public function testIsExpired()
{
$token = new Token(array('access_token' => '', 'refresh_token' => '', 'expires_in' => 5));
$this->assertFalse($token->isExpired());
$token = new Token(array('access_token' => '', 'refresh_token' => '', 'expires_in' => -5));
$this->assertTrue($token->isExpired());
}
<?php
/**
*
*/
//STATUS: works (???)
//TODO: use js from views/core/js_validation.php to check password
//XXX use XhtmlForm?
namespace cd;
if (!$this->token) {
return;
}
$duration = ForgotPasswordHandler::getInstance()->getExpireTime();
if (Token::isExpired('activation_code', $this->token, $duration)) {
echo 'The token is no longer valid.';
return;
}
$user_id = Token::getOwner('activation_code', $this->token);
if (!$user_id) {
throw new \Exception('token dont exist');
}
if ($session->id && $user_id != $session->id) {
throw new \Exception('HACKER stop doing that!');
}
if ($session->id) {
echo '<div class="critical">You are already logged in! Are you sure you want to reset your password?</div>';
}
if (isset($_POST['reset_pwd']) && isset($_POST['reset_pwd2'])) {
/// TODO reuse code from register user
if ($_POST['reset_pwd'] == $_POST['reset_pwd2']) {
