Gentics Portal.Node PHP API
 All Classes Namespaces Functions Variables Pages
RecoveryController.php
1 <?php
2 
4 {
5  public $defaultAction = 'recovery';
6 
7  /**
8  * Change password
9  *
10  * This action only handle requests and redirect back. No render
11  */
12  public function actionChange()
13  {
14  $form = new UserChangePassword;
15  $form->attributes = @$_POST['UserChangePassword'];
16 
17  if (isset($_POST['ajax'])) {
18  echo CActiveForm::validate($form);
19  Yii::app()->end();
20  }
21 
22  if ($form->validate()) {
23  $user = User::model()->notsafe()->findByAttributes(array('email' => @$_POST['email']));
24  if (!isset($user) || $user->activkey != @$_POST['activkey']) {
25  $form->addError('password', 'Active key is expired');
26  }
27  }
28 
29  if (!$form->hasErrors()) {
30  $user->password = Yii::app()->controller->module->encrypting($form->password);
31  $user->activkey = Yii::app()->controller->module->encrypting(microtime() . $form->password);
32  $user->save();
33  Yii::app()->user->setFlash('recoveryMessage', UserModule::t("New password is saved."));
34  } else {
35  Yii::app()->user->setState('UserChangePassword', array('attributes' => $form->attributes, 'errors' => $form->getErrors()));
36  }
37  if (isset($_GET['return_url'])) {
38  $this->redirect($_GET['return_url']);
39  }
40 
41  $this->redirect(Yii::app()->getModule('user')->recoveryChangePasswordUrl);
42  }
43 
44  /**
45  * This action only handle requests and redirect back. No render
46  */
47  public function actionChangeRequest()
48  {
49  $form = new UserRecoveryForm;
50  if (Yii::app()->user->isGuest) {
51  if (isset($_POST['UserRecoveryForm'])) {
52  $form->attributes = $_POST['UserRecoveryForm'];
53  if ($form->validate()) {
54  $user = User::model()->with('account')->notsafe()->findbyPk($form->user_id);
55  if ($user->account) {
56  Yii::app()->user->setFlash('recoveryMessage', UserModule::t("You used TPA for logged in. You can not recovery password"));
57  } else {
58  $activation_url = $this->_getChangePasswordUrl(array("activkey" => $user->activkey, "email" => $user->email));
59  $subject = UserModule::t("You have requested the password recovery site {site_name}",
60  array(
61  '{site_name}' => Yii::app()->name,
62  ));
63  $message = $this->renderMail('/mail_templates/recovery', $subject, array('activation_url' => $activation_url));
64  $notification = new Notification(
65  $subject,
66  $message,
67  array(new EmailRecipient($user->email, $this->module->passwordForgottenEmail, '', true))
68  );
69  Yii::app()->notificationManager->notifyAbout($notification);
70  Yii::app()->user->setFlash('recoveryMessage', UserModule::t("Please check your email. An instruction was sent to your email address."));
71  }
72  } else {
73  Yii::app()->user->setState('UserRecoveryForm', array('attributes' => $form->attributes, 'errors' => $form->getErrors()));
74  }
75  }
76  } else {
77  Yii::app()->user->setFlash('recoveryMessage', UserModule::t("Please log out."));
78  }
79  /* if is set returl_url - we heed to redirect user there */
80  if (isset($_REQUEST['return_url'])) {
81  $this->redirect($_REQUEST['return_url']);
82  } else {
83  $this->render('recovery', array('form' => $form));
84  }
85  }
86 
87  private function _getChangePasswordUrl($params)
88  {
89  if (preg_match('/.+\.(php|html)$/', $this->module->recoveryChangePasswordUrl)) {
90  return $this->createAbsoluteUrl($this->module->recoveryChangePasswordUrl . '?' . http_build_query($params));
91  } else {
92  return $this->createAbsoluteUrl($this->module->recoveryChangePasswordUrl, $params);
93  }
94  }
95 
96 }