public function resend_verification($redirect = TRUE)
{
$this->load->helper(array('uuid', 'random'));
$this->load->model('pending_email_model');
// Don't send one if already verified
$user = $this->user_model->getUserById($_SESSION['user_id']);
if (!$_SESSION['email_verified']) {
$this->pending_email_model->deleteVerificationByUserId($_SESSION['user_id']);
$this->pending_email_model->createVerification(generateUUIDv4(), $_SESSION['user_id'], generateRandomHexString(8), time());
$this->session->set_flashdata('verification_sent', TRUE);
}
if ($redirect) {
redirect('/settings', 200);
}
}
public function index()
{
$this->load->library('form_validation');
if (!empty($_POST)) {
$this->form_validation->set_rules($this->SIGN_UP_RULES);
if ($this->form_validation->run()) {
// Check if IP address is currently banned
$ban_record = $this->user_ban_model->getActiveByIpAddress($this->input->ip_address());
if ($ban_record !== FALSE) {
$this->data['banned'] = TRUE;
$this->data['ban'] = array('title' => 'Registration Failed', 'message' => "Account registrations are disabled for this machine", 'reason' => $ban_record->reason);
} else {
$data = array('first_name' => $this->input->post('signup_first_name'), 'last_name' => $this->input->post('signup_last_name'), 'username' => $this->input->post('signup_username'), 'email' => $this->input->post('signup_email'), 'password' => password_hash($this->input->post('signup_password'), PASSWORD_DEFAULT), 'created' => time(), 'updated' => time());
$this->db->trans_start();
$user_id = $this->user_model->createUser($data);
// Add to User role
$this->load->model('role_model');
$role = $this->role_model->getByKeyName(ROLE_USER);
$this->user_role_assoc_model->addUserToRole($user_id, $role->id);
// Pending e-mail
$this->load->model('pending_email_model');
$this->load->helper('uuid');
$this->load->helper('random');
$id = generateUUIDv4();
$code = generateRandomHexString(8);
$this->pending_email_model->createVerification($id, $user_id, $code, time());
$this->db->trans_complete();
if ($this->db->trans_status()) {
$this->data['title'] = 'Asynctive | Registration Complete';
$this->data['registration_successful'] = TRUE;
$this->data['email'] = $data['email'];
$this->load->library('email');
$this->email->from($this->config->item('verify_email_sender'));
$this->email->to($data['email']);
$this->email->subject('Verify Your Account');
$message = '<html><body><a href="' . $this->config->item('site_address') . '/verify/' . $id . '/' . $code . '">Click here</a> to verify your Asynctive account</body></html>';
$this->email->message($message);
$this->email->send();
}
}
// IP ban check
}
// Form validation
}
// Post data
$this->_render('pages/sign_up.php');
}
public function index($id = null, $code = null)
{
// Don't access this page if logged in
if (array_key_exists('user_id', $_SESSION)) {
redirect('/admin/main', 200);
}
// Request form
if ($id === null || $code === null) {
// Send request
if (!empty($_POST)) {
$username = trim($this->input->post('pwreset_username'));
$record = $this->user_model->getUserByUsername($username);
// Record exists
if ($record !== FALSE) {
$this->_getUserRoles($record->id);
// Has permission
if ($this->roles->hasPermission($this->userRoles, PERMISSION_VIEW_ADMIN_PANEL)) {
$this->load->model('password_reset_model');
$this->load->helper('uuid');
$this->load->helper('random');
$data = array('id' => generateUUIDv4(), 'user_id' => $record->id, 'code' => generateRandomHexString(8), 'remote_ip' => $this->input->ip_address(), 'created' => time(), 'expires' => time() + $this->config->item('password_reset_expire_time'));
$this->db->trans_start();
$this->password_reset_model->deactivateResetsByUserId($record->id);
$this->password_reset_model->createReset($data);
$this->db->trans_complete();
if ($this->db->trans_status()) {
$this->data['reset_sent'] = TRUE;
$this->data['reset_username'] = $username;
