Почетна Преглед Помоћ
Пријавите се
fusionpbx
/
fusionpbx-framework
огледало од https://github.com/fusionpbx/fusionpbx-framework.git
2
0
Креирај огранак 0
Датотеке Дискусије 0 Вики
Преглед изворни кода

Login (Default): Password Reset functionality (requires PHP mcrypt library, Enhanced & Minimized themes only, enable in Default Settings).

Nate Jones пре 10 година
родитељ
1d940d03c6
комит
25c12d9e5d
6 измењених фајлова са 457 додато и 30 уклоњено
Подељен поглед Покажи статистику Diff
  1. 42 0
      core/user_settings/app_defaults.php
  2. 55 0
      core/user_settings/app_languages.php
  3. 154 0
      resources/functions.php
  4. 170 18
      resources/login.php
  5. 21 6
      themes/enhanced/template.php
  6. 15 6
      themes/minimized/template.php

+ 42 - 0
core/user_settings/app_defaults.php
Прегледај датотеку 

@@ -0,0 +1,42 @@
 
+<?php

+

+if ($domains_processed == 1) {

+

+	//define array of settings

+		$x = 0;

+		$array[$x]['default_setting_category'] = 'login';

+		$array[$x]['default_setting_subcategory'] = 'password_reset_key';

+		$array[$x]['default_setting_name'] = 'text';

+		$array[$x]['default_setting_value'] = generate_password('20', '4');

+		$array[$x]['default_setting_enabled'] = 'false';

+		$array[$x]['default_setting_description'] = 'Reset Password link visible on login page when populated and enabled.';

+		$x++;

+

+	//iterate and add each, if necessary

+		foreach ($array as $index => $default_settings) {

+

+		//add theme default settings

+			$sql = "select count(*) as num_rows from v_default_settings ";

+			$sql .= "where default_setting_category = '".$default_settings['default_setting_category']."' ";

+			$sql .= "and default_setting_subcategory = '".$default_settings['default_setting_subcategory']."' ";

+			$sql .= "and default_setting_name = '".$default_settings['default_setting_name']."' ";

+			$prep_statement = $db->prepare($sql);

+			if ($prep_statement) {

+				$prep_statement->execute();

+				$row = $prep_statement->fetch(PDO::FETCH_ASSOC);

+				unset($prep_statement);

+				if ($row['num_rows'] == 0) {

+					$orm = new orm;

+					$orm->name('default_settings');

+					$orm->save($array[$index]);

+					$message = $orm->message;

+					//print_r($message);

+				}

+				unset($row);

+			}

+

+		}

+

+}

+

+?>

+ 55 - 0
core/user_settings/app_languages.php
Прегледај датотеку 

@@ -55,16 +55,71 @@
 
 	$text['label-domain']['pt-pt'] = "Domínio";
 
 	$text['label-domain']['fr-fr'] = "Domaine";
 
 
+	$text['label-reset_password']['en-us'] = "Reset Password";
 
+	$text['label-reset_password']['es-cl'] = "Restablecer contraseña";
 
+	$text['label-reset_password']['pt-pt'] = "Reset Password";
 
+	$text['label-reset_password']['fr-fr'] = "Réinitialiser mot de passe";
 
+
 
+	$text['message-password_reset']['en-us'] = "Password Reset";
 
+	$text['message-password_reset']['es-cl'] = "Restablecer Contraseña";
 
+	$text['message-password_reset']['pt-pt'] = "Password Reset";
 
+	$text['message-password_reset']['fr-fr'] = "Réinitialiser votre mot de passe";
 
+
 
+	$text['label-email_address']['en-us'] = "Email Address";
 
+	$text['label-email_address']['es-cl'] = "Dirección de Correo Electrónico";
 
+	$text['label-email_address']['pt-pt'] = "Endereço de Email";
 
+	$text['label-email_address']['fr-fr'] = "Adresse E-mail";
 
+
 
 	$text['button-login']['en-us'] = "Login";
 
 	$text['button-login']['es-cl'] = "Ingresar";
 
 	$text['button-login']['pt-pt'] = "Iniciar Sessão";
 
 	$text['button-login']['fr-fr'] = "connexion";
 
