From 2f5344c1daa6d318ea85a1a4fe2d12d4660dd72b Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 4 Feb 2009 05:49:29 +0000 Subject: A preview of the password reset functionality. What's working... you can start to logon, request the password to be reset, and an email is sent to the users email address. If you click on the link you get an unformatted form. But its a start :-) --- modules/user/controllers/password.php | 101 ++++++++++++++++++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 modules/user/controllers/password.php (limited to 'modules/user/controllers/password.php') diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php new file mode 100644 index 00000000..590b3640 --- /dev/null +++ b/modules/user/controllers/password.php @@ -0,0 +1,101 @@ +_send_reset(); + } else { + // @todo validate the query key parmeter + print $this->_reset_form(); + } + } + + public function do_reset() { + if (request::method() == "post") { + $this->_change_password(); + } else { + print $this->_new_password_form(); + } + } + + private function _send_reset() { + $form = $this->_reset_form(); + + + $valid = $form->validate(); + if ($valid) { + $user = ORM::factory("user")->where("name", $form->reset->inputs["name"]->value)->find(); + if (!$user->loaded || empty($user->email)) { + $form->reset->inputs["name"]->add_error("no_email", 1); + $valid = false; + } + } + + if ($valid) { + try { + $md5 = md5("$user->name; $user->full_name; $user->login_count; $user->last_login"); + $message = new View("reset_password.html"); + $message->url = url::abs_site("password/do_reset?key=$md5"); + $message->name = $user->full_name; + $message->title = t("Password Reset Request"); + + Sendmail::factory() + ->to($user->email) + ->subject(t("Password Reset Request")) + ->header("Mime-Version", "1.0") + ->header("Content-type", "text/html; charset=iso-8859-1") + ->message($message->render()) + ->send(); + } catch (Exception $e) { + Kohana::log("error", $e->getMessage() . "\n" . $e->getTraceAsString()); + } + + message::success(t("Password reset email sent"), null); + print json_encode( + array("result" => "success")); + } else { + print json_encode( + array("result" => "error", + "form" => $form->__toString())); + } + } + + private function _reset_form() { + $form = new Forge(url::current(true), "", "post", array("id" => "gResetForm")); + $group = $form->group("reset")->label(t("Reset Password")); + $group->input("name")->label(t("Name"))->id("gName")->class(null)->rules("required"); + $group->inputs["name"]->error_messages("no_email", t("No email, unable to reset password")); + $group->submit("")->value(t("Reset")); + + return $form; + } + + private function _new_password_form() { + $form = new Forge("password/do_reset", "", "post", array("id" => "gChangePasswordForm")); + $group = $form->group("reset")->label(t("Change Password")); + $group->password("password")->label(t("Password"))->id("gPassword"); + $group->password("password2")->label(t("Confirm Password"))->id("gPassword2"); + $group->inputs["password2"]->error_messages( + "mistyped", t("The password and the confirm password must match")); + $group->submit("")->value(t("Update")); + + return $form; + } +} \ No newline at end of file -- cgit v1.2.3