Beispiel #1
 public function POST()
     $policy = new Policy_LoggedIn($this->app);
     $userid = $policy->getData();
     $mapper = new Mapper_User();
     $user = $mapper->getUserById($userid);
     $app = Config::get('app');
     $request = $this->app->request();
     $email = trim($request->post('email'));
     if (!$email) {
         $this->error("Email is a required field.");
     if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
         $this->error("Invalid email format.");
     $possibleUser = $mapper->getUserByEmail($email);
     if ($possibleUser && $possibleUser['id'] != $userid) {
         $this->error("A user with that email address already exists.");
     $oldPassword = trim($request->post('old_password'));
     $newPassword = trim($request->post('new_password'));
     if ($oldPassword && !$newPassword || !$oldPassword && $newPassword) {
         $this->error("You must enter both your old and your new passwords.");
     } else {
         if ($oldPassword && $newPassword) {
             if ($user['password_hash'] != Mapper_User::generateHash($oldPassword)) {
                 $this->error("Old password is incorrect.");
             if (strlen($newPassword) < 5 || strlen($newPassword) > 15) {
                 $this->error("New password must be between 5 and 15 characters.");
             if (!ctype_alnum($newPassword)) {
                 $this->error("Invalid password. Only letters and numbers are allowed.");
             $mapper->updatePasswordForUser($userid, $newPassword);
     $mapper->updateEmailForUser($userid, $email);
Beispiel #2
 public function POST()
     $policy = new Policy_LoggedOut($this->app);
     $app = Config::get('app');
     $request = $this->app->request();
     $email = trim($request->post('email'));
     if (!$email) {
         $this->error("Email address is a required field.");
     $user_mapper = new Mapper_User();
     $user = $user_mapper->getUserByEmail($email);
     if (!$user) {
         $this->error("No user with that email address exists.");
     $newPass = substr(md5(mt_rand() . microtime(true)), 0, 10);
     $subject = "Your {$app->name} password has been reset";
     $body = "Hey {$user['username']},<br /><br />" . "Your password has successfuly been reset.<br />" . 'It is now: "' . $newPass . '".' . "<br />" . 'You should <a href="">log in</a>, and change it.' . "<br /><br />" . "Thanks,<br />" . "{$app->name}";
     $this->email($email, $subject, $body);
     $user_mapper->updatePasswordForUser($user['id'], $newPass);