diff options
| -rw-r--r-- | modules/user/controllers/login.php | 11 | ||||
| -rw-r--r-- | modules/user/controllers/password.php | 101 | ||||
| -rw-r--r-- | modules/user/views/login_prompt.html.php | 44 | ||||
| -rw-r--r-- | modules/user/views/reset_password.html.php | 14 |
4 files changed, 166 insertions, 4 deletions
diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php index c9a32546..bf45746d 100644 --- a/modules/user/controllers/login.php +++ b/modules/user/controllers/login.php @@ -27,7 +27,7 @@ class Login_Controller extends Controller { } private function _try_login() { - $form = $this->_login_form(); + $form = $this->_login_form()->form; $valid = $form->validate(); if ($valid) { @@ -53,12 +53,15 @@ class Login_Controller extends Controller { } private function _login_form() { - $form = new Forge(url::current(true), "", "post", array("id" => "gLoginForm")); - $group = $form->group("login")->label(t("Login")); + $view = new View("login_prompt.html"); + + $view->form = new Forge(url::current(true), "", "post", array("id" => "gLoginForm")); + $group = $view->form->group("login")->label(t("Login")); $group->input("name")->label(t("Name"))->id("gName")->class(null); $group->password("password")->label(t("Password"))->id("gPassword")->class(null); $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password")); $group->submit("")->value(t("Login")); - return $form; + + return $view; } }
\ No newline at end of file diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php new file mode 100644 index 00000000..590b3640 --- /dev/null +++ b/modules/user/controllers/password.php @@ -0,0 +1,101 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2008 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Password_Controller extends Controller { + public function reset() { + if (request::method() == "post") { + $this->_send_reset(); + } else { + // @todo validate the query key parmeter + print $this->_reset_form(); + } + } + + public function do_reset() { + if (request::method() == "post") { + $this->_change_password(); + } else { + print $this->_new_password_form(); + } + } + + private function _send_reset() { + $form = $this->_reset_form(); + + + $valid = $form->validate(); + if ($valid) { + $user = ORM::factory("user")->where("name", $form->reset->inputs["name"]->value)->find(); + if (!$user->loaded || empty($user->email)) { + $form->reset->inputs["name"]->add_error("no_email", 1); + $valid = false; + } + } + + if ($valid) { + try { + $md5 = md5("$user->name; $user->full_name; $user->login_count; $user->last_login"); + $message = new View("reset_password.html"); + $message->url = url::abs_site("password/do_reset?key=$md5"); + $message->name = $user->full_name; + $message->title = t("Password Reset Request"); + + Sendmail::factory() + ->to($user->email) + ->subject(t("Password Reset Request")) + ->header("Mime-Version", "1.0") + ->header("Content-type", "text/html; charset=iso-8859-1") + ->message($message->render()) + ->send(); + } catch (Exception $e) { + Kohana::log("error", $e->getMessage() . "\n" . $e->getTraceAsString()); + } + + message::success(t("Password reset email sent"), null); + print json_encode( + array("result" => "success")); + } else { + print json_encode( + array("result" => "error", + "form" => $form->__toString())); + } + } + + private function _reset_form() { + $form = new Forge(url::current(true), "", "post", array("id" => "gResetForm")); + $group = $form->group("reset")->label(t("Reset Password")); + $group->input("name")->label(t("Name"))->id("gName")->class(null)->rules("required"); + $group->inputs["name"]->error_messages("no_email", t("No email, unable to reset password")); + $group->submit("")->value(t("Reset")); + + return $form; + } + + private function _new_password_form() { + $form = new Forge("password/do_reset", "", "post", array("id" => "gChangePasswordForm")); + $group = $form->group("reset")->label(t("Change Password")); + $group->password("password")->label(t("Password"))->id("gPassword"); + $group->password("password2")->label(t("Confirm Password"))->id("gPassword2"); + $group->inputs["password2"]->error_messages( + "mistyped", t("The password and the confirm password must match")); + $group->submit("")->value(t("Update")); + + return $form; + } +}
\ No newline at end of file diff --git a/modules/user/views/login_prompt.html.php b/modules/user/views/login_prompt.html.php new file mode 100644 index 00000000..2b9516ba --- /dev/null +++ b/modules/user/views/login_prompt.html.php @@ -0,0 +1,44 @@ +<?php defined("SYSPATH") or die("No direct script access.") ?> +<script type="text/javascript"> + $("#gLoginForm").ready(function() { + $("#gForgotPasswordLink").click(function() { + $.ajax({ + url: "<?= url::site("password/reset") ?>", + success: function(data) { + $("div#gLoginView").html(data); + $("#ui-dialog-title-gDialog").text("<?= t("Reset Password") ?>"); + ajaxify_login_reset_form(); + } + }); + }); + }); + + function ajaxify_login_reset_form() { + $("#gLoginView form").ajaxForm({ + dataType: "json", + success: function(data) { + if (data.form) { + $("#gLoginView form").replaceWith(data.form); + ajaxify_login_reset_form(); + } + if (data.result == "success") { + $("#gDialog").dialog("close"); + window.location.reload(); + } + + } + }); + }; +</script> +<div id="gLoginView"> + <ul> + <li> + <div id="gLoginViewForm"> + <?= $form ?> + </div> + </li> + <li> + <a href="#" id="gForgotPasswordLink"><?= t("Forgot your Password?") ?></a> + </li> + </ul> +</div> diff --git a/modules/user/views/reset_password.html.php b/modules/user/views/reset_password.html.php new file mode 100644 index 00000000..39845d61 --- /dev/null +++ b/modules/user/views/reset_password.html.php @@ -0,0 +1,14 @@ +<?php defined("SYSPATH") or die("No direct script access.") ?> +<html> +<head> + <title><?= $title ?> </title> +</head> +<body> + <h2><?= t("Password Reset Request") ?> </h2> + <p> + <?= sprintf(t("A request to reset your password (user: %s) at %s."), $name, url::base(false, "http")) ?> + <?= sprintf(t("To confirm this request please click on the link below")) ?><br /> + <a href="<?= $url ?>"><?= t("Reset Password") ?></a> + </p> +</body> +</html> |