catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)
Main RocketGit repo
Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 v0.71 v0.72 v0.73 v0.77 v0.78 v0.79 v0.80 v0.81 group1/branch1 group2/subgroup1/branch2 main master release

/tests/http_forgot.php (686cf12e2806e9b9c4ba12d04922397cb6668ea8) (3306 bytes) (mode 100644) (type blob)

<?php
//
// Will test the forgot password feature
//

error_reporting(E_ALL | E_STRICT);
ini_set("track_errors", "On");

$INC = dirname(__FILE__) . "/../inc";
require_once(dirname(__FILE__) . "/config.php");
require_once($INC . "/init.inc.php");
require_once($INC . "/util.inc.php");
require_once("helpers.inc.php");
require_once("http.inc.php");

rg_log_set_file("http_forgot.log");

$rg_sql = "host=localhost user=rocketgit dbname=rocketgit connect_timeout=10";
$rg_no_db = TRUE;
require_once("common.php");

$_testns = 'http_forgot';
$rg_cache_enable = TRUE;
$rg_cache_debug = TRUE;

$rg_user_max_len = 60;

rg_test_create_user($db, $rg_ui);


rg_log('');
rg_log_enter('Loading forgot pass form...');
$data = array();
$r = do_req($test_url . '/op/forgot_send', $data, $headers);
if ($r === FALSE) {
	rg_log("Cannot load forgot pass page!");
	exit(1);
}
rg_log('Posting the forgot pass form...');
$data = array(
	'email' => $rg_ui['email'],
	'doit' => 1
	);
$r = do_req($test_url . '/op/forgot_send', $data, $headers);
if (!strstr($r['body'], 'your inbox and follow the instructions')) {
	rg_log_ml('r: ' . print_r($r, TRUE));
	rg_log("Cannot post forgot pass form!");
	exit(1);
}
$sql = 'SELECT token FROM forgot_pass WHERE uid = ' . $rg_ui['uid'];
$res = rg_sql_query($db, $sql);
$rows = rg_sql_num_rows($res);
if ($rows > 0)
	$row = rg_sql_fetch_array($res);
rg_sql_free_result($res);
if ($rows != 1) {
	rg_log("Seems the token is not in the database or there are multiple"
		. " ones (rows=" . $rows . ")!");
	exit(1);
}
$db_token = $row['token'];
rg_log_exit();


rg_log('');
rg_log_enter('Loading token from mail...');
$k = 'DEBUG::0::mail';
$c = rg_cache_get($k);
if (($c === FALSE) || !isset($c['body'])) {
	rg_log_ml(print_r($c, TRUE));
	rg_log('No c or no body in c var!');
	exit(1);
}
$s = strstr($c['body'], '/op/forgot_link/');
if ($s === FALSE) {
	rg_log_ml(print_r($c['body'], TRUE));
	rg_log('No link in body!');
	exit(1);
}

$s = substr($s, 16, 20);
if (strcmp($db_token, $s) != 0) {
	rg_log('db token != mail token! [' . $db_token . '] != [' . $s . ']');
	exit(1);
}

// we add junk because I've seen cases when some junk was appended
$s .= 'junk';

$data = array();
$r = do_req($test_url . '/op/forgot_link/' . $s, $data, $headers);
if ($r === FALSE) {
	rg_log("Cannot load forgot_link page!");
	exit(1);
}

