".__('Invalid host domain').""; } } } unset($output); } if ((!empty($_POST['user'])) && (!empty($_POST['code'])) && (!empty($_POST['password'])) ) { if ( $_POST['password'] == $_POST['password_confirm'] ) { $v_user = escapeshellarg($_POST['user']); $user = $_POST['user']; $cmd="/usr/bin/sudo /usr/local/hestia/bin/v-list-user"; exec ($cmd." ".$v_user." json", $output, $return_var); if ( $return_var == 0 ) { $data = json_decode(implode('', $output), true); $rkey = $data[$user]['RKEY']; if (hash_equals($rkey, $_POST['code'])) { unset($output); exec("/usr/bin/sudo /usr/local/hestia/bin/v-get-user-value ".$v_user." RKEYEXP", $output,$return_var); if($output[0] > time() - 900){ $v_password = tempnam("/tmp","vst"); $fp = fopen($v_password, "w"); fwrite($fp, $_POST['password']."\n"); fclose($fp); $cmd="/usr/bin/sudo /usr/local/hestia/bin/v-change-user-password"; exec ($cmd." ".$v_user." ".$v_password, $output, $return_var); unlink($v_password); if ( $return_var > 0 ) { sleep(5); $ERROR = "".__('An internal error occurred').""; } else { $_SESSION['user'] = $_POST['user']; header("Location: /"); exit; } }else{ sleep(5); $ERROR = "".__('Code has been expired').""; } } else { sleep(5); $ERROR = "".__('Invalid username or code').""; } } else { sleep(5); $ERROR = "".__('Invalid username or code').""; } } else { $ERROR = "".__('Passwords not match').""; } } // Detect language if (empty($_SESSION['language'])) $_SESSION['language'] = detect_user_language(); if (empty($_GET['action'])) { require_once '../templates/header.html'; require_once '../templates/reset_1.html'; } else { require_once '../templates/header.html'; if ($_GET['action'] == 'code' ) { require_once '../templates/reset_2.html'; } if (($_GET['action'] == 'confirm' ) && (!empty($_GET['code']))) { require_once '../templates/reset_3.html'; } } ?>