Gentics Portal.Node PHP API
 All Classes Namespaces Functions Variables Pages
RecoveryController.php
1 <?php
2 
4 {
5  public $defaultAction = 'recovery';
6 
7  /**
8  * Change password
9  *
10  * This action only handle requests and redirect back. No render
11  */
12  public function actionChange()
13  {
14  $form = new UserChangePassword;
15  $form->attributes = @$_POST['UserChangePassword'];
16 
17  if (isset($_POST['ajax'])) {
18  echo CActiveForm::validate($form);
19  Yii::app()->end();
20  }
21 
22  if ($form->validate()) {
23  $user = User::model()->notsafe()->findByAttributes(array('email' => @$_POST['email']));
24  if (!isset($user) || $user->activkey != @$_POST['activkey']) {
25  $form->addError('password', 'Active key is expired');
26  }
27  }
28  if (!$form->hasErrors()) {
29  $user->password = Yii::app()->controller->module->encrypting($form->password);
30  $user->activkey = Yii::app()->controller->module->encrypting(microtime() . $form->password);
31  $user->save();
32  Yii::app()->user->setFlash('recoveryMessage', UserModule::t("New password is saved."));
33  } else {
34  $form->password = null;
35  $form->verifyPassword = null;
36  Yii::app()->user->setState('UserChangePassword', array('attributes' => $form->attributes, 'errors' => $form->getErrors()));
37  }
38  if (isset($_GET['return_url'])) {
39  $this->redirect($_GET['return_url']);
40  }
41 
42  $this->redirect(Yii::app()->getModule('user')->recoveryChangePasswordUrl);
43  }
44 
45  /**
46  * This action only handle requests and redirect back. No render
47  */
48  public function actionChangeRequest()
49  {
50  $form = new UserRecoveryForm;
51  if (Yii::app()->user->isGuest) {
52  if (isset($_POST['UserRecoveryForm'])) {
53  $form->attributes = $_POST['UserRecoveryForm'];
54  if ($form->validate()) {
55  $user = User::model()->with('account')->notsafe()->findbyPk($form->user_id);
56  if ($user->account) {
57  Yii::app()->user->setFlash('recoveryMessage', UserModule::t("You used TPA for logged in. You can not recovery password"));
58  } else {
59  $activation_url = $this->_getChangePasswordUrl(array("activkey" => $user->activkey, "email" => $user->email));
60  $subject = UserModule::t("You have requested the password recovery site {site_name}",
61  array(
62  '{site_name}' => Yii::app()->name,
63  ));
64  $message = $this->renderMail('/mail_templates/recovery', $subject, array('activation_url' => $activation_url));
65  $notification = new Notification(
66  $subject,
67  $message,
68  array(new EmailRecipient($user->email, $this->module->passwordForgottenEmail, '', true))
69  );
70  Yii::app()->notificationManager->notifyAbout($notification);
71  Yii::app()->user->setFlash('recoveryMessage', UserModule::t("Please check your email. An instruction was sent to your email address."));
72  }
73  } else {
74  $form->password = null;
75  $form->verifyPassword = null;
76  Yii::app()->user->setState('UserRecoveryForm', array('attributes' => $form->attributes, 'errors' => $form->getErrors()));
77  }
78  }
79  } else {
80  Yii::app()->user->setFlash('recoveryMessage', UserModule::t("Please log out."));
81  }
82  /* if is set returl_url - we heed to redirect user there */
83  if (isset($_REQUEST['return_url'])) {
84  $this->redirect($_REQUEST['return_url']);
85  } else {
86  $this->render('recovery', array('form' => $form));
87  }
88  }
89 
90  private function _getChangePasswordUrl($params)
91  {
92  if (preg_match('/.+\.(php|html)$/', $this->module->recoveryChangePasswordUrl)) {
93  return $this->createAbsoluteUrl($this->module->recoveryChangePasswordUrl . '?' . http_build_query($params));
94  } else {
95  return $this->createAbsoluteUrl($this->module->recoveryChangePasswordUrl, $params);
96  }
97  }
98 
99 }