 
+	$text['button-reset']['en-us'] = "Reset";
 
+	$text['button-reset']['es-cl'] = "Reajustar";
 
+	$text['button-reset']['pt-pt'] = "Restabelecer";
 
+	$text['button-reset']['fr-fr'] = "Remettre";
 
+
 
+	$text['label-cancel']['en-us'] = "Cancel";
 
+	$text['label-cancel']['es-cl'] = "Cancelar";
 
+	$text['label-cancel']['pt-pt'] = "Cancelar";
 
+	$text['label-cancel']['fr-fr'] = "Annuler";
 
+
 
+	$text['message-invalid_email']['en-us'] = "Invalid Email Address";
 
+	$text['message-invalid_email']['es-cl'] = "Dirección no válida de correo electrónico";
 
+	$text['message-invalid_email']['pt-pt'] = "Endereço inválido Email";
 
+	$text['message-invalid_email']['fr-fr'] = "Adresse email invalide";
 
+
 
+	$text['message-reset_link_sent']['en-us'] = "Password Reset Link Sent";
 
+	$text['message-reset_link_sent']['es-cl'] = "Restablecer Contraseña de Conexión Enviados";
 
+	$text['message-reset_link_sent']['pt-pt'] = "Password Reset Link Enviado";
 
+	$text['message-reset_link_sent']['fr-fr'] = "Password Reset Lien Envoyé";
 
+
 
+	$text['label-reset_link']['en-us'] = "Password Reset Link";
 
+	$text['label-reset_link']['es-cl'] = "Password Reset Enlace";
 
+	$text['label-reset_link']['pt-pt'] = "Password Reset Link";
 
+	$text['label-reset_link']['fr-fr'] = "Password Reset Lien";
 
+
 
 	$text['label-confirm-password']['en-us'] = "Confirm Password";
 
 	$text['label-confirm-password']['es-cl'] = "Confirmar Contraseña";
 
 	$text['label-confirm-password']['pt-pt'] = "Confirmar Palavra-Passe";
 
 	$text['label-confirm-password']['fr-fr'] = "Confirmation du mot de passe";
 
 
+	$text['label-new_password']['en-us'] = "New Password";
 
+	$text['label-new_password']['es-cl'] = "Nueva Contraseña";
 
+	$text['label-new_password']['pt-pt'] = "Nova Senha";
 
+	$text['label-new_password']['fr-fr'] = "Nouveau Mot de Passe";
 
+
 
+	$text['label-repeat_password']['en-us'] = "Repeat Password";
 
+	$text['label-repeat_password']['es-cl'] = "Repita la Contraseña";
 
+	$text['label-repeat_password']['pt-pt'] = "Repita a Senha";
 
+	$text['label-repeat_password']['fr-fr'] = "Répéter le Mot de Passe";
 
+
 
+	$text['message-invalid_username_mismatch_passwords']['en-us'] = "Invalid Username and/or Mismatched Passwords";
 
+	$text['message-invalid_username_mismatch_passwords']['es-cl'] = "Nombre de usuario válido y/o contraseñas no coincidentes";
 
+	$text['message-invalid_username_mismatch_passwords']['pt-pt'] = "Nome de usuário inválido e/ou palavras-passe não correspondentes";
 
+	$text['message-invalid_username_mismatch_passwords']['fr-fr'] = "Nom d'utilisateur valide et/ou mots de passe Mismatched";
 
+
 
 	$text['label-extension']['en-us'] = "Extension";
 
 	$text['label-extension']['es-cl'] = "Extensión";
 
 	$text['label-extension']['pt-pt'] = "Extensão";

+ 154 - 0
resources/functions.php
Прегледај датотеку 

@@ -1080,4 +1080,158 @@ function number_pad($number,$n) {
 
 			}
 
 		}
 
 	}
 
+
 
+//function to send email
 
+	if (!function_exists('send_email')) {
 
+		function send_email($eml_recipients, $eml_subject, $eml_body, &$eml_error = '', $eml_from_address = '', $eml_from_name = '', $eml_priority = 3) {
 
+			/*
 
+			RECIPIENTS NOTE:
 
+
 
+				Pass in a single email address...
 
