Beispiel #1
0
     $fhandler->addRule('qUrl', 'qUrl', array('required' => 1, 'rawData' => 1));
     $fvalues = $fhandler->getValues();
     //decode q param for redirect
     $qUrl = base64_decode($fvalues['qUrl']);
     if ($fhandler->hasErrors()) {
         throw new UIException($fhandler->getErrors());
     }
     //form token
     $session_token = $gWeb->find("change.password.token", true);
     if ($fvalues['ftoken'] != $session_token) {
         $message = "form token does not match the value stored in session";
         throw new UIException(array($message));
     }
     //decrypt email
     $email = $gWeb->find("change.password.email", true);
     $email = Util::decrypt($email);
     $userDao = new \com\indigloo\sc\dao\User();
     //@test with email that can cause issues with encoding!
     $userDBRow = $userDao->getOnEmail($email);
     //send raw password
     $email = strtolower(trim($email));
     $password = trim($_POST['password']);
     WebglooUser::changePassword('sc_user', $userDBRow['login_id'], $email, $password);
     //success
     $gWeb->store(Constants::FORM_MESSAGES, array("password changed successfully!"));
     header("Location: " . $qUrl);
     exit(1);
 } catch (UIException $ex) {
     $gWeb->store(Constants::STICKY_MAP, $fvalues);
     $gWeb->store(Constants::FORM_ERRORS, $ex->getMessages());
     header("Location: " . $fUrl);