rg_log('Posting the forgot link form...');
$pass = rg_id(10);
$data = array(
	'forgot_token' => $s,
	'pass1' => $pass,
	'pass2' => $pass,
	'lock_ip' => 1,
	'doit' => 1
	);
$r = do_req($test_url . '/op/forgot_link', $data, $headers);
if (!strstr($r['body'], 'Home page of user')) {
	rg_log_ml('r: ' . print_r($r, TRUE));
	rg_log('Cannot post forgot link form!');
	exit(1);
}
$sql = 'SELECT salt, pass FROM users WHERE uid = ' . $rg_ui['uid'];
$res = rg_sql_query($db, $sql);
$rows = rg_sql_num_rows($res);
if ($rows > 0)
	$row = rg_sql_fetch_array($res);
rg_sql_free_result($res);
if ($rows != 1) {
	rg_log('Seems the password was not changed!');
	exit(1);
}
$good_pass = rg_user_pass($row['salt'], $pass);
if (strcmp($good_pass, $row['pass']) != 0) {
	rg_log_ml('row: ' . print_r($row, TRUE));
	rg_log('passwords are not the same pass=[' . $pass . ']!');
	exit(1);
}
rg_log_exit();

// TODO: make sure that the entry from forgot_pass is gone


rg_prof_log();
rg_log("OK!");
?>

Mode Type Size Ref File
100644 blob 9 f3c7a7c5da68804a1bdf391127ba34aed33c3cca .exclude
100644 blob 102 eaeb7d777062c60a55cdd4b5734902cdf6e1790c .gitignore
100644 blob 289 fabbff669e768c05d6cfab4d9aeb651bf623e174 AUTHORS
100644 blob 1132 dd65951315f3de6d52d52a82fca59889d1d95187 Certs.txt
100644 blob 1339 6ef73b238cddfb5bd83fe344a186e48f12e9da2c Compare.txt
100644 blob 549 41c3bdbba8ec2523fe24b84bdd46777fc13e8345 History.txt
100644 blob 34520 dba13ed2ddf783ee8118c6a581dbf75305f816a3 LICENSE
100644 blob 2695 994656805a9db0ea31cf9be1e5776182efbefecc Makefile.in
100644 blob 4788 eb8fa578df718b058ebbde968998718c669984cd README
100644 blob 99453 efb1295a6850bf3105a314f25c2f28b8b555e771 TODO
100644 blob 1294 f22911eb777f0695fcf81ad686eac133eb11fcc4 TODO-plans
100644 blob 203 a2863c67c3da44126b61a15a6f09738c25e0fbe0 TODO.perf
100644 blob 373 ca2fd2e49069f5d13d557928e0bf53135782530f TODO.vm
040000 tree - 21928e906ad2907a55c2e81c2a8b0502b586b8a0 artwork
100755 blob 30 92c4bc48245c00408cd7e1fd89bc1a03058f4ce4 configure
040000 tree - 788c57f7b8b4a17ab4e6903b044addae9617da09 debian
040000 tree - 0136f430a4d967b7e10840678b5cc375e8584555 docker
040000 tree - f67d3605efbd6422a8acdd953578991139266391 docs
100755 blob 16711 924262b2f8dbf3bbe02358e7f404175732e970d1 duilder
100644 blob 536 0c5848fb0f59bf8aa904bb2c024c7ecc53b047fa duilder.conf
040000 tree - b0cc8cc0386eddf4373339a7860e46e8f74e0202 hooks
040000 tree - d1b34d89210e784b87ede1aa7ec16ce59aedca2a inc
100644 blob 3881 074e596bfc98db0f5ea8368ba9839659629bb814 rocketgit.spec.in
040000 tree - baff99e00ca8ac615f027d5a2d9ea03a7e9ca707 root
040000 tree - 98e6b87aadfef2d716b0462de88f8afaca8e3a93 samples
040000 tree - 43dbe42a84ee92d4ed74db37bf94505d516d067c scripts
040000 tree - 025ca18e527ac6671c34adb53cd74cd242ce68a2 selinux
100755 blob 256 462ccd108c431f54e380cdac2329129875a318b5 spell_check.sh
040000 tree - cb54e074b3ca35943edfcda9dd9cfcd281bcd9e7 techdocs
040000 tree - 587784e5b28fc05396dc32ed0ce13e05723cea6d tests
040000 tree - d39824f9d9ba0f8b2f00f4a101f5cd5aeebc2f83 tools
Hints:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main