+
 
+					[email protected]
 
+
 
+				Pass in a comma or semi-colon delimited string of e-mail addresses...
 
+
 
+					[email protected],[email protected],[email protected]
 
+					[email protected];[email protected];[email protected]
 
+
 
+				Pass in a simple array of email addresses...
 
+
 
+					Array (
 
+						[0] => [email protected]
 
+						[1] => [email protected]
 
+						[2] => [email protected]
 
+					)
 
+
 
+				Pass in a multi-dimentional array of addresses (delivery, address, name)...
 
+
 
+					Array (
 
+						[0] => Array (
 
+							[delivery] => to
 
+							[address] => [email protected]
 
+							[name] => user 1
 
+							)
 
+						[1] => Array (
 
+							[delivery] => cc
 
+							[address] => [email protected]
 
+							[name] => user 2
 
+							)
 
+						[2] => Array (
 
+							[delivery] => bcc
 
+							[address] => [email protected]
 
+							[name] => user 3
 
+							)
 
+					)
 
+
 
+
 
+			ERROR RESPONSE:
 
+
 
+				Error messages are stored in the variable passed into $eml_error BY REFERENCE
 
+
 
+			*/
 
+
 
+			include_once("resources/phpmailer/class.phpmailer.php");
 
+			include_once("resources/phpmailer/class.smtp.php");
 
+
 
+			$regexp = '/^[A-z0-9][\w.-]*@[A-z0-9][\w\-\.]+\.[A-z0-9]{2,6}$/';
 
+
 
+			$mail = new PHPMailer();
 
+			$mail -> IsSMTP();
 
+			$mail -> Host = $_SESSION['email']['smtp_host']['var'];
 
+			if ($_SESSION['email']['smtp_port']['var'] != '') {
 
+				$mail -> Port = $_SESSION['email']['smtp_port']['var'];
 
+			}
 
+			if ($_SESSION['email']['smtp_auth']['var'] == "true") {
 
+				$mail -> SMTPAuth = $_SESSION['email']['smtp_auth']['var'];
 
+			}
 
+			if ($_SESSION['email']['smtp_username']['var']) {
 
+				$mail -> Username = $_SESSION['email']['smtp_username']['var'];
 
+				$mail -> Password = $_SESSION['email']['smtp_password']['var'];
 
+			}
 
+			if ($_SESSION['email']['smtp_secure']['var'] == "none") {
 
+				$_SESSION['email']['smtp_secure']['var'] = '';
 
+			}
 
+			if ($_SESSION['email']['smtp_secure']['var'] != '') {
 
+				$mail -> SMTPSecure = $_SESSION['email']['smtp_secure']['var'];
 
+			}
 
+			$eml_from_address = ($eml_from_address != '') ? $eml_from_address : $_SESSION['email']['smtp_from']['var'];
 
+			$eml_from_name = ($eml_from_name != '') ? $eml_from_name : $_SESSION['email']['smtp_from_name']['var'];
 
+			$mail -> SetFrom($eml_from_address, $eml_from_name);
 
+			$mail -> AddReplyTo($eml_from_address, $eml_from_name);
 
+			$mail -> Subject = $eml_subject;
 
+			$mail -> MsgHTML($eml_body);
 
+			$mail -> Priority = $eml_priority;
 
+
 
+			$address_found = false;
 
+
 
+			if (!is_array($eml_recipients)) { // must be a single or delimited recipient address(s)
 
+				$eml_recipients = str_replace(' ', '', $eml_recipients);
 
+				if (substr_count(',', $eml_recipients)) { $delim = ','; }
 
+				if (substr_count(';', $eml_recipients)) { $delim = ';'; }
 
+				if ($delim) { $eml_recipients = explode($delim, $eml_recipients); } // delimiter found, convert to array of addresses
 
+			}
 
+
 
+			if (is_array($eml_recipients)) { // check if multiple recipients
 
+				foreach ($eml_recipients as $eml_recipient) {
 
+					if (is_array($eml_recipient)) { // check if each recipient has multiple fields
 
+						if ($eml_recipient["address"] != '' && preg_match($regexp, $eml_recipient["address"]) == 1) { // check if valid address
 
