diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2009-10-05 14:04:27 -0700 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2009-10-09 01:26:35 -0700 |
| commit | 00ee91837faf4807fb17dde3272ca8248a9dcd94 (patch) | |
| tree | 29bf1e98cdb6fc16c548b5dfbe15a965cb524235 /modules/user/controllers/password.php | |
| parent | f67bfd099296602f60d48914ae4b09d65b0ad8d3 (diff) | |
Convert direct lookups for the user table using ORM to using the user::lookup_by_name and user_lookup API methods.
Convert the Admin_User controller
Convert the login and password change controller
Change the item model to call user::lookup to get the owner.
On the log model, delete the relationship between the log and user table, and replace with a
call to user::lookup
(cherry picked from commit 194cc3b27a73afe5119da9f09407c1e068dc6fa3)
Create the get_user_list, lookup_by_name, lookup_by_hash and get_group_list api functions
Diffstat (limited to 'modules/user/controllers/password.php')
| -rw-r--r-- | modules/user/controllers/password.php | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php index 4629bbf2..e8b08960 100644 --- a/modules/user/controllers/password.php +++ b/modules/user/controllers/password.php @@ -32,10 +32,8 @@ class Password_Controller extends Controller { if (request::method() == "post") { $this->_change_password(); } else { - $user = ORM::factory("user") - ->where("hash", Input::instance()->get("key")) - ->find(); - if ($user->loaded) { + $user = user::lookup_by_hash(Input::instance()->get("key")); + if (!empty($user)) { print $this->_new_password_form($user->hash); } else { throw new Exception("@todo FORBIDDEN", 503); @@ -48,7 +46,7 @@ class Password_Controller extends Controller { $valid = $form->validate(); if ($valid) { - $user = ORM::factory("user")->where("name", $form->reset->inputs["name"]->value)->find(); + $user = user::lockup_by_name($form->reset->inputs["name"]->value); if (!$user->loaded || empty($user->email)) { $form->reset->inputs["name"]->add_error("no_email", 1); $valid = false; @@ -118,11 +116,8 @@ class Password_Controller extends Controller { private function _change_password() { $view = $this->_new_password_form(); if ($view->content->validate()) { - $user = ORM::factory("user") - ->where("hash", $view->content->reset->hash->value) - ->find(); - - if (!$user->loaded) { + $user = user::lookup_by_hash(Input::instance()->get("key")); + if (empty($user)) { throw new Exception("@todo FORBIDDEN", 503); } |