/**
* /forgot_password/submit/ [POST]
*/
public function submit($parameters)
{
if ($parameters) {
$this->loadView('404');
}
if ($this->user_id) {
header('Location: /admin/');
exit;
}
if (!isset($_POST['email'])) {
$_SESSION['message'] = array('message' => 'All fields are required.', 'status' => 'danger');
header('Location: /forgot_password/');
exit;
}
$user = new User($this->db);
if (!$user->emailExists($_POST['email'])) {
$_SESSION['message'] = array('message' => 'Email not found.', 'status' => 'danger');
header('Location: /forgot_password/');
exit;
}
$token = md5(uniqid(rand(), true));
$user->insertTempForgotPassword($token, $_POST['email']);
// send email to email with token
echo '<a href="/reset_password/' . $token . '">' . $token . '</a>';
die;
$_SESSION['message'] = array('message' => 'Check your email for instructions.', 'status' => 'success');
header('Location: /forgot_password/');
exit;
}
/**
* /signin/submit/ [POST]
*/
public function submit($parameters)
{
if ($parameters) {
$this->loadView('404');
}
if ($this->user_id) {
header('Location: /admin/');
exit;
}
if (!isset($_POST['email']) || !isset($_POST['password'])) {
$_SESSION['message'] = array('message' => 'All fields are required.', 'status' => 'danger');
header('Location: /signin/');
exit;
}
$user = new User($this->db);
$signin_attempt = $user->processSignin($_POST['email'], $_POST['password']);
if (!$signin_attempt['status']) {
$_SESSION['message'] = array('message' => $signin_attempt['message'], 'status' => 'danger');
header('Location: /signin/');
exit;
}
$_SESSION['user'] = $signin_attempt['user'];
header('Location: /admin/');
exit;
}
/**
* /reset_password/submit/ [POST]
*/
public function submit($parameters)
{
if ($parameters) {
$this->loadView('404');
}
if ($this->user_id) {
header('Location: /admin/');
exit;
}
if (!isset($_POST['token'])) {
header('Location: /signin/');
exit;
}
if (!isset($_POST['password'])) {
$_SESSION['message'] = array('message' => 'All fields must be completed.', 'status' => 'error');
header('Location: /reset_password/' . $_POST['token']);
exit;
}
$user = new User($this->db);
$email = $user->getEmailFromForgotPasswordToken($_POST['token']);
$user->processResetPassword($_POST['password'], $email);
$_SESSION['message'] = array('message' => 'Password successfully reset.', 'status' => 'success');
header('Location: /signin/');
exit;
}
