honor autopasswd setting for resend password

When autopasswd is disabled, the resend password option now asks for a
new password instead of autogenerating a new one and sending it by mail.

Note to translators: the wording for btn_resendpwd and resendpwd changed
to be more universal. English and German language files where updated -
other languages need to be adjusted.

Conflicts:

	inc/lang/en/lang.php

6 files changed, 78 insertions, 31 deletions

diff --git a/inc/auth.php b/inc/auth.php
index eff984b36..740a75a5c 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -852,32 +852,52 @@ function act_resendpwd(){
     $token = preg_replace('/[^a-f0-9]+/','',$_REQUEST['pwauth']);
 
     if($token){
-        // we're in token phase
+        // we're in token phase - get user info from token
 
         $tfile = $conf['cachedir'].'/'.$token{0}.'/'.$token.'.pwauth';
         if(!@file_exists($tfile)){
             msg($lang['resendpwdbadauth'],-1);
+            unset($_REQUEST['pwauth']);
             return false;
         }
         $user = io_readfile($tfile);
-        @unlink($tfile);
         $userinfo = $auth->getUserData($user);
         if(!$userinfo['mail']) {
             msg($lang['resendpwdnouser'], -1);
             return false;
         }
 
-        $pass = auth_pwgen();
-        if (!$auth->triggerUserMod('modify', array($user,array('pass' => $pass)))) {
-            msg('error modifying user data',-1);
-            return false;
-        }
 
-        if (auth_sendPassword($user,$pass)) {
-            msg($lang['resendpwdsuccess'],1);
-        } else {
-            msg($lang['regmailfail'],-1);
+        if(!$conf['autopasswd']){ // we let the user choose a password
+            // password given correctly?
+            if(!isset($_REQUEST['pass']) || $_REQUEST['pass'] == '') return false;
+            if($_REQUEST['pass'] != $_REQUEST['passchk']){
+                msg('password mismatch',-1); #FIXME localize
+                return false;
+            }
+            $pass = $_REQUEST['pass'];
+
+            if (!$auth->triggerUserMod('modify', array($user,array('pass' => $pass)))) {
+                msg('error modifying user data',-1);
+                return false;
+            }
+
+        }else{ // autogenerate the password and send by mail
+
+            $pass = auth_pwgen();
+            if (!$auth->triggerUserMod('modify', array($user,array('pass' => $pass)))) {
+                msg('error modifying user data',-1);
+                return false;
+            }
+
+            if (auth_sendPassword($user,$pass)) {
+                msg($lang['resendpwdsuccess'],1);
+            } else {
+                msg($lang['regmailfail'],-1);
+            }
         }
+
+        @unlink($tfile);
         return true;
 
     } else {
diff --git a/inc/html.php b/inc/html.php
index 1a2d7daef..dea9ac6ab 100644
--- a/inc/html.php
+++ b/inc/html.php
@@ -1661,26 +1661,49 @@ function html_admin(){
  * Form to request a new password for an existing account
  *
  * @author Benoit Chesneau <benoit@bchesneau.info>
+ * @author Andreas Gohr <gohr@cosmocode.de>
  */
 function html_resendpwd() {
     global $lang;
     global $conf;
     global $ID;
 
-    print p_locale_xhtml('resendpwd');
-    print '<div class="centeralign">'.NL;
-    $form = new Doku_Form(array('id' => 'dw__resendpwd'));
-    $form->startFieldset($lang['resendpwd']);
-    $form->addHidden('do', 'resendpwd');
-    $form->addHidden('save', '1');
-    $form->addElement(form_makeTag('br'));
-    $form->addElement(form_makeTextField('login', $_POST['login'], $lang['user'], '', 'block'));
-    $form->addElement(form_makeTag('br'));
-    $form->addElement(form_makeTag('br'));
-    $form->addElement(form_makeButton('submit', '', $lang['btn_resendpwd']));
-    $form->endFieldset();
-    html_form('resendpwd', $form);
-    print '</div>'.NL;
+    $token = preg_replace('/[^a-f0-9]+/','',$_REQUEST['pwauth']);
+
+    if(!$conf['autopasswd'] && $token){
+        print p_locale_xhtml('resetpwd');
+        print '<div class="centeralign">'.NL;
+        $form = new Doku_Form(array('id' => 'dw__resendpwd'));
+        $form->startFieldset($lang['btn_resendpwd']);
+        $form->addHidden('token', $token);
+        $form->addHidden('do', 'resendpwd');
+        //$form->addElement(form_makeTag('br'));
+
+        $form->addElement(form_makePasswordField('pass', $lang['pass'], '', 'block', array('size'=>'50')));
+        $form->addElement(form_makePasswordField('passchk', $lang['passchk'], '', 'block', array('size'=>'50')));
+
+        $form->addElement(form_makeButton('submit', '', $lang['btn_resendpwd']));
+        $form->endFieldset();
+        html_form('resendpwd', $form);
+        print '</div>'.NL;
+    }else{
+        print p_locale_xhtml('resendpwd');
+        print '<div class="centeralign">'.NL;
+        $form = new Doku_Form(array('id' => 'dw__resendpwd'));
+        $form->startFieldset($lang['resendpwd']);
+        $form->addHidden('do', 'resendpwd');
+        $form->addHidden('save', '1');
+        $form->addElement(form_makeTag('br'));
+        $form->addElement(form_makeTextField('login', $_POST['login'], $lang['user'], '', 'block'));
+        $form->addElement(form_makeTag('br'));
+        $form->addElement(form_makeTag('br'));
+        $form->addElement(form_makeButton('submit', '', $lang['btn_resendpwd']));
+        $form->endFieldset();
+        html_form('resendpwd', $form);
+        print '</div>'.NL;
+    }
+
+
 }
 
