dolibarr/htdocs/user/passwordforgotten.php

<?php
/* Copyright (C) 2007-2011	Laurent Destailleur	<eldy@users.sourceforge.net>
 * Copyright (C) 2008-2012	Regis Houssin		<regis.houssin@capnetworks.com>
 * Copyright (C) 2008-2011	Juanjo Menent		<jmenent@2byte.es>
 * Copyright (C) 2014       Teddy Andreotti    	<125155@supinfo.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

/**
 *       \file       htdocs/user/passwordforgotten.php
 *       \brief      Page to ask a new password
 */

define("NOLOGIN",1);	// This means this output page does not require to be logged.

require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
if (! empty($conf->ldap->enabled)) require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';

// Load translation files required by page
$langs->loadLangs(array('errors', 'users', 'companies', 'ldap', 'other'));

// Security check
if (! empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK))
{
    header("Location: ".DOL_URL_ROOT.'/');
    exit;
}

$action=GETPOST('action', 'alpha');
$mode=$dolibarr_main_authentication;
if (! $mode) $mode='http';

$username 		= GETPOST('username','alpha');
$passwordhash	= GETPOST('passwordhash','alpha');
$conf->entity 	= (GETPOST('entity','int') ? GETPOST('entity','int') : 1);

// Instantiate hooks of thirdparty module only if not already define
$hookmanager->initHooks(array('passwordforgottenpage'));


if (GETPOST('dol_hide_leftmenu','alpha') || ! empty($_SESSION['dol_hide_leftmenu']))               $conf->dol_hide_leftmenu=1;
if (GETPOST('dol_hide_topmenu','alpha') || ! empty($_SESSION['dol_hide_topmenu']))                 $conf->dol_hide_topmenu=1;
if (GETPOST('dol_optimize_smallscreen','alpha') || ! empty($_SESSION['dol_optimize_smallscreen'])) $conf->dol_optimize_smallscreen=1;
if (GETPOST('dol_no_mouse_hover','alpha') || ! empty($_SESSION['dol_no_mouse_hover']))             $conf->dol_no_mouse_hover=1;
if (GETPOST('dol_use_jmobile','alpha') || ! empty($_SESSION['dol_use_jmobile']))                   $conf->dol_use_jmobile=1;


/**
 * Actions
 */

// Validate new password
if ($action == 'validatenewpassword' && $username && $passwordhash)
{
    $edituser = new User($db);
    $result=$edituser->fetch('',$_GET["username"]);
    if ($result < 0)
    {
        $message = '<div class="error">'.$langs->trans("ErrorLoginDoesNotExists",$username).'</div>';
    }
    else
    {
        if (dol_verifyHash($edituser->pass_temp, $passwordhash))
        {
            $newpassword=$edituser->setPassword($user,$edituser->pass_temp,0);
            dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
            header("Location: ".DOL_URL_ROOT.'/');
            exit;
        }
        else
        {
        	$langs->load("errors");
            $message = '<div class="error">'.$langs->trans("ErrorFailedToValidatePasswordReset").'</div>';
        }
    }
}
// Action modif mot de passe
if ($action == 'buildnewpassword' && $username)
{
    $sessionkey = 'dol_antispam_value';
    $ok=(array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));

    // Verify code
    if (! $ok)
    {
        $message = '<div class="error">'.$langs->trans("ErrorBadValueForCode").'</div>';
    }
    else
    {
        $edituser = new User($db);
        $result=$edituser->fetch('',$username,'',1);
        if ($result <= 0 && $edituser->error == 'USERNOTFOUND')
        {
            $message = '<div class="error">'.$langs->trans("ErrorLoginDoesNotExists",$username).'</div>';
            $username='';
        }
        else
        {
            if (! $edituser->email)
            {
                $message = '<div class="error">'.$langs->trans("ErrorLoginHasNoEmail").'</div>';
            }
            else
            {
                $newpassword=$edituser->setPassword($user,'',1);
                if ($newpassword < 0)
                {
                    // Failed
                    $message = '<div class="error">'.$langs->trans("ErrorFailedToChangePassword").'</div>';
                }
                else
                {
                    // Success
                    if ($edituser->send_password($user,$newpassword,1) > 0)
                    {

                        $message = '<div class="ok">'.$langs->trans("PasswordChangeRequestSent",$edituser->login,dolObfuscateEmail($edituser->email)).'</div>';
                        $username='';
                    }
                    else
                    {
                        $message.= '<div class="error">'.$edituser->error.'</div>';
                    }
                }
            }
        }
    }
}


/**
 * View
 */

$dol_url_root = DOL_URL_ROOT;

