From 950d4e1da498b7c928b5f6e1cbcca8e57ddecb0c Mon Sep 17 00:00:00 2001
From: Bart Visscher <bartv@thisnet.nl>
Date: Sun, 25 Sep 2011 23:33:22 +0200
Subject: [PATCH] Move lostpassword code to own app

---
 core/templates/login.php                      |  2 +-
 index.php                                     | 32 -------------------
 lostpassword/index.php                        | 25 +++++++++++++++
 lostpassword/resetpassword.php                | 27 ++++++++++++++++
 .../templates/lostpassword.php                |  4 +--
 .../templates/resetpassword.php               |  2 +-
 6 files changed, 56 insertions(+), 36 deletions(-)
 create mode 100644 lostpassword/index.php
 create mode 100644 lostpassword/resetpassword.php
 rename {core => lostpassword}/templates/lostpassword.php (90%)
 rename {core => lostpassword}/templates/resetpassword.php (79%)

diff --git a/core/templates/login.php b/core/templates/login.php
index 717f6bcabd..c8a86d71a9 100644
--- a/core/templates/login.php
+++ b/core/templates/login.php
@@ -1,7 +1,7 @@
 <form action="index.php" method="post">
 	<fieldset>
 		<?php if($_['error']): ?>
-			<a href="index.php?lostpassword"><?php echo $l->t('Lost your password?'); ?></a>
+			<a href="lostpassword/index.php"><?php echo $l->t('Lost your password?'); ?></a>
 		<?php endif; ?>
 		<?php if(empty($_["username"])): ?>
 			<input type="text" name="user" id="user" placeholder="Username" value="" autocomplete="off" required autofocus />
diff --git a/index.php b/index.php
index bb1e370d24..0db8ad126c 100644
--- a/index.php
+++ b/index.php
@@ -87,38 +87,6 @@ elseif(isset($_POST["user"]) && isset($_POST['password'])) {
 	}
 }
 
-// Someone lost their password:
-elseif(isset($_GET['lostpassword'])) {
-	OC_App::loadApps();
-	if (isset($_POST['user'])) {
-		if (OC_User::userExists($_POST['user'])) {
-			$token = sha1($_POST['user']+uniqId());
-			OC_Preferences::setValue($_POST['user'], "owncloud", "lostpassword", $token);
-			// TODO send email with link+token
-			OC_Template::printGuestPage("", "lostpassword", array("error" => false, "requested" => true));
-		} else {
-			OC_Template::printGuestPage("", "lostpassword", array("error" => true, "requested" => false));
-		}
-	} else {
-		OC_Template::printGuestPage("", "lostpassword", array("error" => false, "requested" => false));
-	}
-}
-
-// Someone wants to reset their password:
-elseif(isset($_GET['resetpassword']) && isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], "owncloud", "lostpassword") === $_GET['token']) {
-	OC_App::loadApps();
-	if (isset($_POST['password'])) {
-		if (OC_User::setPassword($_GET['user'], $_POST['password'])) {
-			OC_Preferences::deleteKey($_GET['user'], "owncloud", "lostpassword");
-			OC_Template::printGuestPage("", "resetpassword", array("success" => true));
-		} else {
-			OC_Template::printGuestPage("", "resetpassword", array("success" => false));
-		}
-	} else {
-		OC_Template::printGuestPage("", "resetpassword", array("success" => false));
-	}
-}
-
 // For all others cases, we display the guest page :
 else {
 	OC_App::loadApps();
diff --git a/lostpassword/index.php b/lostpassword/index.php
new file mode 100644
index 0000000000..0c078343a8
--- /dev/null
+++ b/lostpassword/index.php
@@ -0,0 +1,25 @@
+<?php
+/**
+ * Copyright (c) 2010 Frank Karlitschek karlitschek@kde.org
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+*/
+
+$RUNTIME_NOAPPS = TRUE; //no apps
+require_once('../lib/base.php');
+
+// Someone lost their password:
+if (isset($_POST['user'])) {
+	if (OC_User::userExists($_POST['user'])) {
+		$token = sha1($_POST['user']+uniqId());
+		OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
+		// TODO send email with link+token
+		$link = OC_Helper::linkTo('lostpassword', 'resetpassword.php', null, true).'?user='.$_POST['user'].'&token='.$token;
+		OC_Template::printGuestPage('lostpassword', 'lostpassword', array('error' => false, 'requested' => true));
+	} else {
+		OC_Template::printGuestPage('lostpassword', 'lostpassword', array('error' => true, 'requested' => false));
+	}
+} else {
+	OC_Template::printGuestPage('lostpassword', 'lostpassword', array('error' => false, 'requested' => false));
+}
diff --git a/lostpassword/resetpassword.php b/lostpassword/resetpassword.php
new file mode 100644
index 0000000000..1a6a74e5ff
--- /dev/null
+++ b/lostpassword/resetpassword.php
@@ -0,0 +1,27 @@
+<?php
+/**
+ * Copyright (c) 2010 Frank Karlitschek karlitschek@kde.org
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+*/
+
+$RUNTIME_NOAPPS = TRUE; //no apps
+require_once('../lib/base.php');
+
+// Someone wants to reset their password:
+if(isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], 'owncloud', 'lostpassword') === $_GET['token']) {
+	if (isset($_POST['password'])) {
+		if (OC_User::setPassword($_GET['user'], $_POST['password'])) {
+			OC_Preferences::deleteKey($_GET['user'], 'owncloud', 'lostpassword');
+			OC_Template::printGuestPage('lostpassword', 'resetpassword', array('success' => true));
+		} else {
+			OC_Template::printGuestPage('lostpassword', 'resetpassword', array('success' => false));
+		}
+	} else {
+		OC_Template::printGuestPage('lostpassword', 'resetpassword', array('success' => false));
+	}
+} else {
+	// Someone lost their password
+	OC_Template::printGuestPage('lostpassword', 'lostpassword', array('error' => false, 'requested' => false));
+}
diff --git a/core/templates/lostpassword.php b/lostpassword/templates/lostpassword.php
similarity index 90%
rename from core/templates/lostpassword.php
rename to lostpassword/templates/lostpassword.php
index 67e34164d0..1c95e0be49 100644
--- a/core/templates/lostpassword.php
+++ b/lostpassword/templates/lostpassword.php
@@ -1,4 +1,4 @@
-<form action="index.php?lostpassword" method="post">
+<form action="index.php" method="post">
 	<fieldset>
 		<?php echo $l->t('You will receive a link to reset your password via Email.'); ?>
 		<?php if ($_['requested']): ?>
@@ -11,4 +11,4 @@
 			<input type="submit" id="submit" value="<?php echo $l->t('Request reset'); ?>" />
 		<?php endif; ?>
 	</fieldset>
-</form>
\ No newline at end of file
+</form>
diff --git a/core/templates/resetpassword.php b/lostpassword/templates/resetpassword.php
similarity index 79%
rename from core/templates/resetpassword.php
rename to lostpassword/templates/resetpassword.php
index 2f43a93cfb..888d98e8bd 100644
--- a/core/templates/resetpassword.php
+++ b/lostpassword/templates/resetpassword.php
@@ -1,4 +1,4 @@
-<form action="<?php echo 'index.php?'.$_SERVER['QUERY_STRING']; ?>" method="post">
+<form action="<?php echo 'resetpassword.php?'.$_SERVER['QUERY_STRING']; ?>" method="post">
 	<fieldset>
 		<?php if($_['success']): ?>
 			<?php echo $l->t('Your password was reset'); ?>
-- 
GitLab