+							switch ($eml_recipient["delivery"]) {
 
+								case "cc" :		$mail -> AddCC($eml_recipient["address"], ($eml_recipient["name"]) ? $eml_recipient["name"] : $eml_recipient["address"]);			break;
 
+								case "bcc" :	$mail -> AddBCC($eml_recipient["address"], ($eml_recipient["name"]) ? $eml_recipient["name"] : $eml_recipient["address"]);			break;
 
+								default :		$mail -> AddAddress($eml_recipient["address"], ($eml_recipient["name"]) ? $eml_recipient["name"] : $eml_recipient["address"]);
 
+							}
 
+							$address_found = true;
 
+						}
 
+					}
 
+					else if ($eml_recipient != '' && preg_match($regexp, $eml_recipient) == 1) { // check if recipient value is simply (only) an address
 
+						$mail -> AddAddress($eml_recipient);
 
+						$address_found = true;
 
+					}
 
+				}
 
+
 
+				if (!$address_found) {
 
+					$eml_error = "No valid e-mail address provided.";
 
+					return false;
 
+				}
 
+
 
+			}
 
+			else { // just a single e-mail address found, not an array of addresses
 
+				if ($eml_recipients != '' && preg_match($regexp, $eml_recipients) == 1) { // check if email syntax is valid
 
+					$mail -> AddAddress($eml_recipients);
 
+				}
 
+				else {
 
+					$eml_error = "No valid e-mail address provided.";
 
+					return false;
 
+				}
 
+			}
 
+
 
+			if (!$mail -> Send()) {
 
+				$eml_error = $mail -> ErrorInfo;
 
+				return false;
 
+			}
 
+			else {
 
+				return true;
 
+			}
 
+
 
+			$mail	->	ClearAddresses();
 
+			$mail	->	SmtpClose();
 
+
 
+			unset($mail);
 
+		}
 
+	}
 
+
 
+//encrypt a string
 
+	if (!function_exists('encrypt')) {
 
+		function encrypt($key, $str_to_enc) {
 
+			return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $str_to_enc, MCRYPT_MODE_CBC, md5(md5($key))));
 
+		}
 
+	}
 
+
 
+//decrypt a string
 
+	if (!function_exists('decrypt')) {
 
+		function decrypt($key, $str_to_dec) {
 
+			return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($str_to_dec), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
 
+		}
 
+	}
 
 ?>

+ 170 - 18
resources/login.php
Прегледај датотеку 

@@ -30,6 +30,113 @@
 
 		$text[$key] = $value[$_SESSION['domain']['language']['code']];
 
 	}
 
 
+//get action, if any
 
+	if (isset($_REQUEST['action'])) {
 
+		$action = check_str($_REQUEST['action']);
 
+	}
 
+
 
+//retrieve parse reset key
 
+	if ($action == 'define') {
 
+		$key = $_GET['key'];
 
+		$key_part = explode('|', decrypt($_SESSION['login']['password_reset_key']['text'], $key));
 
+		$username = $key_part[0];
 
+		$domain_uuid = $key_part[1];
 
+		$password_submitted = $key_part[2];
 
+		//get current salt, see if same as submitted salt
 
+		$sql = "select password from v_users where domain_uuid = '".$domain_uuid."' and username = '".$username."'";
 
+		$prep_statement = $db->prepare(check_sql($sql));
 
+		$prep_statement->execute();
 
+		$result = $prep_statement->fetch(PDO::FETCH_NAMED);
 
+		$password_current = $result['password'];
 
+		unset($prep_statement, $result);
 
+
 
+		//set flag
 
+		$password_reset = ($username != '' && $domain_uuid == $_SESSION['domain_uuid'] && $password_submitted == $password_current) ? true : false;
 
+	}
 
+
 
+//send password reset link
 
+	if ($action == 'request') {
 
+		if (valid_email($_REQUEST['email'])) {
 
+			$_SESSION["message_delay"] = 2500;
 
+
 
+			$email = check_str($_REQUEST['email']);
 
+			//see if email exists
 
+			$sql = "select ";
 
+			$sql .= "u.username, ";
 
+			$sql .= "u.password ";
 
