2 * Written by Richard W.M. Jones <rich@merjis.com>.
3 * Copyright (C) 2004 Merjis Ltd.
4 * $Id: forgot_password.ml,v 1.1 2004/09/07 17:16:46 rich Exp $
14 open Cocanwiki_strings
16 let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ =
17 let name = trim (q#param "name") in
20 error ~back_button:true ~title:"No username or email address"
21 q "You didn't give a username or email address";
25 (* Look it up in the database. *)
26 let sth = dbh#prepare_cached "select email, name, password from users
28 and (lower (name) = lower (?)
29 or lower (email) = lower (?))" in
30 sth#execute [`Int hostid; `String name; `String name];
33 let email, name, password = match sth#fetch1 () with
34 [ `String email; `String name; `String password ] ->
36 | _ -> assert false in
38 (* Get the IP address of the user, if available. *)
40 try Connection.remote_ip (Request.connection r) with Not_found -> "" in
42 let subject = "Password for " ^ hostname in
45 "Someone, possibly you, requested your password for " ^ hostname ^
47 "Username: " ^ name ^ "\n" ^
48 "Password: " ^ password ^ "\n" ^
50 "IP address of request: " ^ ip ^ "\n" in
52 Sendmail.send_mail ~subject ~to_addr:[ email ] ~body ();
54 let buttons = [ ok_button "/_login" ] in
55 ok ~buttons ~title:"Password sent by email"
57 ("Your password was sent by email. If you don't receive the password " ^
58 "within an hour, please notify the site's administrator.")
61 (* Artificially limit the rate at which people can search the database
66 error ~back_button:true ~title:"Nothing known"
67 q "Sorry, don't know anyone with that name or email address."