In-Portal Issue Tracker

Welcome to the In-Portal Open Source CMS Issue Tracker! This is a central management / tracking tool for all types of tasks / issues / bugs for the In-Portal Project. Before reporting any issues, please make sure to read the Guide into Issue Tracker and How to Properly Test and Report Bugs!

Viewing Issue Simple Details [ Jump to Notes ] [ Wiki ] [ Related Changesets ]

[ View Advanced ] [ Issue History ] [ Print ]

Tags

No tags attached.

Reference

http://groups.google.com/group/in-portal-dev/browse_thread/thread/9d3a9f7e8a0e070

Change Log Message

Added ability to reset Root password

Estimate Points

Attached Files

reset_root_password_657.patch [^] (7,159 bytes) 2011-10-03 10:28 [Show Content]

Index: admin_templates/login.tpl
===================================================================
--- admin_templates/login.tpl	(revision 14610)
+++ admin_templates/login.tpl	(working copy)
@@ -153,6 +153,18 @@
 		              				<input type="submit" name="login_button" value="<inp2:m_phrase name='la_Login' no_editing='1'/>" class="kx-login-button roundbutton"></td>
 		          			</tr>
 						</table>
+						<inp2:m_if check="m_GetConst" name="DBG_RESET_ROOT">
+							<inp2:m_if check="m_Get" var="reset">
+								<script type="text/javascript">
+									$(document).ready(
+										function () {
+											alert('<inp2:m_Phrase label="la_msg_YourRootPasswordHasBeenResetPleaseRemoveDbgResetRootConstantAndCheckYourEmailAddress"/>');
+										}
+									);		
+								</script>
+							</inp2:m_if>
+							<a href="<inp2:m_Link t='login' pass='m,u' u_event='OnResetRootPassword'/>"><inp2:m_Phrase label="la_btn_ResetRootPassword"/></a>								
+						</inp2:m_if>
 					<inp2:m_else/>
 						<h1 style="color: red;">401 Authentication Required</h1>
 					</inp2:m_if>
Index: install/english.lang
===================================================================
--- install/english.lang	(revision 14610)
+++ install/english.lang	(working copy)
@@ -1498,6 +1498,8 @@
 			<PHRASE Label="lu_opt_AutoDetect" Module="Core" Type="1">QXV0by1EZXRlY3Q=</PHRASE>
 			<PHRASE Label="lu_opt_Cookies" Module="Core" Type="1">Q29va2llcw==</PHRASE>
 			<PHRASE Label="lu_opt_QueryString" Module="Core" Type="1">UXVlcnkgU3RyaW5nIChTSUQp</PHRASE>
+			<PHRASE Label="la_btn_ResetRootPassword" Module="Core" Type="1">UmVzZXQgInJvb3QiIHBhc3N3b3Jk</PHRASE>
+			<PHRASE Label="la_msg_YourRootPasswordHasBeenResetPleaseRemoveDbgResetRootConstantAndCheckYourEmailAddress" Module="Core" Type="1">WW91ciAicm9vdCIgcGFzc3dvcmQgaGFzIGJlZW4gcmVzZXQuIFBsZWFzZSByZW1vdmUgREJHX1JFU0VUX1JPT1QgY29uc3RhbnQgYW5kIGNoZWNrIHlvdXIgZS1tYWlsIGFkZHJlc3Mu</PHRASE>
 		</PHRASES>
 		<EVENTS>
 			<EVENT MessageType="html" Event="CATEGORY.ADD" Type="0">U3ViamVjdDogTmV3IENhdGVnb3J5ICI8aW5wMjpjX0ZpZWxkIG5hbWU9Ik5hbWUiLz4iIC0gQWRkZWQKCllvdXIgc3VnZ2VzdGVkIGNhdGVnb3J5ICI8aW5wMjpjX0ZpZWxkIG5hbWU9Ik5hbWUiLz4iIGhhcyBiZWVuIGFkZGVkLg==</EVENT>
@@ -1535,6 +1537,7 @@
 			<EVENT MessageType="html" Event="USER.UNSUBSCRIBE" Type="1">U3ViamVjdDogVXNlciBVbnN1YnNyaWJlZCBmcm9tIE1haWxpbmcgTGlzdAoKQSB1c2VyICI8aW5wMjp1X0ZpZWxkIG5hbWU9IkVtYWlsIi8+IiBoYXMgdW5zdWJzY3JpYmVkIGZyb20gdGhlIG1haWxpbmcgbGlzdCBvbiA8YSBocmVmPSI8aW5wMjptX0Jhc2VVcmwvPiI+PGlucDI6bV9CYXNlVXJsLz48L2E+Lg==</EVENT>
 			<EVENT MessageType="html" Event="USER.VALIDATE" Type="0">U3ViamVjdDogVXNlciBSZWdpc3RyYXRpb24gaXMgVmFsaWRhdGVkCgpXZWxjb21lIHRvIEluLXBvcnRhbCE8YnIvPjxici8+DQoNCllvdXIgdXNlciByZWdpc3RyYXRpb24gaGFzIGJlZW4gYXBwcm92ZWQuIFlvdSBjYW4gbG9naW4gbm93IDxhIGhyZWY9IjxpbnAyOm1fQmFzZVVybC8+Ij48aW5wMjptX0Jhc2VVcmwvPjwvYT4gdXNpbmcgdGhlIGZvbGxvd2luZyBpbmZvcm1hdGlvbjo8YnIvPjxici8+DQoNCj09PT09PT09PT09PT09PT09PTxici8+DQpVc2VybmFtZTogIjxpbnAyOnVfRmllbGQgbmFtZT0iTG9naW4iLz4iPGJyLz4NClBhc3N3b3JkOiAiPGlucDI6dV9GaWVsZCBuYW1lPSJQYXNzd29yZF9wbGFpbiIvPiI8YnIvPg0KPT09PT09PT09PT09PT09PT09PGJyLz48YnIvPg0K</EVENT>
 			<EVENT MessageType="html" Event="USER.VALIDATE" Type="1">U3ViamVjdDogTmV3IFVzZXIgUmVnaXN0cmF0aW9uIGlzIFZhbGlkYXRlZAoKVXNlciAiPGlucDI6dV9GaWVsZCBuYW1lPSJMb2dpbiIvPiIgaGFzIGJlZW4gdmFsaWRhdGVkLg==</EVENT>
+			<EVENT MessageType="html" Event="ROOT.RESET.PASSWORD" Type="1">U3ViamVjdDogUm9vdCBSZXNldCBQYXNzd29yZAoKWW91ciBuZXcgcGFzc3dvcmQgaXM6IDxpbnAyOm1fR2V0IG5hbWU9InJvb3RfcGFzc3dvcmQiLz4=</EVENT>
 		</EVENTS>
 		<COUNTRIES>
 			<COUNTRY Iso="ABW" Translation="QXJ1YmE="/>
Index: install/install_data.sql
===================================================================
--- install/install_data.sql	(revision 14610)
+++ install/install_data.sql	(working copy)
@@ -171,7 +171,9 @@
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'FORM.SUBMISSION.REPLY.FROM.USER.BOUNCED', NULL, 1, 0, 'Core', 'Form Submission Admin Reply Delivery Failure', 1, 1, 1);
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'USER.NEW.PASSWORD', NULL, 1, 0, 'Core', 'Sends new password to an existing user', 0, 1, 0);
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'USER.ADD.BYADMIN', NULL, 1, 0, 'Core', 'Sends password to a new user', 0, 1, 0);
+INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'ROOT.RESET.PASSWORD', NULL, 1, 0, 'Core', 'Root Reset Password', 1, 0, 0);
 
