/
aLogonPwd.xxm
48 lines (44 loc) · 1.47 KB
/
aLogonPwd.xxm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
[[@txDefs,txSession,DataLank,xxmString,]][[!var
id,id1:integer;
qr:TQueryResult;
sc:TStringContext;
s:string;
]][[
Session.LogonAttemptCheck;
id:=Context['id'].AsInteger;
id1:=0;
if id=0 then
begin
qr:=TQueryResult.Create(Session.DbCon,'SELECT * FROM Usr INNER JOIN Obj ON Obj.id=Usr.uid WHERE Usr.email=? AND suspended IS NULL',[Context['email'].Value]);
if qr.GetStr('auth')='anonymous' then
raise Exception.Create('Resetting password on anonymous user not allowed');
s:='New';
end
else
begin
qr:=TQueryResult.Create(Session.DbCon,'SELECT * FROM Usr INNER JOIN Obj ON Obj.id=Usr.uid WHERE Usr.id=? AND suspended IS NULL',[id]);
s:='Reset';
end;
try
if not qr.EOF then
begin
id1:=qr.GetInt('id');
sc:=TStringContext.Create(Context,Self);
try
sc.AutoEncoding:=aeIso8859;
sc.Include('LogonMail_'+s+'.xxmi',[id1,qr.GetStr('login'),qr.GetStr('name'),qr.GetStr('email')],[]);
sc.SaveToFile(EmailPickupFolder+'\txLogonPwd_'+FormatDateTime('yyyymmddhhnnss',Now)+'.eml');
finally
sc.Free;
end;
end;
finally
qr.Free;
end;
if id=0 then //reset pwd
Session.DbCon.Execute('UPDATE Usr SET pwd=''?''||pwd WHERE id=?',[id1]);
Context.Include('dHead.xxmi',['Account Password']);
//security: report success in any case to avoid abuse of the remember password feature
<<h3>User password reset e-mail</h3>
<p>If you entered a correct e-mail address, an e-mail with instructions how to reset your password is sent.</p>>
Context.Include('dFoot.xxmi');