// Title
$title='Dolibarr '.DOL_VERSION;
if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $title=$conf->global->MAIN_APPLICATION_TITLE;

// Select templates
if (file_exists(DOL_DOCUMENT_ROOT."/theme/".$conf->theme."/tpl/passwordforgotten.tpl.php"))
{
    $template_dir = DOL_DOCUMENT_ROOT."/theme/".$conf->theme."/tpl/";
}
else
{
    $template_dir = DOL_DOCUMENT_ROOT."/core/tpl/";
}

if (! $username) $focus_element = 'username';
else $focus_element = 'password';

// Send password button enabled ?
$disabled='disabled';
if (preg_match('/dolibarr/i',$mode)) $disabled='';
if (! empty($conf->global->MAIN_SECURITY_ENABLE_SENDPASSWORD)) $disabled='';	 // To force button enabled

// Show logo (search in order: small company logo, large company logo, theme logo, common logo)
$width=0;
$rowspan=2;
$urllogo=DOL_URL_ROOT.'/theme/login_logo.png';
if (! empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_small))
{
	$urllogo=DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('thumbs/'.$mysoc->logo_small);
}
elseif (! empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/'.$mysoc->logo))
{
	$urllogo=DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode($mysoc->logo);
	$width=128;
}
elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/img/dolibarr_logo.png'))
{
	$urllogo=DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/dolibarr_logo.png';
}
elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/dolibarr_logo.png'))
{
	$urllogo=DOL_URL_ROOT.'/theme/dolibarr_logo.png';
}

// Security graphical code
if (function_exists("imagecreatefrompng") && ! $disabled)
{
	$captcha = 1;
	$captcha_refresh = img_picto($langs->trans("Refresh"),'refresh','id="captcha_refresh_img"');
}

// Execute hook getPasswordForgottenPageOptions (for table)
$parameters=array('entity' => GETPOST('entity','int'));
$hookmanager->executeHooks('getPasswordForgottenPageOptions',$parameters);    // Note that $action and $object may have been modified by some hooks
if (is_array($hookmanager->resArray) && ! empty($hookmanager->resArray)) {
	$morelogincontent = $hookmanager->resArray; // (deprecated) For compatibility
} else {
	$morelogincontent = $hookmanager->resPrint;
}

// Execute hook getPasswordForgottenPageExtraOptions (eg for js)
$parameters=array('entity' => GETPOST('entity','int'));
$reshook = $hookmanager->executeHooks('getPasswordForgottenPageExtraOptions',$parameters);    // Note that $action and $object may have been modified by some hooks.
$moreloginextracontent = $hookmanager->resPrint;

include $template_dir.'passwordforgotten.tpl.php';	// To use native PHP
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`<?php`
Fix: broken features 2012-09-02 09:27:06 +02:00			`/* Copyright (C) 2007-2011 Laurent Destailleur <eldy@users.sourceforge.net>`
Fix: change for a neutral email 2012-12-30 15:11:07 +01:00			`* Copyright (C) 2008-2012 Regis Houssin <regis.houssin@capnetworks.com>`
Fix: broken features 2012-09-02 09:27:06 +02:00			`* Copyright (C) 2008-2011 Juanjo Menent <jmenent@2byte.es>`
Fix param for username is $username and not $login 2015-12-21 03:01:37 +01:00			`* Copyright (C) 2014 Teddy Andreotti <125155@supinfo.com>`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
Prepare move to other licence. For the moment all answers for licence upgrade were not yet received. So we prepare for GPL by uniformizing licence text keys to GPL-3+. Will move later to AGPL if all answers are positive. 2013-01-16 15:36:08 +01:00			`* the Free Software Foundation; either version 3 of the License, or`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
Fix: Avoid errors into rpm packages 2011-08-01 01:19:04 +02:00			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`*/`