+
 INSERT INTO IdGenerator VALUES ('100');
 
 INSERT INTO PortalGroup VALUES (15, 'Everyone', 'Everyone', 0, 1, 0, 1, 0);
Index: install/upgrades.sql
===================================================================
--- install/upgrades.sql	(revision 14610)
+++ install/upgrades.sql	(working copy)
@@ -2107,6 +2107,8 @@
 SET DirectLinkAuthKey = SUBSTRING( MD5( CONCAT(CategoryId, ':', ParentId, ':', l<%PRIMARY_LANGUAGE%>_Name, ':b38') ), 1, 20)
 WHERE DirectLinkAuthKey = '';
 
+INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, FromUserId, Module, Description, Type) VALUES(DEFAULT, 'ROOT.RESET.PASSWORD', NULL, 1, 0, NULL, 'Core:Category', 'Root Reset Password', 1);
+
 INSERT INTO ConfigurationValues VALUES(DEFAULT, 'ExcludeTemplateSectionsFromSearch', '0', 'In-Portal', 'in-portal:configure_categories', 'la_title_General', 'la_config_ExcludeTemplateSectionsFromSearch', 'checkbox', '', '', 10.15, 0, 0, NULL);
 
 ALTER TABLE Agents
Index: units/users/users_event_handler.php
===================================================================
--- units/users/users_event_handler.php	(revision 14610)
+++ units/users/users_event_handler.php	(working copy)
@@ -128,6 +128,10 @@
 				// permission is checked in OnLogin event directly
 				return true;
 			}
+			
+			if ( $event->Name == 'OnResetRootPassword' ) {
+				return defined('DBG_RESET_ROOT') && DBG_RESET_ROOT;				
+			}
 
 			if ( !$this->Application->isAdminUser ) {
 				$user_id = $this->Application->RecallVar('user_id');
@@ -1689,4 +1693,24 @@
 				}
 			}
 		}
+		
+		/**
+		 * Generates new Root password and email it
+		 *
+		 * @param kEvent $event
+		 */
+		function OnResetRootPassword(&$event)
+		{
+			$new_root_password = kUtil::generatePassword();
+			$password_formatter =& $this->Application->recallObject('kPasswordFormatter');
+	    	/* @var $password_formatter kPasswordFormatter */
+			
+			$new_root_password_encrypted = $password_formatter->EncryptPassword($new_root_password, 'b38');
+			
+			$this->Application->SetConfigValue('RootPass', $new_root_password_encrypted);
+			$this->Application->SetVar('root_password', $new_root_password);
+			$this->Application->EmailEventAdmin('ROOT.RESET.PASSWORD');
+			
+			$event->SetRedirectParam('reset', 1);
+		}
 	}

reset_root_password_657.2.patch [^] (6,866 bytes) 2011-10-04 10:54 [Show Content]