$this->_sendResetEmail($data, $record);
}
} else {
$this->data['reset_error'] = 'That user does not have access to the admin panel';
}
} else {
$this->data['reset_error'] = 'Sorry but a valid user was not found';
}
}
} else {
$this->load->model('password_reset_model');
$record = $this->password_reset_model->getActiveResetByIdAndCode($id, $code);
// Reset found
if ($record !== FALSE) {
// Resetting
$this->data['resetting'] = TRUE;
$this->load->library('form_validation');
if (!empty($_POST)) {
$this->form_validation->set_rules(array(array('field' => 'pwreset_new_password', 'label' => 'New Password', 'rules' => 'required|min_length[8]|callback__checkPassword'), array('field' => 'pwreset_confirm_password', 'label' => 'Confirm New Password', 'rules' => 'required|matches[pwreset_new_password]')));
if ($this->form_validation->run()) {
$new_password = $this->input->post('pwreset_new_password');
$this->db->trans_start();
$this->password_reset_model->deactivateResetsByUserId($record->user_id);
$this->user_model->updateUserById(array('password' => password_hash($new_password, PASSWORD_DEFAULT)), $record->user_id);
$this->db->trans_complete();
if ($this->db->trans_status()) {
$this->_sendStatusEmail($record->email);
$this->data['reset_complete'] = TRUE;
}
}
}
} else {
$this->data['reset_error'] = 'This password reset is invalid or no longer exists';
}
}
$this->_render('admin/pwreset.php');
}
public function index($id = null, $code = null)
{
// Check if logged in
if (isset($_SESSION['user_id'])) {
redirect('/', 200);
}
$this->load->library('form_validation');
// Request form
if ($id == null) {
if (empty($_POST)) {
$this->_render('pages/pwreset.php');
} else {
$username = trim($this->input->post('pwreset_username'));
$email = trim($this->input->post('pwreset_email'));
$user_record = FALSE;
if ($username !== '') {
$user_record = $this->user_model->getUserByUsername($username);
} else {
if ($email !== '') {
$user_record = $this->user_model->getUserByEmail($email);
}
}
if ($user_record === FALSE) {
$this->data['reset_error'] = 'Sorry but a valid user was not found';
} else {
$this->load->model('password_reset_model');
$this->load->helper('random');
$this->load->helper('uuid');
$data = array('id' => generateUUIDv4(), 'user_id' => $user_record->id, 'code' => generateRandomHexString(8), 'remote_ip' => $this->input->ip_address(), 'created' => time(), 'expires' => time() + $this->config->item('password_reset_expire_time'));
$this->db->trans_start();
$this->password_reset_model->deactivateResetsByUserId($user_record->id);
$this->password_reset_model->createReset($data);
$this->db->trans_complete();
if ($this->db->trans_status() == TRUE) {
$this->_sendResetEmail($data, $user_record);
$this->data['reset_sent'] = TRUE;
$this->data['reset_email'] = $user_record->email;
}
}
}
} else {
$this->load->model('password_reset_model');
$record = $this->password_reset_model->getActiveResetByIdAndCode($id, $code);
if ($record === FALSE) {
$this->data['reset_error'] = 'This password reset is invalid or no longer exists';
} else {
$this->data['resetting'] = TRUE;
if (!empty($_POST)) {
$new_password = $this->input->post('pwreset_new_password');
$this->form_validation->set_rules(array(array('field' => 'pwreset_new_password', 'label' => 'New Password', 'rules' => 'required|min_length[6]'), array('field' => 'pwreset_confirm_password', 'label' => 'Confirm New Password', 'rules' => 'required|matches[pwreset_new_password]')));
if ($this->form_validation->run()) {
$this->db->trans_start();
$this->password_reset_model->deactivateResetById($id);
$this->user_model->updateUserById(array('password' => password_hash($new_password, PASSWORD_DEFAULT)), $record->user_id);
$this->db->trans_complete();
if ($this->db->trans_status() == TRUE) {
$this->_sendStatusEmail($record->email);
$this->data['reset_complete'] = TRUE;
}
}
}
}
}
$this->_render('pages/pwreset.php');
}