+			$sql .= "from ";
 
+			$sql .= "v_users as u, ";
 
+			$sql .= "v_contact_emails e ";
 
+			$sql .= "where ";
 
+			$sql .= "e.domain_uuid = u.domain_uuid ";
 
+			$sql .= "and e.contact_uuid = u.contact_uuid ";
 
+			$sql .= "and e.email_address = '".$email."' ";
 
+			$sql .= "and e.domain_uuid = '".$_SESSION['domain_uuid']."' ";
 
+			$prep_statement = $db->prepare(check_sql($sql));
 
+			$prep_statement->execute();
 
+			$result = $prep_statement->fetch(PDO::FETCH_NAMED);
 
+			unset($prep_statement);
 
+
 
+			if ($result['username'] != '') {
 
+				//generate reset link
 
+				$key = encrypt($_SESSION['login']['password_reset_key']['text'], $result['username'].'|'.$_SESSION['domain_uuid'].'|'.$result['password']);
 
+				$reset_link = "https://".$_SESSION['domain_name'].PROJECT_PATH."/login.php?action=define&key=".urlencode($key);
 
+				$eml_body = "<a href='".$reset_link."'>".$reset_link."</a>";
 
+				//send reset link
 
+				if (!send_email($email, $text['label-reset_link'], $eml_body)) {
 
+					$_SESSION["message_mood"] = 'negative';
 
+					$_SESSION["message"] = $eml_error;
 
+				}
 
+				else {
 
+					$_SESSION["message"] = $text['message-reset_link_sent'];
 
+				}
 
+			}
 
+			else {
 
+				//not found
 
+				$_SESSION["message_mood"] = 'negative';
 
+				$_SESSION["message"] = $text['message-invalid_email'];
 
+			}
 
+
 
+		}
 
+		else {
 
+			//not found
 
+			$_SESSION["message_mood"] = 'negative';
 
+			$_SESSION["message"] = $text['message-invalid_email'];
 
+		}
 
+	}
 
+
 
+//reset password
 
+	if ($action == 'reset') {
 
+		$authorized_username = check_str($_REQUEST['au']);
 
+		$username = check_str($_REQUEST['username']);
 
+		$password_new = check_str($_REQUEST['password_new']);
 
+		$password_repeat = check_str($_REQUEST['password_repeat']);
 
+
 
+		if ($username != '' &&
 
+			$authorized_username == md5($_SESSION['login']['password_reset_key']['text'].$username) &&
 
+			$password_new != '' &&
 
+			$password_repeat != '' &&
 
+			$password_new == $password_repeat
 
+			) {
 
+			$salt = generate_password('20', '4');
 
+			$sql  = "update v_users set ";
 
+			$sql .= "password = '".md5($salt.$password_new)."', ";
 
+			$sql .= "salt = '".$salt."' ";
 
+			$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
 
+			$sql .= "and username = '".$username."' ";
 
+			$db->exec(check_sql($sql));
 
+
 
+			$_SESSION["message"] = $text['message-password_reset'];
 
+			$password_reset = false;
 
+		}
 
+		else {
 
+			//not found
 
+			$_SESSION["message_mood"] = 'negative';
 
+			$_SESSION["message"] = $text['message-invalid_username_mismatch_passwords'];
 
+			$password_reset = true;
 
+		}
 
+	}
 
+
 
 //get the http values and set as variables
 
 	$path = check_str($_GET["path"]);
 
 	$msg = check_str($_GET["msg"]);
 
@@ -85,29 +192,74 @@
 
 	}
 
 
 //show the content
 
+	echo "<script>";
 
+	echo "	var speed = 350;";
 
+	echo "	function toggle_password_reset(hide_id, show_id, focus_id) {";
 
+	echo "		$('#'+hide_id).slideToggle(speed, function() {;";
 
+	echo "			$('#'+show_id).slideToggle(speed, function() {;";
 
+	echo "				$('#'+focus_id).focus();";
 
+	echo "			});";
 
+	echo "		});";
 
+	echo "	}";
 
+	echo "</script>";
 
+
 
 	echo "<br />\n";
 
-	echo "<form name='login' method='post' action='".$_SESSION['login']['destination']['url']."'>\n";
 