Index: admin_templates/login.tpl
===================================================================
--- admin_templates/login.tpl	(revision 14630)
+++ admin_templates/login.tpl	(working copy)
@@ -153,6 +153,18 @@
 		              				<input type="submit" name="login_button" value="<inp2:m_phrase name='la_Login' no_editing='1'/>" class="kx-login-button roundbutton"></td>
 		          			</tr>
 						</table>
+						<inp2:m_if check="m_GetConst" name="DBG_RESET_ROOT">
+							<inp2:m_if check="m_Get" var="reset">
+								<script type="text/javascript">
+									$(document).ready(
+										function () {
+											alert('<inp2:m_Phrase label="la_msg_YourRootPasswordHasBeenResetPleaseRemoveDbgResetRootConstantAndCheckYourEmailAddress"/>');
+										}
+									);		
+								</script>
+							</inp2:m_if>
+							<a href="<inp2:m_Link t='login' pass='m,u' u_event='OnResetRootPassword'/>"><inp2:m_Phrase label="la_btn_ResetRootPassword"/></a>								
+						</inp2:m_if>
 					<inp2:m_else/>
 						<h1 style="color: red;">401 Authentication Required</h1>
 					</inp2:m_if>
Index: install/english.lang
===================================================================
--- install/english.lang	(revision 14630)
+++ install/english.lang	(working copy)
@@ -1506,6 +1506,8 @@
 			<PHRASE Label="lu_opt_AutoDetect" Module="Core" Type="1">QXV0by1EZXRlY3Q=</PHRASE>
 			<PHRASE Label="lu_opt_Cookies" Module="Core" Type="1">Q29va2llcw==</PHRASE>
 			<PHRASE Label="lu_opt_QueryString" Module="Core" Type="1">UXVlcnkgU3RyaW5nIChTSUQp</PHRASE>
+			<PHRASE Label="la_btn_ResetRootPassword" Module="Core" Type="1">UmVzZXQgInJvb3QiIHBhc3N3b3Jk</PHRASE>
+			<PHRASE Label="la_msg_RootPasswordWasReset" Module="Core" Type="1">WW91ciAicm9vdCIgcGFzc3dvcmQgaGFzIGJlZW4gcmVzZXQuIFBsZWFzZSByZW1vdmUgREJHX1JFU0VUX1JPT1QgY29uc3RhbnQgYW5kIGNoZWNrIHlvdXIgZS1tYWlsIGFkZHJlc3Mu</PHRASE>
 		</PHRASES>
 		<EVENTS>
 			<EVENT MessageType="html" Event="CATEGORY.ADD" Type="0">U3ViamVjdDogTmV3IENhdGVnb3J5ICI8aW5wMjpjX0ZpZWxkIG5hbWU9Ik5hbWUiLz4iIC0gQWRkZWQKCllvdXIgc3VnZ2VzdGVkIGNhdGVnb3J5ICI8aW5wMjpjX0ZpZWxkIG5hbWU9Ik5hbWUiLz4iIGhhcyBiZWVuIGFkZGVkLg==</EVENT>
@@ -1543,6 +1545,7 @@
 			<EVENT MessageType="html" Event="USER.UNSUBSCRIBE" Type="1">U3ViamVjdDogVXNlciBVbnN1YnNyaWJlZCBmcm9tIE1haWxpbmcgTGlzdAoKQSB1c2VyICI8aW5wMjp1X0ZpZWxkIG5hbWU9IkVtYWlsIi8+IiBoYXMgdW5zdWJzY3JpYmVkIGZyb20gdGhlIG1haWxpbmcgbGlzdCBvbiA8YSBocmVmPSI8aW5wMjptX0Jhc2VVcmwvPiI+PGlucDI6bV9CYXNlVXJsLz48L2E+Lg==</EVENT>
 			<EVENT MessageType="html" Event="USER.VALIDATE" Type="0">U3ViamVjdDogVXNlciBSZWdpc3RyYXRpb24gaXMgVmFsaWRhdGVkCgpXZWxjb21lIHRvIEluLXBvcnRhbCE8YnIvPjxici8+DQoNCllvdXIgdXNlciByZWdpc3RyYXRpb24gaGFzIGJlZW4gYXBwcm92ZWQuIFlvdSBjYW4gbG9naW4gbm93IDxhIGhyZWY9IjxpbnAyOm1fQmFzZVVybC8+Ij48aW5wMjptX0Jhc2VVcmwvPjwvYT4gdXNpbmcgdGhlIGZvbGxvd2luZyBpbmZvcm1hdGlvbjo8YnIvPjxici8+DQoNCj09PT09PT09PT09PT09PT09PTxici8+DQpVc2VybmFtZTogIjxpbnAyOnVfRmllbGQgbmFtZT0iTG9naW4iLz4iPGJyLz4NClBhc3N3b3JkOiAiPGlucDI6dV9GaWVsZCBuYW1lPSJQYXNzd29yZF9wbGFpbiIvPiI8YnIvPg0KPT09PT09PT09PT09PT09PT09PGJyLz48YnIvPg0K</EVENT>
 			<EVENT MessageType="html" Event="USER.VALIDATE" Type="1">U3ViamVjdDogTmV3IFVzZXIgUmVnaXN0cmF0aW9uIGlzIFZhbGlkYXRlZAoKVXNlciAiPGlucDI6dV9GaWVsZCBuYW1lPSJMb2dpbiIvPiIgaGFzIGJlZW4gdmFsaWRhdGVkLg==</EVENT>
+			<EVENT MessageType="html" Event="ROOT.RESET.PASSWORD" Type="1">U3ViamVjdDogUm9vdCBSZXNldCBQYXNzd29yZAoKWW91ciBuZXcgcGFzc3dvcmQgaXM6IDxpbnAyOm1fUGFyYW0gbmFtZT0icGFzc3dvcmQiLz4=</EVENT>
 		</EVENTS>
 		<COUNTRIES>
 			<COUNTRY Iso="ABW" Translation="QXJ1YmE="/>
Index: install/install_data.sql
===================================================================
--- install/install_data.sql	(revision 14630)
+++ install/install_data.sql	(working copy)
@@ -171,7 +171,9 @@
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'FORM.SUBMISSION.REPLY.FROM.USER.BOUNCED', NULL, 1, 0, 'Core', 'Form Submission Admin Reply Delivery Failure', 1, 1, 1);
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'USER.NEW.PASSWORD', NULL, 1, 0, 'Core', 'Sends new password to an existing user', 0, 1, 0);
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'USER.ADD.BYADMIN', NULL, 1, 0, 'Core', 'Sends password to a new user', 0, 1, 0);
+INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'ROOT.RESET.PASSWORD', NULL, 1, 0, 'Core', 'Root Reset Password', 1, 0, 0);
 
+
 INSERT INTO IdGenerator VALUES ('100');
 
