Beispiel #1
0
 function getAccount()
 {
     if ($this->_account === false) {
         $this->_account = ClientAccount::lookup(array('user_id' => $this->getId()));
     }
     return $this->_account;
 }
Beispiel #2
0
 function signOn($errors = array())
 {
     global $ost;
     if (!isset($_GET['token'])) {
         return false;
     } elseif (!($_config = new Config('pwreset'))) {
         return false;
     } elseif (!($id = $_config->get($_GET['token']))) {
         return false;
     } elseif (!($acct = ClientAccount::lookup(array('user_id' => $id))) || !$acct->getId() || $id != $acct->getUserId() || !($client = new ClientSession(new EndUser($acct->getUser())))) {
         return false;
     } else {
         return $client;
     }
 }
Beispiel #3
0
            break;
        case 'reset':
            $inc = 'pwreset.login.php';
            $errors = array();
            if ($client = UserAuthenticationBackend::processSignOn($errors)) {
                Http::redirect('index.php');
            } elseif (isset($errors['msg'])) {
                $banner = $errors['msg'];
            }
            break;
    }
} elseif ($_GET['token']) {
    $banner = __('Re-enter your username or email');
    $inc = 'pwreset.login.php';
    $_config = new Config('pwreset');
    if (($id = $_config->get($_GET['token'])) && ($acct = ClientAccount::lookup(array('user_id' => $id)))) {
        if (!$acct->isConfirmed()) {
            $inc = 'register.confirmed.inc.php';
            $acct->confirm();
            // TODO: Log the user in
            if ($client = UserAuthenticationBackend::processSignOn($errors)) {
                if ($acct->hasPassword() && !$acct->get('backend')) {
                    $acct->cancelResetTokens();
                } else {
                    $_SESSION['_client']['reset-token'] = $_GET['token'];
                    $acct->forcePasswdReset();
                }
                Http::redirect('account.php?confirmed');
            }
        }
    } elseif ($id && ($user = User::lookup($id))) {
Beispiel #4
0
            $errors = array();
            if ($client = UserAuthenticationBackend::processSignOn($errors)) {
                Http::redirect('index.php');
            }
            elseif (isset($errors['msg'])) {
                $banner = $errors['msg'];
            }
            break;
    }
}
elseif ($_GET['token']) {
    $banner = __('Re-enter your username or email');
    $inc = 'pwreset.login.php';
    $_config = new Config('pwreset');
    if (($id = $_config->get($_GET['token']))
            && ($acct = ClientAccount::lookup(array('user_id'=>$id)))) {
        if (!$acct->isConfirmed()) {
            $inc = 'register.confirmed.inc.php';
            $acct->confirm();
            // TODO: Log the user in
            if ($client = UserAuthenticationBackend::processSignOn($errors)) {
                if ($acct->hasPassword() && !$acct->get('backend')) {
                    $acct->cancelResetTokens();
                }
                // No password setup yet -- force one to be created
                else {
                    $_SESSION['_client']['reset-token'] = $_GET['token'];
                    $acct->forcePasswdReset();
                }
                Http::redirect('account.php?confirmed');
            }