-	echo "<input type='hidden' name='path' value='".$path."'>\n";
 
-	echo "<input type='text' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='username' id='username' placeholder=\"".$text['label-username']."\"><br />\n";
 
-	echo "<input type='password' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='password' placeholder=\"".$text['label-password']."\"><br />\n";
 
-	if ($_SESSION['login']['domain_name.visible']['boolean'] == "true") {
 
-		if (count($_SESSION['login']['domain_name']) > 0) {
 
-			echo "<select style='width: 200px; margin-bottom: 8px;' class='formfld' name='domain_name'>\n";
 
-			echo "	<option value=''></option>\n";
 
-			foreach ($_SESSION['login']['domain_name'] as &$row) {
 
-				echo "	<option value='$row'>$row</option>\n";
 
+
 
+	if (!$password_reset) {
 
+
 
+		echo "<span id='login_form'>\n";
 
+		echo "<form name='login' method='post' action='".$_SESSION['login']['destination']['url']."'>\n";
 
+		echo "<input type='hidden' name='path' value='".$path."'>\n";
 
+		echo "<input type='text' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='username' id='username' placeholder=\"".$text['label-username']."\"><br />\n";
 
+		echo "<input type='password' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='password' placeholder=\"".$text['label-password']."\"><br />\n";
 
+		if ($_SESSION['login']['domain_name.visible']['boolean'] == "true") {
 
+			if (count($_SESSION['login']['domain_name']) > 0) {
 
+				echo "<select style='width: 200px; margin-bottom: 8px;' class='formfld' name='domain_name'>\n";
 
+				echo "	<option value=''></option>\n";
 
+				foreach ($_SESSION['login']['domain_name'] as &$row) {
 
+					echo "	<option value='$row'>$row</option>\n";
 
+				}
 
+				echo "</select>\n";
 
+				echo "<br />";
 
+			}
 
+			else {
 
+				echo "<input type='text' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='domain_name' placeholder=\"".$text['label-domain']."\"><br />\n";
 
 			}
 
-			echo "</select>\n";
 
-			echo "<br />";
 
 		}
 
-		else {
 
-			echo "<input type='text' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='domain_name' placeholder=\"".$text['label-domain']."\"><br />\n";
 
+		echo "<input type='submit' class='btn' style='width: 100px; margin-top: 15px;' value='".$text['button-login']."'>\n";
 
+		if ($_SESSION['login']['password_reset_key']['text'] != '' && function_exists('mcrypt_encrypt')) {
 
+			echo "<br><br><a class='login_box_link' onclick=\"toggle_password_reset('login_form','request_form','email');\">".$text['label-reset_password']."</a>";
 
 		}
 
+		echo "</form>";
 
+		echo "<script>document.getElementById('username').focus();</script>";
 
+		echo "</span>";
 
+
 
+		echo "<span id='request_form' style='display: none;'>\n";
 
+		echo "<form name='request' method='post' action=''>\n";
 
+		echo "<input type='hidden' name='action' value='request'>\n";
 
+		echo "<input type='text' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='email' id='email' placeholder=\"".$text['label-email_address']."\"><br />\n";
 
+		echo "<input type='submit' class='btn' style='width: 100px; margin-top: 15px;' value='".$text['button-reset']."'>\n";
 
+		echo "<br><br><a class='login_box_link' onclick=\"toggle_password_reset('request_form','login_form','username');\">".$text['label-cancel']."</a>";
 
+		echo "</form>";
 
+		echo "</span>";
 
+
 
+	}
 
+	else {
 
+
 
+		echo "<span id='reset_form'>\n";
 
+		echo "<form name='reset' method='post' action=''>\n";
 
+		echo "<input type='hidden' name='action' value='reset'>\n";
 
+		echo "<input type='hidden' name='au' value='".md5($_SESSION['login']['password_reset_key']['text'].$username)."'>\n";
 
+		echo "<input type='text' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='username' id='username' placeholder=\"".$text['label-username']."\"><br />\n";
 
+		echo "<input type='password' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='password_new' autocomplete='off' placeholder=\"".$text['label-new_password']."\"><br />\n";
 