 INSERT INTO PortalGroup VALUES (15, 'Everyone', 'Everyone', 0, 1, 0, 1, 0);
Index: install/upgrades.sql
===================================================================
--- install/upgrades.sql	(revision 14630)
+++ install/upgrades.sql	(working copy)
@@ -2136,4 +2136,6 @@
 	CHANGE ip IPAddress VARCHAR(15) NOT NULL,
 	ADD IPRestrictions TEXT NULL;
 
-ALTER TABLE PortalGroup ADD IPRestrictions TEXT NULL;
\ No newline at end of file
+ALTER TABLE PortalGroup ADD IPRestrictions TEXT NULL;
+
+INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, FromUserId, Module, Description, Type) VALUES(DEFAULT, 'ROOT.RESET.PASSWORD', NULL, 1, 0, NULL, 'Core:Category', 'Root Reset Password', 1);
Index: units/users/users_event_handler.php
===================================================================
--- units/users/users_event_handler.php	(revision 14630)
+++ units/users/users_event_handler.php	(working copy)
@@ -129,6 +129,10 @@
 				return true;
 			}
 
+			if ( $event->Name == 'OnResetRootPassword' ) {
+				return defined('DBG_RESET_ROOT') && DBG_RESET_ROOT;
+			}
+
 			if ( !$this->Application->isAdminUser ) {
 				$user_id = $this->Application->RecallVar('user_id');
 				$items_info = $this->Application->GetVar($event->getPrefixSpecial(true));
@@ -1706,4 +1710,24 @@
 				}
 			}
 		}
+
+		/**
+		 * Generates new Root password and email it
+		 *
+		 * @param kEvent $event
+		 */
+		function OnResetRootPassword(&$event)
+		{
+			$new_root_password = kUtil::generatePassword();
+
+			$password_formatter =& $this->Application->recallObject('kPasswordFormatter');
+			/* @var $password_formatter kPasswordFormatter */
+
+			$new_root_password_encrypted = $password_formatter->EncryptPassword($new_root_password, 'b38');
+
+			$this->Application->SetConfigValue('RootPass', $new_root_password_encrypted);
+			$this->Application->EmailEventAdmin('ROOT.RESET.PASSWORD', null, Array ('password' => $new_root_password));
+
+			$event->SetRedirectParam('reset', 1);
+		}
 	}

root_password_reset_v3.patch [^] (12,640 bytes) 2011-10-05 07:08 [Show Content]

