public function validateEmail($option, $optRule)
{
if (isset($option['value'])) {
try {
EmailDeliveryBehavior::addressHeaderToArray($option['value']);
} catch (CException $e) {
return array(false, $e->getMessage());
}
}
return array(true, '');
}
/**
* Test the parsing of a recipient header (i.e. "To:") into a PHPMailer-compatible array.
*/
public function testAddressHeaderToArray()
{
$addressHeader = '"Butts, Seymour" <*****@*****.**>, "I.P. Freely"<*****@*****.**>, johnsmith@gmail.com, <*****@*****.**>';
$addressHeaderArray = EmailDeliveryBehavior::addressHeaderToArray($addressHeader);
$this->assertEquals(array(array('Butts, Seymour', '*****@*****.**'), array('I.P. Freely', '*****@*****.**'), array('', '*****@*****.**'), array('', '*****@*****.**')), $addressHeaderArray);
}
/**
* Reset a user's password via a really basic email verification process
*
* @param type $id ID/key of the password recovery record
*/
public function actionResetPassword($id = null)
{
if (!Yii::app()->user->isGuest) {
$this->redirect(array('/profile/changePassword', 'id' => Yii::app()->user->id));
}
$this->layout = '//layouts/login';
$scenario = 'new';
$title = Yii::t('app', 'Reset Password');
$this->pageTitle = $title;
$message = Yii::t('app', 'Enter the email address associated with your user account to request a new password and username reminder.');
$request = new PasswordReset();
$resetForm = null;
if (isset($_POST['PasswordReset'])) {
// Submitting a password reset request
$request->setAttributes($_POST['PasswordReset']);
if ($request->save()) {
$request->setScenario('afterSave');
if (!$request->validate(array('email'))) {
// Create a new model. It is done this way (adding the
// validation error to a new model) so that there is a trail
// of reset request attempts that can be counted to determine
// if the user has made too many.
$oldRequest = $request;
$request = new $request();
$request->setAttributes($oldRequest->getAttributes(array('email')), false);
$request->addErrors($oldRequest->getErrors());
} else {
// A user with the corresponding email was found. Attempt to
// send the email and whatever happens, don't display the
// form again.
$scenario = 'message';
$mail = new EmailDeliveryBehavior();
$mail->credId = Credentials::model()->getDefaultUserAccount(Credentials::$sysUseId['systemNotificationEmail'], 'email');
// Compose the message & headers
$message = Yii::t('users', "You have requested to reset the password for user {user} in {appName}.", array('{user}' => $request->user->alias, '{appName}' => Yii::app()->settings->appName));
$message .= ' ' . Yii::t('users', "To finish resetting your password, please open the following link: ");
$message .= "<br /><br />" . $this->createAbsoluteUrl('/site/resetPassword') . '?' . http_build_query(array('id' => $request->id));
$message .= "<br /><br />" . Yii::t('users', "If you did not make this request, please disregard this email.");
$recipients = array('to' => array(array('', $request->email)));
// Send the email
$status = $mail->deliverEmail($recipients, Yii::app()->settings->appName . " password reset", $message);
// Set the response message accordingly.
if ($status['code'] == 200) {
$title = Yii::t('users', 'Almost Done!');
$message = Yii::t('users', 'Check your email at {email} for ' . 'further instructions to finish resetting your password.', array('{email}' => $request->email));
} else {
$title = Yii::t('users', 'Could not send email.');
$message = Yii::t('users', 'Sending of the password reset verification email failed with message: {message}', array('{message}' => $status['message']));
}
}
} else {
if ($request->limitReached) {
$scenario = 'message';
$message = Yii::t('app', 'You have made too many requests to reset passwords. ' . 'Please wait one hour before trying again.');
}
}
} else {
if ($id !== null) {
// User might have arrived here through the link in a reset email.
$scenario = 'apply';
$request = PasswordReset::model()->findByPk($id);
if ($request instanceof PasswordReset && !$request->isExpired) {
// Reset request record exists.
$user = $request->user;
if ($user instanceof User) {
// ...and is valid (points to an existing user)
//
// Default message: the password entry form (initial request)
$message = Yii::t('users', 'Enter a new password for user "{user}" ({name}):', array('{user}' => $user->alias, '{name}' => CHtml::encode($user->firstName . ' ' . $user->lastName)));
$resetForm = new PasswordResetForm($user);
if (isset($_POST['PasswordResetForm'])) {
// Handle the form submission:
$resetForm->setAttributes($_POST['PasswordResetForm']);
if ($resetForm->save()) {
// Done, success.
$scenario = 'message';
$title = Yii::t('users', 'Password Has Been Reset');
$message = Yii::t('users', 'You should now have access ' . 'as "{user}" with the new password specified.', array('{user}' => $user->alias));
}
}
} else {
// Invalid request record; it does not correspond to an
// existing user, i.e. it's an "attempt" (entering an email
// address to see if that sticks).
$scenario = 'message';
$title = Yii::t('users', 'Access Denied');
$message = Yii::t('users', 'Invalid reset key.');
}
} else {
$scenario = 'message';
$title = Yii::t('users', 'Access Denied');
if ($request->isExpired) {
$message = Yii::t('users', 'The password reset link has expired.');
} else {
$message = Yii::t('users', 'Invalid reset link.');
}
}
}
}
$this->render('resetPassword', compact('scenario', 'title', 'message', 'request', 'resetForm'));
}