+		echo "<input type='password' class='formfld' style='text-align: center; min-width: 200px; width: 200px; margin-bottom: 8px;' name='password_repeat' autocomplete='off' placeholder=\"".$text['label-repeat_password']."\"><br />\n";
 
+		echo "<input type='submit' class='btn' style='width: 100px; margin-top: 15px;' value='".$text['button-save']."'>\n";
 
+		echo "<br><br><a class='login_box_link' onclick=\"document.location.href='login.php';\">".$text['label-cancel']."</a>";
 
+		echo "</form>";
 
+		echo "<script>document.getElementById('username').focus();</script>";
 
+		echo "</span>";
 
+
 
 	}
 
-	echo "<br />";
 
-	echo "<input type='submit' class='btn' style='width: 100px; margin-top: 15px;' value='".$text['button-login']."'>\n";
 
-	echo "</form>";
 
-	echo "<script>document.getElementById('username').focus();</script>";
 
 
 //add the footer
 
 	$default_login = true;

+ 21 - 6
themes/enhanced/template.php
Прегледај датотеку 

@@ -120,6 +120,13 @@ if (
 
 	?>
 
 }
 
 
+A.login_box_link {
 
+	font-size: 11px;
 
+	text-shadow: 0 0 2px <?php echo ($_SESSION['theme']['login_background_color']['text'] != '') ? $_SESSION['theme']['login_background_color']['text'] : "#fff"; ?>;
 
+	cursor: pointer;
 
+	text-decoration: underline;
 
+}
 
+
 
 DIV#footer {
 
 	background-color: <?php echo $_SESSION['theme']['footer_background_color']['text']; ?>;
 
 	bottom: 0;
 
@@ -1038,7 +1045,7 @@ legend {
 
 </script>
 
 
 <script language="JavaScript" type="text/javascript">
 
-	function display_message(msg, mood) {
 
+	function display_message(msg, mood, delay = <?php echo (1000 * (float) $_SESSION['theme']['message_delay']['text']); ?>) {
 
 		mood = typeof mood !== 'undefined' ? mood : 'default';
 
 		if (msg != '') {
 
 			// insert temp div to get width w/o scroll bar
 
@@ -1053,8 +1060,8 @@ legend {
 
 			$("#message_text").html(msg);
 
 			$("#message_container").css({height: $("#message_text").css("height")});
 
 			$("#message_container").css({width: inner_width});
 
-			$("#message_text").animate({top: '+=200'}, 0).animate({opacity: 1}, "fast").delay(<?php echo (1000 * (float) $_SESSION['theme']['message_delay']['text']); ?>).animate({top: '-=200'}, 1000).animate({opacity: 0});
 
-			$("#message_container").animate({top: '+=200'}, 0).animate({opacity: <?php echo $_SESSION['theme']['message_opacity']['text']; ?>}, "fast").delay(<?php echo (1000 * (float) $_SESSION['theme']['message_delay']['text']); ?>).animate({top: '-=200'}, 1000).animate({opacity: 0}, function() {
 
+			$("#message_text").animate({top: '+=200'}, 0).animate({opacity: 1}, "fast").delay(delay).animate({top: '-=200'}, 1000).animate({opacity: 0});
 
+			$("#message_container").animate({top: '+=200'}, 0).animate({opacity: <?php echo $_SESSION['theme']['message_opacity']['text']; ?>}, "fast").delay(delay).animate({top: '-=200'}, 1000).animate({opacity: 0}, function() {
 
 				$("#message_container").removeClass('message_container_mood_'+mood);
 
 			});
 
 		}
 
@@ -1089,17 +1096,25 @@ legend {
 
 </head>
 
 
 <?php
 
+//add multi-lingual support
 
+	require_once "themes/minimized/app_languages.php";
 
+	foreach($text as $key => $value) {
 
+		$text[$key] = $value[$_SESSION['domain']['language']['code']];
 
+	}
 
+
 
 // set message_onload
 
 if (strlen($_SESSION['message']) > 0) {
 
 	$message_text = addslashes($_SESSION['message']);
 
 	$message_mood = $_SESSION['message_mood'];
 
+	$message_delay = $_SESSION['message_delay'];
 