Index: core/admin_templates/login.tpl
===================================================================
--- core/admin_templates/login.tpl	(revision 14596)
+++ core/admin_templates/login.tpl	(working copy)
@@ -153,6 +153,21 @@
 		              				<input type="submit" name="login_button" value="<inp2:m_phrase name='la_Login' no_editing='1'/>" class="kx-login-button roundbutton"></td>
 		          			</tr>
 						</table>
+
+						<inp2:m_if check="m_GetConst" name="DBG_RESET_ROOT">
+							<inp2:m_if check="m_Get" var="reset">
+								<script type="text/javascript">
+									$(document).ready(
+										function () {
+											alert('<inp2:m_Phrase label="la_msg_RootPasswordWasReset" js_escape="1"/>');
+										}
+									);
+								</script>
+							<inp2:m_else/>
+								<br/>
+								<a href="<inp2:m_Link template='login' u_event='OnResetRootPassword' pass='m,u'/>"><inp2:m_Phrase label="la_btn_ResetRootPassword"/></a>
+							</inp2:m_if>
+						</inp2:m_if>
 					<inp2:m_else/>
 						<h1 style="color: red;">401 Authentication Required</h1>
 					</inp2:m_if>
Index: core/install/english.lang
===================================================================
--- core/install/english.lang	(revision 14630)
+++ core/install/english.lang	(working copy)
@@ -1506,6 +1506,8 @@
 			<PHRASE Label="lu_opt_AutoDetect" Module="Core" Type="1">QXV0by1EZXRlY3Q=</PHRASE>
 			<PHRASE Label="lu_opt_Cookies" Module="Core" Type="1">Q29va2llcw==</PHRASE>
 			<PHRASE Label="lu_opt_QueryString" Module="Core" Type="1">UXVlcnkgU3RyaW5nIChTSUQp</PHRASE>
+			<PHRASE Label="la_btn_ResetRootPassword" Module="Core" Type="1">UmVzZXQgInJvb3QiIHBhc3N3b3Jk</PHRASE>
+			<PHRASE Label="la_msg_RootPasswordWasReset" Module="Core" Type="1">WW91ciAicm9vdCIgcGFzc3dvcmQgaGFzIGJlZW4gcmVzZXQuIFBsZWFzZSByZW1vdmUgREJHX1JFU0VUX1JPT1QgY29uc3RhbnQgYW5kIGNoZWNrIHlvdXIgZS1tYWlsIGFkZHJlc3Mu</PHRASE>
 		</PHRASES>
 		<EVENTS>
 			<EVENT MessageType="html" Event="CATEGORY.ADD" Type="0">U3ViamVjdDogTmV3IENhdGVnb3J5ICI8aW5wMjpjX0ZpZWxkIG5hbWU9Ik5hbWUiLz4iIC0gQWRkZWQKCllvdXIgc3VnZ2VzdGVkIGNhdGVnb3J5ICI8aW5wMjpjX0ZpZWxkIG5hbWU9Ik5hbWUiLz4iIGhhcyBiZWVuIGFkZGVkLg==</EVENT>
@@ -1543,6 +1545,7 @@
 			<EVENT MessageType="html" Event="USER.UNSUBSCRIBE" Type="1">U3ViamVjdDogVXNlciBVbnN1YnNyaWJlZCBmcm9tIE1haWxpbmcgTGlzdAoKQSB1c2VyICI8aW5wMjp1X0ZpZWxkIG5hbWU9IkVtYWlsIi8+IiBoYXMgdW5zdWJzY3JpYmVkIGZyb20gdGhlIG1haWxpbmcgbGlzdCBvbiA8YSBocmVmPSI8aW5wMjptX0Jhc2VVcmwvPiI+PGlucDI6bV9CYXNlVXJsLz48L2E+Lg==</EVENT>
 			<EVENT MessageType="html" Event="USER.VALIDATE" Type="0">U3ViamVjdDogVXNlciBSZWdpc3RyYXRpb24gaXMgVmFsaWRhdGVkCgpXZWxjb21lIHRvIEluLXBvcnRhbCE8YnIvPjxici8+DQoNCllvdXIgdXNlciByZWdpc3RyYXRpb24gaGFzIGJlZW4gYXBwcm92ZWQuIFlvdSBjYW4gbG9naW4gbm93IDxhIGhyZWY9IjxpbnAyOm1fQmFzZVVybC8+Ij48aW5wMjptX0Jhc2VVcmwvPjwvYT4gdXNpbmcgdGhlIGZvbGxvd2luZyBpbmZvcm1hdGlvbjo8YnIvPjxici8+DQoNCj09PT09PT09PT09PT09PT09PTxici8+DQpVc2VybmFtZTogIjxpbnAyOnVfRmllbGQgbmFtZT0iTG9naW4iLz4iPGJyLz4NClBhc3N3b3JkOiAiPGlucDI6dV9GaWVsZCBuYW1lPSJQYXNzd29yZF9wbGFpbiIvPiI8YnIvPg0KPT09PT09PT09PT09PT09PT09PGJyLz48YnIvPg0K</EVENT>
 			<EVENT MessageType="html" Event="USER.VALIDATE" Type="1">U3ViamVjdDogTmV3IFVzZXIgUmVnaXN0cmF0aW9uIGlzIFZhbGlkYXRlZAoKVXNlciAiPGlucDI6dV9GaWVsZCBuYW1lPSJMb2dpbiIvPiIgaGFzIGJlZW4gdmFsaWRhdGVkLg==</EVENT>
+			<EVENT MessageType="html" Event="ROOT.RESET.PASSWORD" Type="1">U3ViamVjdDogUm9vdCBSZXNldCBQYXNzd29yZAoKWW91ciBuZXcgcGFzc3dvcmQgaXM6IDxpbnAyOm1fUGFyYW0gbmFtZT0icGFzc3dvcmQiLz4=</EVENT>
 		</EVENTS>
 		<COUNTRIES>
 			<COUNTRY Iso="ABW" Translation="QXJ1YmE="/>
Index: core/install/install_data.sql
===================================================================
--- core/install/install_data.sql	(revision 14606)
+++ core/install/install_data.sql	(working copy)
@@ -171,6 +171,7 @@
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'FORM.SUBMISSION.REPLY.FROM.USER.BOUNCED', NULL, 1, 0, 'Core', 'Form Submission Admin Reply Delivery Failure', 1, 1, 1);
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'USER.NEW.PASSWORD', NULL, 1, 0, 'Core', 'Sends new password to an existing user', 0, 1, 0);
 INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'USER.ADD.BYADMIN', NULL, 1, 0, 'Core', 'Sends password to a new user', 0, 1, 0);
+INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'ROOT.RESET.PASSWORD', NULL, 1, 0, 'Core', 'Root Reset Password', 1, 1, 0);
 
 INSERT INTO IdGenerator VALUES ('100');
 
Index: core/install/upgrades.sql
===================================================================
--- core/install/upgrades.sql	(revision 14630)
+++ core/install/upgrades.sql	(working copy)
@@ -2136,4 +2136,5 @@
 	CHANGE ip IPAddress VARCHAR(15) NOT NULL,
 	ADD IPRestrictions TEXT NULL;
 
-ALTER TABLE PortalGroup ADD IPRestrictions TEXT NULL;
\ No newline at end of file
+ALTER TABLE PortalGroup ADD IPRestrictions TEXT NULL;
+INSERT INTO Events (EventId, Event, ReplacementTags, Enabled, FrontEndOnly, Module, Description, Type, AllowChangingSender, AllowChangingRecipient) VALUES(DEFAULT, 'ROOT.RESET.PASSWORD', NULL, 1, 0, 'Core', 'Root Reset Password', 1, 1, 0);
\ No newline at end of file
Index: core/units/users/users_event_handler.php
===================================================================
--- core/units/users/users_event_handler.php	(revision 14630)
+++ core/units/users/users_event_handler.php	(working copy)
@@ -129,6 +129,10 @@
 				return true;
 			}
 
+			if ( $event->Name == 'OnResetRootPassword' ) {
+				return defined('DBG_RESET_ROOT') && DBG_RESET_ROOT;
+			}
+
 			if ( !$this->Application->isAdminUser ) {
 				$user_id = $this->Application->RecallVar('user_id');
 				$items_info = $this->Application->GetVar($event->getPrefixSpecial(true));
@@ -238,8 +242,10 @@
 		 * Checks user data and logs it in if allowed
 		 *
 		 * @param kEvent $event
+		 * @return void
+		 * @access protected
 		 */
-		function OnLogin(&$event)
+		protected function OnLogin(&$event)
 		{
 			$object =& $event->getObject( Array ('form_name' => 'login') );
 			/* @var $object kDBItem */
@@ -311,7 +317,14 @@
 			$sync_manager->performAction('LogoutUser');
 		}
 