Minor changes 2009-03-13 14:12:43 +01:00			`/**`
			`* \file htdocs/user/passwordforgotten.php`
Doxygen 2011-07-08 17:50:28 +02:00			`* \brief Page to ask a new password`
Minor changes 2009-03-13 14:12:43 +01:00			`*/`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00
Fix: All output page must include main.inc.php 2009-12-29 19:10:48 +01:00			`define("NOLOGIN",1); // This means this output page does not require to be logged.`
Fix: Pb sous Plesk 2008-01-20 22:53:43 +01:00
Removed parenthesis from all require and replaced with single quotes 2012-08-22 23:24:21 +02:00			`require '../main.inc.php';`
Removed parenthesis from all require_once and replaced with single quotes 2012-08-22 23:11:24 +02:00			`require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';`
			`require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';`
Merge branch 'develop-HiddenMailPasswordForgotten' of github.com:Devensys/dolibarr into Devensys-develop-HiddenMailPasswordForgotten Conflicts: htdocs/core/lib/functions.lib.php 2014-10-11 23:44:50 +02:00			`require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';`
			`if (! empty($conf->ldap->enabled)) require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';`
Fix: Identification par code securite sur logon. Utilisation du bon nom de session PHP. 2007-12-29 18:06:53 +01:00
loadlangs 2018-05-26 16:24:54 +02:00			`// Load translation files required by page`
			`$langs->loadLangs(array('errors', 'users', 'companies', 'ldap', 'other'));`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00
Fix: All output page must include main.inc.php 2009-12-29 19:10:48 +01:00			`// Security check`
Fix: strict mode hurricane 2012-09-15 10:01:35 +02:00			`if (! empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK))`
Qual: redirect instead of the error message 2010-10-22 21:42:04 +02:00			`{`
Qual: Removed errors and warnings reported by codesniffer 2011-07-08 20:49:16 +02:00			`header("Location: ".DOL_URL_ROOT.'/');`
			`exit;`
Qual: redirect instead of the error message 2010-10-22 21:42:04 +02:00			`}`
Test: smarty integration 2009-12-29 12:30:41 +01:00
Fix: broken features 2012-09-02 09:27:06 +02:00			`$action=GETPOST('action', 'alpha');`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`$mode=$dolibarr_main_authentication;`
			`if (! $mode) $mode='http';`

NEW The lot of a product uses the link and picto when shown into list. 2017-09-15 10:45:41 +02:00			`$username = GETPOST('username','alpha');`
			`$passwordhash = GETPOST('passwordhash','alpha');`
			`$conf->entity = (GETPOST('entity','int') ? GETPOST('entity','int') : 1);`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00
Fix: mass convert line delimiters 2012-09-07 17:23:16 +02:00			`// Instantiate hooks of thirdparty module only if not already define`
Fix: broken features 2012-09-02 09:27:06 +02:00			`$hookmanager->initHooks(array('passwordforgottenpage'));`

Qual: Uniformize code 2013-04-05 18:09:05 +02:00
NEW The lot of a product uses the link and picto when shown into list. 2017-09-15 10:45:41 +02:00			`if (GETPOST('dol_hide_leftmenu','alpha') \|\| ! empty($_SESSION['dol_hide_leftmenu'])) $conf->dol_hide_leftmenu=1;`
			`if (GETPOST('dol_hide_topmenu','alpha') \|\| ! empty($_SESSION['dol_hide_topmenu'])) $conf->dol_hide_topmenu=1;`
			`if (GETPOST('dol_optimize_smallscreen','alpha') \|\| ! empty($_SESSION['dol_optimize_smallscreen'])) $conf->dol_optimize_smallscreen=1;`
			`if (GETPOST('dol_no_mouse_hover','alpha') \|\| ! empty($_SESSION['dol_no_mouse_hover'])) $conf->dol_no_mouse_hover=1;`
			`if (GETPOST('dol_use_jmobile','alpha') \|\| ! empty($_SESSION['dol_use_jmobile'])) $conf->dol_use_jmobile=1;`
Qual: Uniformize code 2013-04-05 18:09:05 +02:00
Fix: D�clenchement des triggers incorrects sur modif mot de passe adh�rent ou user 2007-10-21 22:40:24 +02:00
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`/**`
			`* Actions`
			`*/`