 
 	$onload .= "display_message('".$message_text."'";
 
-	if ($message_mood != '') {
 
-		$onload .= ", '".$message_mood."'";
 
+	$onload .= ($message_mood != '') ? ", '".$message_mood."'" : ", 'default'";
 
+	if ($message_delay != '') {
 
+		$onload .= ", '".$message_delay."'";
 
 	}
 
 	$onload .= "); ";
 
-	unset($_SESSION['message'], $_SESSION['message_mood']);
 
+	unset($_SESSION['message'], $_SESSION['message_mood'], $_SESSION['message_delay']);
 
 }
 
 ?>

+ 15 - 6
themes/minimized/template.php
Прегледај датотеку 

@@ -120,6 +120,13 @@ if (
 
 	?>
 
 }
 
 
+A.login_box_link {
 
+	font-size: 11px;
 
+	text-shadow: 0 0 2px <?php echo ($_SESSION['theme']['login_background_color']['text'] != '') ? $_SESSION['theme']['login_background_color']['text'] : "#fff"; ?>;
 
+	cursor: pointer;
 
+	text-decoration: underline;
 
+}
 
+
 
 DIV#footer {
 
 	background-color: <?php echo $_SESSION['theme']['footer_background_color']['text']; ?>;
 
 	bottom: 0;
 
@@ -1052,7 +1059,7 @@ legend {
 
 </script>
 
 
 <script language="JavaScript" type="text/javascript">
 
-	function display_message(msg, mood) {
 
+	function display_message(msg, mood, delay = <?php echo (1000 * (float) $_SESSION['theme']['message_delay']['text']); ?>) {
 
 		mood = typeof mood !== 'undefined' ? mood : 'default';
 
 		if (msg != '') {
 
 			// insert temp div to get width w/o scroll bar
 
@@ -1067,8 +1074,8 @@ legend {
 
 			$("#message_text").html(msg);
 
 			$("#message_container").css({height: $("#message_text").css("height")});
 
 			$("#message_container").css({width: inner_width});
 
-			$("#message_text").show().animate({top: '+=80'}, 500).animate({opacity: 1}, 'fast').delay(<?php echo (1000 * (float) $_SESSION['theme']['message_delay']['text']); ?>).animate({top: '-=80'}, 1000).animate({opacity: 0});
 
-			$("#message_container").show().animate({top: '+=80'}, 500).animate({opacity: <?php echo $_SESSION['theme']['message_opacity']['text']; ?>}, 'fast').delay(<?php echo (1000 * (float) $_SESSION['theme']['message_delay']['text']); ?>).animate({top: '-=80'}, 1000).animate({opacity: 0}, function() {
 
+			$("#message_text").show().animate({top: '+=80'}, 500).animate({opacity: 1}, 'fast').delay(delay).animate({top: '-=80'}, 1000).animate({opacity: 0});
 
+			$("#message_container").show().animate({top: '+=80'}, 500).animate({opacity: <?php echo $_SESSION['theme']['message_opacity']['text']; ?>}, "fast").delay(delay).animate({top: '-=80'}, 1000).animate({opacity: 0}, function() {
 
 				$("#message_container").removeClass('message_container_mood_'+mood);
 
 			});
 
 		}
 
@@ -1113,13 +1120,15 @@ legend {
 
 	if (strlen($_SESSION['message']) > 0) {
 
 		$message_text = addslashes($_SESSION['message']);
 
 		$message_mood = $_SESSION['message_mood'];
 
+		$message_delay = $_SESSION['message_delay'];
 
 
 		$onload .= "display_message('".$message_text."'";
 
-		if ($message_mood != '') {
 
-			$onload .= ", '".$message_mood."'";
 
+		$onload .= ($message_mood != '') ? ", '".$message_mood."'" : ", 'default'";
 
+		if ($message_delay != '') {
 
+			$onload .= ", '".$message_delay."'";
 
 		}
 
 		$onload .= "); ";
 
-		unset($_SESSION['message'], $_SESSION['message_mood']);
 
+		unset($_SESSION['message'], $_SESSION['message_mood'], $_SESSION['message_delay']);
 
 	}
 
 ?>