-		function OnLogout(&$event)
+		/**
+		 * Performs user logout
+		 *
+		 * @param kEvent $event
+		 * @return void
+		 * @access protected
+		 */
+		protected function OnLogout(&$event)
 		{
 			$user_helper =& $this->Application->recallObject('UserHelper');
 			/* @var $user_helper UserHelper */
@@ -387,8 +400,10 @@
 		 * Returns subscribed user ID by given e-mail address
 		 *
 		 * @param string $email
+		 * @return int|bool
+		 * @access protected
 		 */
-		function getSubscriberByEmail($email)
+		protected function getSubscriberByEmail($email)
 		{
 			$verify_user =& $this->Application->recallObject('u.verify', null, Array ('skip_autoload' => true));
 			/* @var $verify_user UsersItem */
@@ -406,6 +421,8 @@
 		function autoLoginUser(&$event)
 		{
 			$object =& $event->getObject();
+			/* @var $object UsersItem */
+
 			$this->Application->SetVar('u.current_id', $object->GetID());
 
 			if ( $object->GetDBField('Status') == STATUS_ACTIVE ) {
@@ -810,7 +827,13 @@
 			}
 		}
 
-		function OnUpdate(&$event)
+		/**
+		 * Updates kDBItem
+		 *
+		 * @param kEvent $event
+		 * @access protected
+		 */
+		protected function OnUpdate(&$event)
 		{
 			parent::OnUpdate($event);
 
@@ -946,8 +969,8 @@
 			if ($records) {
 				$conditions = Array();
 				foreach ($records as $record) {
-					$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRATION.NOTICE', $record['PortalUserId']);
-					$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRATION.NOTICE');
+					$this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRATION.NOTICE', $record['PortalUserId']);
+					$this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRATION.NOTICE');
 					$conditions[] = '(PortalUserId = '.$record['PortalUserId'].' AND GroupId = '.$record['GroupId'].')';
 				}
 				$sql = 'UPDATE '.TABLE_PREFIX.'UserGroup
@@ -964,8 +987,8 @@
 			$user_ids = $this->Conn->GetCol($sql);
 			if ($user_ids) {
 				foreach ($user_ids as $id) {
-					$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRED', $id);
-					$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRED');
+					$this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRED', $id);
+					$this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRED');
 				}
 			}
 			$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup
@@ -1013,9 +1036,10 @@
 		}
 
 		/**
-		 * Overwritten to return user from order by special .ord
+		 * Return user from order by special .ord
 		 *
 		 * @param kEvent $event
+		 * @return int
 		 */
 		function getPassedID(&$event)
 		{
@@ -1148,9 +1172,16 @@
 			$event->SetRedirectParam('opener', 'u');
 		}
 
-		function OnMassResetSettings(&$event)
+		/**
+		 * Resets grid settings, remembered in each user record
+		 *
+		 * @param kEvent $event
+		 * @return void
+		 * @access protected
+		 */
+		protected function OnMassResetSettings(&$event)
 		{
-			if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY', 1)) {
+			if ( $this->Application->CheckPermission('SYSTEM_ACCESS.READONLY', 1) ) {
 				$event->status = kEvent::erFAIL;
 				return;
 			}
@@ -1158,11 +1189,12 @@
 			$ids = $this->StoreSelectedIDs($event);
 
 			$default_user_id = $this->Application->ConfigValue('DefaultSettingsUserId');
-			if (in_array($default_user_id, $ids)) {
+			if ( in_array($default_user_id, $ids) ) {
 				array_splice($ids, array_search($default_user_id, $ids), 1);
 			}
-			if ($ids) {
-				$q = 'DELETE FROM '.TABLE_PREFIX.'PersistantSessionData WHERE PortalUserId IN ('.join(',', $ids).') AND
+
+			if ( $ids ) {
+				$q = 'DELETE FROM ' . TABLE_PREFIX . 'PersistantSessionData WHERE PortalUserId IN (' . join(',', $ids) . ') AND
 							 (VariableName LIKE "%_columns_%"
 							 OR
 							 VariableName LIKE "%_filter%"
@@ -1170,6 +1202,7 @@
 							 VariableName LIKE "%_PerPage%")';
 				$this->Conn->Query($q);
 			}
+
 			$this->clearSelectedIDs($event);
 		}
 
@@ -1706,4 +1739,26 @@
 				}
 			}
 		}
+
+		/**
+		 * Generates new Root password and email it
+		 *
+		 * @param kEvent $event
+		 * @return void
+		 * @access protected
+		 */
+		protected function OnResetRootPassword(&$event)
+		{
+			$password_formatter =& $this->Application->recallObject('kPasswordFormatter');
+			/* @var $password_formatter kPasswordFormatter */
+
+			$new_root_password = kUtil::generatePassword();
+			$new_root_password_encrypted = $password_formatter->EncryptPassword($new_root_password, 'b38');
+
+			$this->Application->SetConfigValue('RootPass', $new_root_password_encrypted);
+			$this->Application->EmailEventAdmin('ROOT.RESET.PASSWORD', null, Array ('password' => $new_root_password));
+
+			$event->SetRedirectParam('reset', 1);
+			$event->SetRedirectParam('pass', 'm');
+		}
 	}
Index: tools/debug_sample.php
===================================================================
--- tools/debug_sample.php	(revision 14590)
+++ tools/debug_sample.php	(working copy)
@@ -15,9 +15,10 @@
 //	define('SILENT_LOG', 1);					// Log all php errors on site to separate file (/silent_log.txt)
 //	define('DBG_REQUREST_LOG', '/path/to/file');// Log all user requests to site into filename specified
 //	define('DBG_ZEND_PRESENT', 0);				// Set to 0 to debug debugger (because debugger automatically got disabled during zend debug sessions)
-//	define('SA_IP', '193.68.72.64/26;99.14.230.174'); // Define IP addreses, from which super admin are allowed to login
-//	define('DBG_CAPTURE_STATISTICS', 1);		// Capture performance satistics
+//	define('SA_IP', '193.68.72.64/26;99.14.230.174'); // Define IP addresses, from which super admin are allowed to login
+//	define('DBG_CAPTURE_STATISTICS', 1);		// Capture performance statistics
 //	define('DBG_MAX_SQL_TIME', 2);				// Maximal allowed sql execution time in seconds, all sqls above this become slow sqls
+//	define('DBG_RESET_ROOT', 1);				// Shows "root" user password reset link on Admin Console login screen
 