Doxygen 2011-07-08 17:50:28 +02:00			`// Validate new password`
Fix: A little clean of dol_hash usage. 2014-10-18 16:08:15 +02:00			`if ($action == 'validatenewpassword' && $username && $passwordhash)`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`{`
			`$edituser = new User($db);`
Qual: Uniformise code. user class use id in first param of fetch 2010-04-28 09:31:34 +02:00			`$result=$edituser->fetch('',$_GET["username"]);`
Qual: Removed errors and warnings reported by codesniffer 2011-07-08 20:49:16 +02:00			`if ($result < 0)`
			`{`
Fix: A local file inclusion vulnerability can be exploited to include arbitrary files. 2011-04-26 22:11:18 +02:00			`$message = '<div class="error">'.$langs->trans("ErrorLoginDoesNotExists",$username).'</div>';`
Qual: Removed errors and warnings reported by codesniffer 2011-07-08 20:49:16 +02:00			`}`
			`else`
			`{`
NEW Add password_hash as hash algorithm 2018-01-15 00:33:25 +01:00			`if (dol_verifyHash($edituser->pass_temp, $passwordhash))`
Qual: Removed errors and warnings reported by codesniffer 2011-07-08 20:49:16 +02:00			`{`
			`$newpassword=$edituser->setPassword($user,$edituser->pass_temp,0);`
			`dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");`
			`header("Location: ".DOL_URL_ROOT.'/');`
			`exit;`
			`}`
			`else`
			`{`
Fix: Missing translation 2012-12-17 15:47:01 +01:00			`$langs->load("errors");`
			`$message = '<div class="error">'.$langs->trans("ErrorFailedToValidatePasswordReset").'</div>';`
Qual: Removed errors and warnings reported by codesniffer 2011-07-08 20:49:16 +02:00			`}`
			`}`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`}`
			`// Action modif mot de passe`
Fix: A local file inclusion vulnerability can be exploited to include arbitrary files. 2011-04-26 22:11:18 +02:00			`if ($action == 'buildnewpassword' && $username)`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`{`
artichow was used only for captcha generation so i replaced with dolibarr code to allow to remove completely artichow (artichow project is dead). 2012-01-07 23:31:25 +01:00			`$sessionkey = 'dol_antispam_value';`
Lowercase NULL, TRUE, FALSE according to PSR2 2018-04-16 13:51:16 +02:00			`$ok=(array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));`
Qual: Removed errors and warnings reported by codesniffer 2011-07-08 20:49:16 +02:00
			`// Verify code`
Some change to prepare artichow removal 2012-01-07 21:32:35 +01:00			`if (! $ok)`
Qual: Removed errors and warnings reported by codesniffer 2011-07-08 20:49:16 +02:00			`{`
			`$message = '<div class="error">'.$langs->trans("ErrorBadValueForCode").'</div>';`
			`}`
			`else`
			`{`
			`$edituser = new User($db);`
			`$result=$edituser->fetch('',$username,'',1);`
			`if ($result <= 0 && $edituser->error == 'USERNOTFOUND')`
			`{`
			`$message = '<div class="error">'.$langs->trans("ErrorLoginDoesNotExists",$username).'</div>';`
			`$username='';`
			`}`
			`else`
			`{`
			`if (! $edituser->email)`
			`{`
			`$message = '<div class="error">'.$langs->trans("ErrorLoginHasNoEmail").'</div>';`
			`}`
			`else`
			`{`
			`$newpassword=$edituser->setPassword($user,'',1);`
			`if ($newpassword < 0)`
			`{`
			`// Failed`
			`$message = '<div class="error">'.$langs->trans("ErrorFailedToChangePassword").'</div>';`
			`}`
			`else`
			`{`
			`// Success`
			`if ($edituser->send_password($user,$newpassword,1) > 0)`
			`{`
Add function hideMail and use 2014-10-10 14:57:07 +02:00
Merge branch 'develop-HiddenMailPasswordForgotten' of github.com:Devensys/dolibarr into Devensys-develop-HiddenMailPasswordForgotten Conflicts: htdocs/core/lib/functions.lib.php 2014-10-11 23:44:50 +02:00			`$message = '<div class="ok">'.$langs->trans("PasswordChangeRequestSent",$edituser->login,dolObfuscateEmail($edituser->email)).'</div>';`
Qual: Removed errors and warnings reported by codesniffer 2011-07-08 20:49:16 +02:00			`$username='';`
			`}`
			`else`
			`{`
			`$message.= '<div class="error">'.$edituser->error.'</div>';`
			`}`
			`}`
			`}`
			`}`
			`}`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`}`


Doxygen 2011-07-08 17:50:28 +02:00			`/**`
			`* View`
New: Ajout fonction "Mot de passe oubli�" sur la page de logon 2007-06-02 03:53:54 +02:00			`*/`
Doxygen 2011-07-08 17:50:28 +02:00
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`$dol_url_root = DOL_URL_ROOT;`
Core templates are in core/templates directory 2010-01-04 20:39:16 +01:00
Add Smartphone class Fix: mutualized code 2010-09-22 10:52:48 +02:00			`// Title`
			`$title='Dolibarr '.DOL_VERSION;`
			`if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $title=$conf->global->MAIN_APPLICATION_TITLE;`

Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`// Select templates`
Qual: Removed deprecated code for using a specific mobile theme. New: Include terminal variables to optimize any themes. Qual: First change to allow butAction buttons to wrap on new lines for small size screens. 2013-04-03 15:20:56 +02:00			`if (file_exists(DOL_DOCUMENT_ROOT."/theme/".$conf->theme."/tpl/passwordforgotten.tpl.php"))`
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`{`
Qual: Removed deprecated code for using a specific mobile theme. New: Include terminal variables to optimize any themes. Qual: First change to allow butAction buttons to wrap on new lines for small size screens. 2013-04-03 15:20:56 +02:00			`$template_dir = DOL_DOCUMENT_ROOT."/theme/".$conf->theme."/tpl/";`
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`}`
			`else`
			`{`
Qual: Removed deprecated code for using a specific mobile theme. New: Include terminal variables to optimize any themes. Qual: First change to allow butAction buttons to wrap on new lines for small size screens. 2013-04-03 15:20:56 +02:00			`$template_dir = DOL_DOCUMENT_ROOT."/core/tpl/";`
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`}`
Core templates are in core/templates directory 2010-01-04 20:39:16 +01:00
Fix: A local file inclusion vulnerability can be exploited to include arbitrary files. 2011-04-26 22:11:18 +02:00			`if (! $username) $focus_element = 'username';`
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`else $focus_element = 'password';`
Core templates are in core/templates directory 2010-01-04 20:39:16 +01:00
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`// Send password button enabled ?`
			`$disabled='disabled';`
Fix: bad prefix of cookie 2011-03-30 09:55:22 +02:00			`if (preg_match('/dolibarr/i',$mode)) $disabled='';`
Fix: strict mode hurricane 2012-09-15 10:01:35 +02:00			`if (! empty($conf->global->MAIN_SECURITY_ENABLE_SENDPASSWORD)) $disabled=''; // To force button enabled`
Core templates are in core/templates directory 2010-01-04 20:39:16 +01:00
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`// Show logo (search in order: small company logo, large company logo, theme logo, common logo)`
			`$width=0;`
			`$rowspan=2;`
			`$urllogo=DOL_URL_ROOT.'/theme/login_logo.png';`
			`if (! empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_small))`
			`{`
NEW Can add a background image on login page 2017-03-31 11:39:12 +02:00			`$urllogo=DOL_URL_ROOT.'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode('thumbs/'.$mysoc->logo_small);`
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`}`
			`elseif (! empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/'.$mysoc->logo))`
			`{`
NEW Can add a background image on login page 2017-03-31 11:39:12 +02:00			`$urllogo=DOL_URL_ROOT.'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode($mysoc->logo);`
Fix: compatibility between bureau2crea theme and multicompany module 2012-09-02 11:36:42 +02:00			`$width=128;`
			`}`
			`elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/img/dolibarr_logo.png'))`
			`{`
			`$urllogo=DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/dolibarr_logo.png';`
			`}`
			`elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/dolibarr_logo.png'))`
			`{`
			`$urllogo=DOL_URL_ROOT.'/theme/dolibarr_logo.png';`
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`}`
Core templates are in core/templates directory 2010-01-04 20:39:16 +01:00
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`// Security graphical code`
			`if (function_exists("imagecreatefrompng") && ! $disabled)`
			`{`
Fix: compatibility between bureau2crea theme and multicompany module 2012-09-02 11:36:42 +02:00			`$captcha = 1;`
			`$captcha_refresh = img_picto($langs->trans("Refresh"),'refresh','id="captcha_refresh_img"');`
Fix: the core system used php templates by default 2010-04-12 20:56:53 +02:00			`}`

Fix: add resprint for passwordforgotten 2017-08-28 09:14:50 +02:00			`// Execute hook getPasswordForgottenPageOptions (for table)`
Fix: mass convert line delimiters 2012-09-07 17:23:16 +02:00			`$parameters=array('entity' => GETPOST('entity','int'));`
Fix: broken features 2012-09-02 09:27:06 +02:00			`$hookmanager->executeHooks('getPasswordForgottenPageOptions',$parameters); // Note that $action and $object may have been modified by some hooks`
Fix: add resprint for passwordforgotten 2017-08-28 09:14:50 +02:00			`if (is_array($hookmanager->resArray) && ! empty($hookmanager->resArray)) {`
			`$morelogincontent = $hookmanager->resArray; // (deprecated) For compatibility`
			`} else {`
			`$morelogincontent = $hookmanager->resPrint;`
			`}`

			`// Execute hook getPasswordForgottenPageExtraOptions (eg for js)`
			`$parameters=array('entity' => GETPOST('entity','int'));`
			`$reshook = $hookmanager->executeHooks('getPasswordForgottenPageExtraOptions',$parameters); // Note that $action and $object may have been modified by some hooks.`
			`$moreloginextracontent = $hookmanager->resPrint;`
Fix: broken features 2012-09-02 09:27:06 +02:00
Removed parenthesis from all include and include_once and replaced with single quotes 2012-08-23 02:04:35 +02:00			`include $template_dir.'passwordforgotten.tpl.php'; // To use native PHP`