 /**
diff --git a/inc/lang/de-informal/lang.php b/inc/lang/de-informal/lang.php
index ec5e308ce..74f3126a9 100644
--- a/inc/lang/de-informal/lang.php
+++ b/inc/lang/de-informal/lang.php
@@ -54,7 +54,7 @@ $lang['btn_backtomedia']       = 'Zurück zur Dateiauswahl';
 $lang['btn_subscribe']         = 'Aboverwaltung';
 $lang['btn_profile']           = 'Benutzerprofil';
 $lang['btn_reset']             = 'Zurücksetzen';
-$lang['btn_resendpwd']         = 'Sende neues Passwort';
+$lang['btn_resendpwd']         = 'Setze neues Passwort';
 $lang['btn_draft']             = 'Entwurf bearbeiten';
 $lang['btn_recover']           = 'Entwurf wiederherstellen';
 $lang['btn_draftdel']          = 'Entwurf löschen';
@@ -91,7 +91,7 @@ $lang['profnoempty']           = 'Es muss ein Name oder eine E-Mail Adresse ange
 $lang['profchanged']           = 'Benutzerprofil erfolgreich geändert.';
 $lang['pwdforget']             = 'Passwort vergessen? Fordere ein neues an';
 $lang['resendna']              = 'Passwörter versenden ist in diesem Wiki nicht möglich.';
-$lang['resendpwd']             = 'Neues Passwort senden für';
+$lang['resendpwd']             = 'Neues Passwort setzen für';
 $lang['resendpwdmissing']      = 'Es tut mir Leid, aber du musst alle Felder ausfüllen.';
 $lang['resendpwdnouser']       = 'Es tut mir Leid, aber der Benutzer existiert nicht in unserer Datenbank.';
 $lang['resendpwdbadauth']      = 'Es tut mir Leid, aber dieser Authentifizierungscode ist ungültig. Stelle sicher, dass du den kompletten Bestätigungslink verwendet haben.';
diff --git a/inc/lang/de/lang.php b/inc/lang/de/lang.php
index eef2f6632..e8e44287f 100644
--- a/inc/lang/de/lang.php
+++ b/inc/lang/de/lang.php
@@ -56,7 +56,7 @@ $lang['btn_backtomedia']       = 'Zurück zur Dateiauswahl';
 $lang['btn_subscribe']         = 'Aboverwaltung';
 $lang['btn_profile']           = 'Benutzerprofil';
 $lang['btn_reset']             = 'Zurücksetzen';
-$lang['btn_resendpwd']         = 'Sende neues Passwort';
+$lang['btn_resendpwd']         = 'Setze neues Passwort';
 $lang['btn_draft']             = 'Entwurf bearbeiten';
 $lang['btn_recover']           = 'Entwurf wiederherstellen';
 $lang['btn_draftdel']          = 'Entwurf löschen';
@@ -93,7 +93,7 @@ $lang['profnoempty']           = 'Es muss ein Name und eine E-Mail-Adresse angeg
 $lang['profchanged']           = 'Benutzerprofil erfolgreich geändert.';
 $lang['pwdforget']             = 'Passwort vergessen? Fordere ein neues an';
 $lang['resendna']              = 'Passwörter versenden ist in diesem Wiki nicht möglich.';
-$lang['resendpwd']             = 'Neues Passwort senden für';
+$lang['resendpwd']             = 'Neues Passwort setzen für';
 $lang['resendpwdmissing']      = 'Es tut mir Leid, aber Sie müssen alle Felder ausfüllen.';
 $lang['resendpwdnouser']       = 'Es tut mir Leid, aber der Benutzer existiert nicht in unserer Datenbank.';
 $lang['resendpwdbadauth']      = 'Es tut mir Leid, aber dieser Authentifizierungscode ist ungültig. Stellen Sie sicher, dass Sie den kompletten Bestätigungslink verwendet haben.';
diff --git a/inc/lang/en/lang.php b/inc/lang/en/lang.php
index 89a7c4d40..9d26a4957 100644
--- a/inc/lang/en/lang.php
+++ b/inc/lang/en/lang.php
@@ -43,7 +43,7 @@ $lang['btn_backtomedia']       = 'Back to Mediafile Selection';
 $lang['btn_subscribe']         = 'Manage Subscriptions';
 $lang['btn_profile']           = 'Update Profile';
 $lang['btn_reset']             = 'Reset';
-$lang['btn_resendpwd']         = 'Send new password';
+$lang['btn_resendpwd']         = 'Set new password';
 $lang['btn_draft']             = 'Edit draft';
 $lang['btn_recover']           = 'Recover draft';
 $lang['btn_draftdel']          = 'Delete draft';
@@ -84,7 +84,7 @@ $lang['profchanged']           = 'User profile successfully updated.';
 
 $lang['pwdforget']             = 'Forgotten your password? Get a new one';
 $lang['resendna']              = 'This wiki does not support password resending.';
-$lang['resendpwd']             = 'Send new password for';
+$lang['resendpwd']             = 'Set new password for';
 $lang['resendpwdmissing']      = 'Sorry, you must fill in all fields.';
 $lang['resendpwdnouser']       = 'Sorry, we can\'t find this user in our database.';
 $lang['resendpwdbadauth']      = 'Sorry, this auth code is not valid. Make sure you used the complete confirmation link.';
diff --git a/inc/lang/en/resetpwd.txt b/inc/lang/en/resetpwd.txt
new file mode 100644
index 000000000..993b48765
--- /dev/null
+++ b/inc/lang/en/resetpwd.txt
@@ -0,0 +1,4 @@
+====== Set new password ======
+
+Please enter a new password for your account in this wiki.
+