 	$dbg_options = Array (
 		// !!! DEBUG MODE will be off if IP does not match !!!

reset_root_password_only_in_debug_mode.patch [^] (1,159 bytes) 2011-12-13 03:44 [Show Content]

Index: debug_sample.php
===================================================================
--- debug_sample.php	(revision 14858)
+++ debug_sample.php	(working copy)
@@ -18,7 +18,6 @@
 //	define('SA_IP', '193.68.72.64/26;99.14.230.174'); // Define IP addresses, from which super admin are allowed to login
 //	define('DBG_CAPTURE_STATISTICS', 1);		// Capture performance statistics
 //	define('DBG_MAX_SQL_TIME', 2);				// Maximal allowed sql execution time in seconds, all sqls above this become slow sqls
-//	define('DBG_RESET_ROOT', 1);				// Shows "root" user password reset link on Admin Console login screen
 //	define('DBG_CURL', 1);						// Log all curl requests to CurlLog database table
 
 	$dbg_options = Array (
@@ -51,4 +50,5 @@
 //		'DBG_PAYMENT_GW'		=>	1,				// All requests to payment gateways goes in TEST MODE
 //		'DBG_IMAGE_RECOVERY'	=>	1,				// Don't replace missing images with noimage.gif
 //		'DBG_SQL_MODE'			=>	'TRADITIONAL',	// Extra control over sql syntax & data from MySQL server side
+//		'DBG_RESET_ROOT'		=>	1,				// Shows "root" user password reset link on Admin Console login screen
 	);
\ No newline at end of file

Relationships [ Relation Graph ] [ Dependency Graph ]

Notes
(0003970) erik (manager) 2011-10-03 10:29	Patch attached - needs testing

(0003977) alex (manager) 2011-10-03 12:10	1. Phrase "la_msg_YourRootPasswordHasBeenResetPleaseRemoveDbgResetRootConstantAndCheckYourEmailAddress" could shorter (phrase name, not translation), e.g. "la_msg_RootPasswordWasReset" 2. In OnResetRootPassword event "/* @var" line isn't properly tabulated 3. You have "Strip Trailing Spaces on Save" option disabled in Editor settings resulting empty lines looks like "TABTABTAB" instead of really empty line. Please enable this option and re-save file for useless tabs to be stripped. 4. Please add empty line before recallObject statements too (and all statements, that have /* @var after them. 5. Pass password as email event parameter, not a global var: - $send_params parameter of EmailEventAdmin method - Array ('password' => $new_root_password) - <inp2:m_Param name="password"/> inside e-mail event translation. 6. Please add sqls in upgrades.sql in the chronological order - at the end of file under current version. Not between other sqls. This will ease this version merging process in SVN. 7. Please remove trailing spaces after OnResetRootPassword event permission checking.

(0004006) erik (manager) 2011-10-04 10:56	reset_root_password_657.2.patch attached - needs testing

(0004012) alex (manager) 2011-10-05 07:09 edited on: 2011-10-05 07:11	Reviewed & tested in general, but I've fixed some things in "root_password_reset_v3.patch" patch: ------------------------------------------------------------------------------------------------- 1. "your password was reset" alert and "reset password" link now aren't shown at same time 2. phrase name wasn't renamed in "your password was reset" alert and it wasn't escaped in JS in case of missing phrase translation 3. event u:OnResetPassword now don't add "u" prefix to the url after being called 4. different SQLs were used in install/upgrade scripts to insert Event record 5. AllowChangeSender was set to 0, while it is set to 1 for all current events, that doesn't have any sender-specific behavior added 6. constant DBG_RESET_ROOT was added to tools/debug_sample.php with a comment on how it should be used

(0004013) alex (manager) 2011-10-05 07:10	Fix committed to 5.2.x branch. Commit Message: Fixes 0000657: Ability to Reset ROOT password to access Admin Console Commit on behalf of Erik

(0004239) Dmitry (manager) 2011-12-09 16:08	I have found a glitch in this feature. If I disable DBG, but keep RESET in Query it will be resetting password by passing OnResetRootPassword if DBG_RESET_ROOT is left enabled. I propose to check if DBG is also enable along with DBG_RESET_ROOT. What do you think?

(0004241) alex (manager) 2011-12-12 02:46	Nope, since all constants defined above $dbg_options array are defined this way to work even in case, when debug mode is turned off too, e.g. DBG_REQUREST_LOG, DBG_CURL, etc. And ability to reset password isn't related to fact, that debug mode is enabled. Only link is constant location in debug.php file, but again not all constants from that file are related to debug mode at all.

(0004246) Dmitry (manager) 2011-12-12 18:05	Let's move DBG_RESET_ROOT under Debug options

(0004250) alex (manager) 2011-12-13 03:45	Patch "reset_root_password_only_in_debug_mode.patch" adds additional protection in case if Administrator will forget to comment-out DBG_RESET_ROOT constant after using it. Now all "root" user password reset functionality will be enabled only, when Debug Mode is enabled (before this patch it was always enabled, once DBG_RESET_ROOT constant is defined in debug.php file).

(0004251) alex (manager) 2011-12-13 03:46	Will test all together later.

(0004252) alex (manager) 2011-12-13 03:47	Fix committed to 5.2.x branch. Commit Message: Fixes 0000657: Ability to Reset ROOT password to access Admin Console 1. adds additional protection in case if Administrator will forget to comment-out DBG_RESET_ROOT constant after using it

(0005026) alex (manager) 2012-07-25 05:32	Since 5.2.0 version was released.

