//sc/user/account/reset-password.php
include 'sc-app.inc';
include APP_WEB_DIR . '/inc/header.inc';
use com\indigloo\Util;
use com\indigloo\Url;
use com\indigloo\Constants;
use com\indigloo\exception\DBException;
try {
$token = Url::tryQueryParam('token');
$email = Url::tryQueryParam('email');
if (empty($token) || empty($email)) {
printf("Required parameters are missing");
exit;
}
$email = urldecode($email);
$mailDao = new \com\indigloo\sc\dao\Mail();
$mailDao->checkResetPassword($email, $token);
//tokens for use in next screen
$ftoken = Util::getMD5GUID();
$femail = Util::encrypt($email);
$gWeb = \com\indigloo\core\Web::getInstance();
$gWeb->store("change.password.email", $femail);
$gWeb->store("change.password.token", $ftoken);
$title = $email;
$qUrl = base64_encode("/user/account/login-now.php");
$fUrl = Url::current();
$submitUrl = "/user/account/form/change-password.php";
include APP_WEB_DIR . '/user/account/inc/password-form.inc';
} catch (DBException $ex) {
$gWeb = \com\indigloo\core\Web::getInstance();
//$message = $ex->getMessage();
$fvalues = array();
$fUrl = \com\indigloo\Url::tryFormUrl("fUrl");
try {
$fhandler = new Form\Handler('web-form-1', $_POST);
$fhandler->addRule('email', 'Emails', array('requred' => 1));
$fhandler->addRule('message', 'Message', array('required' => 1));
$fhandler->addRule('qUrl', 'qUrl', array('required' => 1, 'rawData' => 1));
//check security token
$fhandler->checkToken("token", $gWeb->find("form.token", true));
$fvalues = $fhandler->getValues();
if ($fhandler->hasErrors()) {
throw new UIException($fhandler->getErrors());
}
$loginId = Login::getLoginIdInSession();
$userDao = new \com\indigloo\sc\dao\User();
$userDBRow = $userDao->getOnLoginId($loginId);
$emails = explode(",", $fvalues["email"]);
$message = $fvalues["message"];
$mailDao = new \com\indigloo\sc\dao\Mail();
$mailDao->capture($emails, $message);
$qUrl = base64_decode($fvalues['qUrl']);
$message = sprintf("success! invitations sent!");
$gWeb->store(Constants::FORM_MESSAGES, array($message));
header("Location: " . $qUrl);
} catch (UIException $ex) {
$gWeb->store(Constants::STICKY_MAP, $fvalues);
$gWeb->store(Constants::FORM_ERRORS, $ex->getMessages());
header("Location: " . $fUrl);
exit(1);
}
}
if (isset($_POST['save']) && $_POST['save'] == 'Save') {
$gWeb = \com\indigloo\core\Web::getInstance();
$fvalues = array();
$fUrl = \com\indigloo\Url::tryFormUrl("fUrl");
try {
$fhandler = new Form\Handler('web-form-1', $_POST);
$fhandler->addRule('email', 'Email', array('maxlength' => 64, 'required' => 1));
$fvalues = $fhandler->getValues();
if ($fhandler->hasErrors()) {
throw new UIException($fhandler->getErrors());
}
$userDao = new \com\indigloo\sc\dao\User();
$user = $userDao->getOnEmail($fvalues['email']);
if (empty($user)) {
$message = "Error: We did not find any account with this email!";
throw new UIException(array($message));
}
$mailDao = new \com\indigloo\sc\dao\Mail();
$mailDao->addResetPassword($user['name'], $fvalues['email']);
$message = "Success! You will receive an email soon!";
$gWeb->store(Constants::STICKY_MAP, $fvalues);
$gWeb->store(Constants::FORM_MESSAGES, array($message));
header("Location: " . $fUrl);
exit;
} catch (UIException $ex) {
$gWeb->store(Constants::STICKY_MAP, $fvalues);
$gWeb->store(Constants::FORM_ERRORS, $ex->getMessages());
header("Location: " . $fUrl);
exit(1);
}
}