#
# This file is part of Savane.
#
@@ -140,6 +141,55 @@ $message_for_admin =
. gmdate('D, d M Y H:i:s \G\M\T')
. "\n";
+$message_enc = "";
+$temp_dir = shell_exec('echo -n `mktemp --tmpdir -d lostpw.XXXXXXXX`');
+if($temp_dir != "")
+ {
+ # Import registered GPG key to temporary directory.
+ $temp_dir = "'".$temp_dir."'";
+ $res_gpg = db_execute("SELECT gpg_key FROM user WHERE user_id=?",
+ array($row_user['user_id']));
+ $row_gpg = db_fetch_array($res_gpg);
+
+ $gpg_process = popen('gpg --homedir '.$temp_dir.' --import 2>/dev/null >/dev/null',
+ 'w');
+ fwrite($gpg_process, $row_gpg['gpg_key']);
+ pclose($gpg_process);
+
+ # Find first key with encryption capability; get its ID.
+ $gpg_command = 'gpg --homedir '.$temp_dir.' --list-keys --with-colons 2>/dev/null';
+ $gpg_command = $gpg_command." | awk -F ':' '";
+ $gpg_command = $gpg_command.'$1 == "pub" { if($12 !~ /[eE]/) next; ';
+ $gpg_command = $gpg_command.'if($5 == "") next; printf("%s", $5); exit(0); }';
+ $gpg_command = $gpg_command."'";
+ $key_id = shell_exec($gpg_command);
+
+ if($key_id != "")
+ {
+ $temp_file = shell_exec('echo -n `mktemp --tmpdir lostpw.XXXXXXXX`');
+ if($temp_file != "")
+ {
+ # Encrypt message.
+ $temp_file = "'".$temp_file."'";
+ $gpg_command = 'gpg --homedir '.$temp_dir.' --batch -a --encrypt ';
+ $gpg_command = $gpg_command.'--trust-model always -r '.$key_id;
+ $gpg_command = $gpg_command." > ".$temp_file;
+ $gpg_process = popen($gpg_command, 'w');
+ fwrite($gpg_process, $message);
+ pclose($gpg_process);
+ $message_enc = shell_exec("cat ".$temp_file);
+ shell_exec('rm -f '.$temp_file);
+ }
+ }
+
+ shell_exec('rm -fr '.$temp_dir);
+
+ if($message_enc != "")
+ {
+ $message = $message_enc;
+ }
+ }
+
sendmail_mail($GLOBALS['sys_mail_replyto']."@".$GLOBALS['sys_mail_domain'],
$row_user['email'],
$GLOBALS['sys_default_domain']." Verification",
@@ -159,6 +209,10 @@ $HTML->header(array('title'=>_("Lost Password Confirmation")));
print ''._("An email has been sent to the address you have on file.").'
';
print ''._("Follow the instructions in the email to change your account password.").'
';
+if($message_enc != "")
+ {
+ print ''._("Note that it was encrypted with your registered GPG key.").'
';
+ }
;
$HTML->footer(array());
--
1.7.9.5