Beispiel #1
0
 /**
  * Authenticates the password.
  * This is the 'authenticate' validator as declared in rules().
  */
 public function reset()
 {
     $external = true;
     $user = ExternalUser::model()->findByAttributes(array('name_usr' => $this->username));
     if ($user === NULL) {
         // check internal
         $user = InternalUser::model()->findByAttributes(array('email_uin' => $this->username));
         if ($user === NULL) {
             // no user found
         }
         $external = false;
     }
     if ($external) {
         $user->email_code_usr = md5(date('Y-m-d H:i:s') . self::SALT);
         $user->save();
         ExternalUserHistory::addLog('Requested password reset!', $user->id_usr);
         $md5 = $user->id_usr . 'e;' . $user->email_code_usr;
         $name = $user->name_usr;
         $email = $user->email_usr;
     } else {
         $md5 = $user->id_uin . 'i;' . md5($user->fname_uin . $user->password_uin);
         $name = $user->fname_uin;
         $email = $user->email_uin;
     }
     ResetpasswordForm::send_first_email($md5, $name, $email, $external);
 }
Beispiel #2
0
 public function actionResetpassword($code = false)
 {
     if (!Yii::app()->user->isGuest) {
         if (Yii::app()->user->type == 'Internal') {
             $this->redirect(array('manage/index'));
         } else {
             $this->redirect(array('site/search_file'));
         }
     }
     $success = false;
     $step = 0;
     // ask for email
     if ($code) {
         $step = 1;
     }
     // send the new password
     $model = false;
     if ($step == 0) {
         $model = new ResetpasswordForm();
         // if it is ajax validation request
         if (isset($_POST['ajax']) && $_POST['ajax'] === 'login-form') {
             echo CActiveForm::validate($model);
             Yii::app()->end();
         }
         // collect user input data
         if (isset($_POST['ResetpasswordForm'])) {
             $model->attributes = $_POST['ResetpasswordForm'];
             // validate user input and redirect to the previous page if valid
             if ($model->validate()) {
                 $success = true;
                 $model->reset();
             }
         }
         // display the login form
     } else {
         $c = explode(';', $code);
         $id = substr($c[0], 0, strlen($c[0]) - 1);
         $type = substr($c[0], -1);
         $code = $c[1];
         unset($c);
         $success = false;
         if ($type == 'e') {
             $external = true;
             $user = ExternalUser::model()->findByPk($id);
             if ($user) {
                 if ($code == $user->email_code_usr) {
                     $success = true;
                     $name = $user->name_usr;
                     $password = substr(md5(date('Y-m-d H:i:s')), 0, 8);
                     $user->password_usr = $user->passwordHash($password);
                     ExternalUserHistory::addLog('Password reseted!', $user->id_usr);
                     $user->save();
                     $email = $user->email_usr;
                 }
             }
         } elseif ($type == 'i') {
             $external = false;
             $user = InternalUser::model()->findByPk($id);
             if ($user) {
                 if ($code == md5($user->fname_uin . $user->password_uin)) {
                     $success = true;
                     $name = $user->fname_uin;
                     $password = substr(md5(date('Y-m-d H:i:s')), 0, 8);
                     $user->password_uin = $user->passwordHash($password);
                     $user->save();
                     $email = $user->email_uin;
                 }
             }
         }
         if ($success) {
             ResetpasswordForm::send_second_email($name, $password, $email, $external);
         }
     }
     $this->render('resetpassword', array('step' => $step, 'model' => $model, 'success' => $success));
 }