/** * Creates the challenge table * * @return bool True for success, false if table already exists */ public function createChallengeTable() { if (!Login_Challenge::isDbInstalled()) { $db = Zend_Registry::get('database'); $sql = "CREATE TABLE `?` (\n `challenge_id` VARCHAR(50) NOT NULL,\n `user_name` VARCHAR(30) NOT NULL,\n `valid` TINYINT(1) NOT NULL DEFAULT 1,\n `timestamp` INT(11) NOT NULL,\n PRIMARY KEY (`challenge_id`),\n INDEX (`user_name`),\n FOREIGN KEY (`user_name`) REFERENCES `?`(`name`) ON DELETE CASCADE ON UPDATE CASCADE\n ) ENGINE = InnoDB DEFAULT CHARSET=utf8"; $stmtClass = $db->getStatementClass(); $stmt = new $stmtClass($db, $sql); try { $stmt->execute(array(Digitalus_Db_Table::getTableName(Login_Challenge::DB_NAME), Digitalus_Db_Table::getTableName('users'))); } catch (Exception $e) { return false; } return true; } return false; }
/** * The public challenge action for getting a new password * * @return void */ public function changepasswordAction() { $uri = new Digitalus_Uri(); $uriParams = $uri->getParams(); if (!isset($uriParams['u']) || !isset($uriParams['c'])) { $this->_error; } else { $userName = $uriParams['u']; $challengeId = $uriParams['c']; $mdlChallenge = new Login_Challenge(); if (!$mdlChallenge->isValid($challengeId, $userName)) { $this->_error = $this->view->getTranslation('Error: No valid challenge was found. Please try again!'); } else { $changePasswordForm = new User_Form(); $uri = $this->baseUrl . '/' . Digitalus_Toolbox_Page::getCurrentPageName() . '/p/a/changepassword/u/' . $userName . '/c/' . $challengeId; $changePasswordForm->setAction($uri); $changePasswordForm->getElement('name')->addValidators(array(array('UsernameExists', true))); $changePasswordForm->onlyChangepasswordActionElements(array('legend' => 'Change Password')); if ($this->_request->isPost() && $changePasswordForm->isValid($_POST)) { $password = Digitalus_Filter_Post::get('password'); $passwordConfirm = Digitalus_Filter_Post::get('password_confirm'); $mdlUser = new Model_User(); if (!$mdlUser->updatePassword($userName, $password, true, $passwordConfirm)) { $this->_error = $this->view->getTranslation("Error: Your password hasn't been updated!"); } else { $mdlChallenge->invalidate($challengeId); $this->_message = $this->view->getTranslation('Your password has been updated successfully!'); } } else { $this->_message = $this->view->getTranslation('Please type in Your user name and Your new password.'); $this->view->form = $changePasswordForm; } } } $this->view->error = $this->_error; $this->view->message = $this->_message; }