Related Changesets
In-Portal CMS: 5.2.x r14862 Timestamp: 2011-12-13 03:47:00 Author: alex [ Details ] [ Diff ]	Fixes 0000657: Ability to Reset ROOT password to access Admin Console 1. adds additional protection in case if Administrator will forget to comment-out DBG_RESET_ROOT constant after using it
	mod - /in-portal/branches/5.2.x/tools/debug_sample.php	[ Diff ] [ File ]

In-Portal CMS: 5.2.x r14633 Timestamp: 2011-10-05 07:10:41 Author: alex [ Details ] [ Diff ]	Fixes 0000657: Ability to Reset ROOT password to access Admin Console Commit on behalf of Erik
	mod - /in-portal/branches/5.2.x/core/admin_templates/login.tpl	[ Diff ] [ File ]
	mod - /in-portal/branches/5.2.x/core/install/english.lang	[ Diff ] [ File ]
	mod - /in-portal/branches/5.2.x/core/install/install_data.sql	[ Diff ] [ File ]
	mod - /in-portal/branches/5.2.x/core/install/upgrades.sql	[ Diff ] [ File ]
	mod - /in-portal/branches/5.2.x/core/units/users/users_event_handler.php	[ Diff ] [ File ]
	mod - /in-portal/branches/5.2.x/tools/debug_sample.php	[ Diff ] [ File ]

Issue History
Date Modified	Username	Field	Change
2012-07-25 05:32	alex	Note Added: 0005026
2012-07-25 05:32	alex	Status	resolved => closed
2011-12-13 03:47	alex	Note Added: 0004252
2011-12-13 03:47	alex	Status	reviewed and tested => resolved
2011-12-13 03:47	alex	Resolution	reopened => fixed
2011-12-13 03:47	alex	Assigned To	!COMMUNITY => alex
2011-12-13 03:47	alex	Changeset attached	5.2.x r14862
2011-12-13 03:46	alex	Note Added: 0004251
2011-12-13 03:46	alex	Status	needs testing => reviewed and tested
2011-12-13 03:46	alex	Assigned To	alex => !COMMUNITY
2011-12-13 03:46	alex	Developer	erik => alex
2011-12-13 03:46	alex	Status	needs feedback => needs testing
2011-12-13 03:45	alex	Note Added: 0004250
2011-12-13 03:44	alex	File Added: reset_root_password_only_in_debug_mode.patch
2011-12-12 18:05	Dmitry	Note Added: 0004246
2011-12-12 18:05	Dmitry	Status	resolved => needs feedback
2011-12-12 18:05	Dmitry	Resolution	fixed => reopened
2011-12-12 02:46	alex	Status	needs feedback => resolved
2011-12-12 02:46	alex	Resolution	reopened => fixed
2011-12-12 02:46	alex	Note Added: 0004241
2011-12-09 16:08	Dmitry	Note Added: 0004239
2011-12-09 16:08	Dmitry	Status	resolved => needs feedback
2011-12-09 16:08	Dmitry	Resolution	fixed => reopened
2011-10-22 05:31	alex	Estimate Points	=> 1
2011-10-05 07:11	alex	Note Edited: 0004012	View Revisions
2011-10-05 07:10	alex	Note Added: 0004013
2011-10-05 07:10	alex	Status	reviewed and tested => resolved
2011-10-05 07:10	alex	Fixed in Version	=> 5.2.0-B1
2011-10-05 07:10	alex	Resolution	open => fixed
2011-10-05 07:10	alex	Assigned To	!COMMUNITY => alex
2011-10-05 07:10	alex	Changeset attached	5.2.x r14633
2011-10-05 07:09	alex	Note Added: 0004012
2011-10-05 07:09	alex	Assigned To	alex => !COMMUNITY
2011-10-05 07:09	alex	Status	needs testing => reviewed and tested
2011-10-05 07:08	alex	File Added: root_password_reset_v3.patch
2011-10-04 10:56	erik	Note Added: 0004006
2011-10-04 10:56	erik	Assigned To	erik => alex
2011-10-04 10:56	erik	Status	needs work => needs testing
2011-10-04 10:54	erik	File Added: reset_root_password_657.2.patch
2011-10-03 12:10	alex	Note Added: 0003977
2011-10-03 12:10	alex	Assigned To	alex => erik
2011-10-03 12:10	alex	Status	needs testing => needs work
2011-10-03 10:29	erik	Time Estimate Removed	3 =>
2011-10-03 10:29	erik	Note Added: 0003970
2011-10-03 10:29	erik	Assigned To	erik => alex
2011-10-03 10:29	erik	Developer	=> erik
2011-10-03 10:29	erik	Status	needs work => needs testing
2011-10-03 10:28	erik	File Added: reset_root_password_657.patch
2011-10-03 10:28	erik	File Deleted: reset_root_password_657.patch
2011-10-03 10:19	erik	File Added: reset_root_password_657.patch
2011-09-26 03:52	alex	Time Estimate Added	3
2011-09-26 03:52	alex	Additional Information Updated	View Revisions
2011-09-25 09:28	Dmitry	Change Log Message	=> Added ability to reset Root password
2011-09-25 09:28	Dmitry	Assigned To	=> erik
2011-09-25 09:28	Dmitry	Status	active => needs work
2011-09-25 09:28	Dmitry	Target Version	Icebox => 5.2.0
2010-03-27 17:18	alex	Reporter	alex => Dmitry
2010-03-27 17:14	alex	New Issue
2010-03-27 17:14	alex	Reference	=> http://groups.google.com/group/in-portal-dev/browse_thread/thread/9d3a9f7e8a0e070

Web Development by Intechnic

In-Portal Open Source CMS