public function alterarSenhaAction($token)
 {
     $this->view->setFile('redefinir');
     $validarToken = Recovery::validarToken($token);
     $error = null;
     if ($validarToken->status === false) {
         $this->view->setFile('blank');
         $error = $this->messages->getByCode($validarToken->code);
     } else {
         $this->view->setVar('token', $token);
         $password = $this->request->post('password');
         if (!is_null($password)) {
             $atualizarSenha = User::atualizarSenha($validarToken->user, $password);
             if ($atualizarSenha === true) {
                 Recovery::limpar($validarToken->user->id);
                 $this->view->setPath('login')->setFile('index');
                 $success = $this->messages->getByCode('senha-redefinida');
                 $this->load('Helpers\\Alert', $success);
             }
         }
     }
     if (!is_null($error)) {
         $this->load('Helpers\\Alert', $error);
     }
 }
Beispiel #2
0
     $ok = True;
 }
 // Authenticate through recovery hash
 if (strlen($_REQUEST["recovery_code"]) > 0) {
     $recovery = new Recovery();
     $status = $recovery->hash_authenticated($_REQUEST["recovery_code"]);
     if ($status == True) {
         $webid = $recovery->get_webid();
         $_SESSION['recovery_status'] = null;
         $ok = True;
     } else {
         $_SESSION['recovery_status'] = error('Your recovery code does not match any records in our database.');
     }
 }
 if (strlen($_REQUEST["pairing_pin"]) > 0) {
     $recovery = new Recovery();
     $status = $recovery->pin_authenticated($_REQUEST["pairing_pin"]);
     if ($status == True) {
         $webid = $recovery->get_webid();
         $_SESSION['recovery_status'] = null;
         $ok = True;
     } else {
         $_SESSION['recovery_status'] = error('Your recovery PIN does not match any records in our database.');
     }
 }
 // DEBUG
 //echo "\n<!-- WEBID=".$webid."\nSESSION=\n".print_r($_SESSION, true)."-->\n";
 if ($ok == True) {
     if (!isset($_SESSION['myprofile'])) {
         $_SESSION['webid'] = $webid;
         $_SESSION['myprofile'] = new MyProfile($webid, BASE_URI, SPARQL_ENDPOINT);
Beispiel #3
0
 *  copies or substantial portions of the Software.
 *  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 
 *  INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 
 *  PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 
 *  HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 
 *  OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 
 *  SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */
require_once 'include.php';
$title = "Account Recovery";
$ret = '';
$ret .= "<div class=\"content relative shadow clearfix main\">\n";
// Recover account
if (webid_is_local($_REQUEST['webid'])) {
    if (isset($_REQUEST['recovery_webid'])) {
        $recovery = new Recovery();
        $ret .= $recovery->recover($_REQUEST['recovery_webid']);
    }
} else {
    $ret .= "The account recovery is only available for local users.";
}
if (isset($_REQUEST['recovery_code']) && isset($_SESSION['recovery_status'])) {
    $ret .= $_SESSION['recovery_status'];
}
// display recovery options
$ret .= "<p></p>\n";
$ret .= "<h2><strong>Recover Your Account</strong></h2>\n";
$ret .= "<form method=\"post\">\n";
$ret .= "<table><tr>\n";
$ret .= "<td>\n";
$ret .= "Please type your WebID address here:";
Beispiel #4
0
        }
        // clear local session
        $_SESSION = array();
        session_destroy();
        include 'header.php';
        echo $ret;
        include 'footer.php';
        exit;
    }
    if (isset($_REQUEST['recovery_email'])) {
        $ret .= $_SESSION['myprofile']->set_recovery_email($_REQUEST['recovery_email']);
    }
}
// generate PIN for browser pairing
if (isset($_REQUEST['generate_pin'])) {
    $recovery = new Recovery();
    $pin = $recovery->set_pin($_SESSION['webid']);
}
// subscribe or unsubscribe
if (isset($_REQUEST['subscribe'])) {
    $ret .= $_SESSION['myprofile']->subscribe();
    $_SESSION['feed_hash'] = $_SESSION['myprofile']->get_feed();
    $_SESSION['user_hash'] = $_SESSION['myprofile']->get_hash();
} else {
    if (isset($_REQUEST['submit'])) {
        // Unsubscribed if the user ticked off the checkbox
        if (!isset($_REQUEST['subscription']) || $_REQUEST['subscription'] == 'off') {
            $_SESSION['user_hash'] = null;
            $_SESSION['feed_hash'] = null;
            $ret .= $_SESSION['myprofile']->unsubscribe();
        }
Beispiel #5
0
                $newPwd = _post("password", "");
                if (strlen($newPwd) < 6 || strlen($newPwd) > 20) {
                    throw new Exception("The length of new password shuould be between 6 and 20", -1);
                }
                if ($email == "" || $ucode == "") {
                    throw new Exception("Invalid url", -1);
                } else {
                    $re = new Recovery();
                    $re->changePwd($email, $ucode, $newPwd);
                    echo json_encode(array("errCode" => 0, "errMessage" => "You has changed your password"));
                }
            } else {
                if ($step == 3) {
                    $currPwd = _post("currpwd", "");
                    $newPwd = _post("password", "");
                    $userID = _post("uid", "");
                    $auth = Auth::getInstance();
                    if ($auth->getUserID() != $userID) {
                        throw new Exception("unauthorized", -1);
                    }
                    $re = new Recovery();
                    $re->resetPwd($userID, $currPwd, $newPwd);
                    echo json_encode(array("errCode" => 0, "errMessage" => "You has changed your password"));
                }
            }
        }
    }
} catch (Exception $e) {
    $result = array("errCode" => $e->getCode(), "errMessage" => $e->getMessage());
    echo json_encode($result);
}