diff --git a/htdocs/user/passwordforgotten.php b/htdocs/user/passwordforgotten.php
index b29bb0e6d70..15df6371891 100644
--- a/htdocs/user/passwordforgotten.php
+++ b/htdocs/user/passwordforgotten.php
@@ -64,91 +64,99 @@ if (GETPOST('dol_use_jmobile', 'alpha') || !empty($_SESSION['dol_use_jmobile']))
* Actions
*/
-// Validate new password
-if ($action == 'validatenewpassword' && $username && $passwordhash)
-{
- $edituser = new User($db);
- $result = $edituser->fetch('', $_GET["username"]);
- if ($result < 0)
- {
- $message = ''.dol_escape_htmltag($langs->trans("ErrorLoginDoesNotExists", $username)).'
';
- } else {
- if (dol_verifyHash($edituser->pass_temp, $passwordhash))
- {
- // Clear session
- unset($_SESSION['dol_login']);
- $_SESSION['dol_loginmesg'] = $langs->trans('NewPasswordValidated'); // Save message for the session page
-
- $newpassword = $edituser->setPassword($user, $edituser->pass_temp, 0);
- dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
- header("Location: ".DOL_URL_ROOT.'/');
- exit;
- } else {
- $langs->load("errors");
- $message = ''.$langs->trans("ErrorFailedToValidatePasswordReset").'
';
- }
- }
+$parameters = array('username' => $username);
+$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
+if ($reshook < 0) {
+ $message = $hookmanager->error;
}
-// Action modif mot de passe
-if ($action == 'buildnewpassword' && $username)
-{
- $sessionkey = 'dol_antispam_value';
- $ok = (array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));
- // Verify code
- if (!$ok)
- {
- $message = ''.$langs->trans("ErrorBadValueForCode").'
';
- } else {
- $isanemail = preg_match('/@/', $username);
+if (empty($reshook)) {
+ // Validate new password
+ if ($action == 'validatenewpassword' && $username && $passwordhash)
+ {
+ $edituser = new User($db);
+ $result = $edituser->fetch('', $_GET["username"]);
+ if ($result < 0)
+ {
+ $message = ''.dol_escape_htmltag($langs->trans("ErrorLoginDoesNotExists", $username)).'
';
+ } else {
+ if (dol_verifyHash($edituser->pass_temp, $passwordhash))
+ {
+ // Clear session
+ unset($_SESSION['dol_login']);
+ $_SESSION['dol_loginmesg'] = $langs->trans('NewPasswordValidated'); // Save message for the session page
- $edituser = new User($db);
- $result = $edituser->fetch('', $username, '', 1);
- if ($result == 0 && $isanemail)
- {
- $result = $edituser->fetch('', '', '', 1, -1, $username);
- }
+ $newpassword = $edituser->setPassword($user, $edituser->pass_temp, 0);
+ dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
+ header("Location: ".DOL_URL_ROOT.'/');
+ exit;
+ } else {
+ $langs->load("errors");
+ $message = ''.$langs->trans("ErrorFailedToValidatePasswordReset").'
';
+ }
+ }
+ }
+ // Action modif mot de passe
+ if ($action == 'buildnewpassword' && $username)
+ {
+ $sessionkey = 'dol_antispam_value';
+ $ok = (array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));
- if ($result <= 0 && $edituser->error == 'USERNOTFOUND')
- {
- $message = '';
- if (!$isanemail) {
- $message .= $langs->trans("IfLoginExistPasswordRequestSent");
- } else {
- $message .= $langs->trans("IfEmailExistPasswordRequestSent");
- }
- $message .= '
';
- $username = '';
- } else {
- if (!$edituser->email)
- {
- $message = ''.$langs->trans("ErrorLoginHasNoEmail").'
';
- } else {
- $newpassword = $edituser->setPassword($user, '', 1);
- if ($newpassword < 0)
- {
- // Failed
- $message = ''.$langs->trans("ErrorFailedToChangePassword").'
';
- } else {
- // Success
- if ($edituser->send_password($user, $newpassword, 1) > 0)
- {
- $message = '';
- if (!$isanemail) {
- $message .= $langs->trans("IfLoginExistPasswordRequestSent");
- } else {
- $message .= $langs->trans("IfEmailExistPasswordRequestSent");
- }
- //$message .= $langs->trans("PasswordChangeRequestSent", $edituser->login, dolObfuscateEmail($edituser->email));
- $message .= '
';
- $username = '';
- } else {
- $message .= ''.$edituser->error.'
';
- }
- }
- }
- }
- }
+ // Verify code
+ if (!$ok)
+ {
+ $message = ''.$langs->trans("ErrorBadValueForCode").'
';
+ } else {
+ $isanemail = preg_match('/@/', $username);
+
+ $edituser = new User($db);
+ $result = $edituser->fetch('', $username, '', 1);
+ if ($result == 0 && $isanemail)
+ {
+ $result = $edituser->fetch('', '', '', 1, -1, $username);
+ }
+
+ if ($result <= 0 && $edituser->error == 'USERNOTFOUND')
+ {
+ $message = '';
+ if (!$isanemail) {
+ $message .= $langs->trans("IfLoginExistPasswordRequestSent");
+ } else {
+ $message .= $langs->trans("IfEmailExistPasswordRequestSent");
+ }
+ $message .= '
';
+ $username = '';
+ } else {
+ if (!$edituser->email)
+ {
+ $message = ''.$langs->trans("ErrorLoginHasNoEmail").'
';
+ } else {
+ $newpassword = $edituser->setPassword($user, '', 1);
+ if ($newpassword < 0)
+ {
+ // Failed
+ $message = ''.$langs->trans("ErrorFailedToChangePassword").'
';
+ } else {
+ // Success
+ if ($edituser->send_password($user, $newpassword, 1) > 0)
+ {
+ $message = '';
+ if (!$isanemail) {
+ $message .= $langs->trans("IfLoginExistPasswordRequestSent");
+ } else {
+ $message .= $langs->trans("IfEmailExistPasswordRequestSent");
+ }
+ //$message .= $langs->trans("PasswordChangeRequestSent", $edituser->login, dolObfuscateEmail($edituser->email));
+ $message .= '
';
+ $username = '';
+ } else {
+ $message .= ''.$edituser->error.'
';
+ }
+ }
+ }
+ }
+ }
+ }
}