.html.twig') }} + +
diff --git a/system/templates/account/lost/recovery-key.step-1.html.twig b/system/templates/account/lost/recovery-key.step-1.html.twig new file mode 100644 index 00000000..fc05c2bd --- /dev/null +++ b/system/templates/account/lost/recovery-key.step-1.html.twig @@ -0,0 +1,57 @@ +If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.
+
+ + {{ csrf() }} + + + + + + + + + + + + + + + +
+ Please enter your recovery key +
+ + + + + + + + + +
+ + + +
+ + + +
+
+
+ + + + +
+
+ {% set button_name = 'Submit' %} + {% include('buttons.base.html.twig') %} +
+
+
diff --git a/system/templates/account/lost/recovery-key.step-2.html.twig b/system/templates/account/lost/recovery-key.step-2.html.twig new file mode 100644 index 00000000..d3732b28 --- /dev/null +++ b/system/templates/account/lost/recovery-key.step-2.html.twig @@ -0,0 +1,90 @@ +Set new password and e-mail to your account.
+
+ + {{ csrf() }} + + + + + + + + + + + + + + + + + +
+ Please enter new password and e-mail +
+ + + + + + + + {{ hook('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_2_AFTER_CHARACTER') }} + + + + + + + {{ hook('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_2_AFTER_PASSWORD') }} + + + + + + + {{ hook('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_2_AFTER_PASSWORD_REPEAT') }} + + + + + + + {{ hook('HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_2_AFTER_EMAIL') }} +
+ + + +
+ + + +
+ + + +
+ + + +
+ +
+
+ + + + +
+ {% set button_name = 'Submit' %} + {% include('buttons.base.html.twig') %} +
+
diff --git a/system/templates/mail.account.lost.code.html.twig b/system/templates/mail.account.lost.code.html.twig new file mode 100644 index 00000000..fa476405 --- /dev/null +++ b/system/templates/mail.account.lost.code.html.twig @@ -0,0 +1,10 @@ +You asked to reset your {{ config('lua')['serverName'] }} password.
+

Account name: {{ account.getName() }}

+
+To do so, please click this link: +

+ {{ getLink('account/lost/check-code') }}?code={{ newCode }}&character={{ nick|urlencode }} +

+

or open page: {{ getLink('account/lost/check-code') }} and in field "code" write {{ newCode }}

+
+

If you did not request a password change, you may ignore this message and your password will remain unchanged. diff --git a/system/templates/mail.account.lost.new-email.html.twig b/system/templates/mail.account.lost.new-email.html.twig new file mode 100644 index 00000000..bbf901f0 --- /dev/null +++ b/system/templates/mail.account.lost.new-email.html.twig @@ -0,0 +1,7 @@ +

Your account name and new password!

+

Changed password and e-mail to your account in Lost Account Interface on server {{ config('lua')['serverName'] }}

+

Account name: {{ account.getName() }}

+

New password: {{ newPassword }}

+

E-mail: {{ newEmail }} (this e-mail)

+
+

It's automatic e-mail from OTS Lost Account System. Do not reply!

diff --git a/system/templates/mail.account.lost.new-password.html.twig b/system/templates/mail.account.lost.new-password.html.twig new file mode 100644 index 00000000..bffb9ca5 --- /dev/null +++ b/system/templates/mail.account.lost.new-password.html.twig @@ -0,0 +1,6 @@ +

Your account name and password!

+

Changed password to your account in Lost Account Interface on server {{ config('lua')['serverName'] }}

+

Account name: {{ account.getName() }}

+

New password: {{ newPassword }}

+
+

It's automatic e-mail from OTS Lost Account System. Do not reply!