public function indexAction() { if (Zend_Auth::getInstance()->hasIdentity()) { return $this->_redirect('/'); } // process the form $form = new Application_Form_Register(); if ($this->getRequest()->isPost()) { if ($form->isValid($_POST)) { if ($form->getValue('password') == $form->getValue('password_confirm')) { /** * Check if a user with the given username or email already * exists */ $user_mapper = new Application_Model_UserMapper(); $user = $user_mapper->findByUsername($form->getValue('username')); $email = $user_mapper->findByEmail($form->getValue('email')); if (!$user && !$email) { $values = $form->getValues(); $user_mapper = new Application_Model_UserMapper(); $user = new Application_Model_User($values); // Hash the password with a random salt $user->setPassword_salt(mcrypt_create_iv(64)); $user->setPassword_hash(hash('sha256', $user->getPassword_salt() . $form->getValue('password'))); $user->setActive(0); // Insert the account into the database $user_mapper->save($user); $user = $user_mapper->findByUsername($user->getUsername()); if ($user) { $user = $user[0]; // prompt the user to activate the account $this->_helper->FlashMessenger('Successful Registration'); return $this->_redirect('/registration/confirm/id/' . $user->getId()); } } else { if ($user) { print "A user with this user name already exists."; } if ($email) { print "A user with this email already exists."; } } } else { print "The password was not confirmed."; } } else { print 'Invalid form'; } } $this->view->form = $form; }
public function editAction() { if (!Zend_Auth::getInstance()->hasIdentity()) { return $this->_redirect('/'); } $user = new Zend_Session_Namespace('user'); // process the form $form = new Application_Form_UserEdit(); if ($this->getRequest()->isPost()) { if ($form->isValid($_POST)) { /** * Because some fields are excluded from the form, they will be * set manually */ $id = $user->user['id']; $username = $user->user['username']; $password_salt = $user->user['password_salt']; $password_hash = $user->user['password_hash']; if ($form->getValue('password') == $form->getValue('password_confirm')) { /** * Check if the user changed the email to one that is * already in use */ $user_mapper = new Application_Model_UserMapper(); $email = $user_mapper->findByEmail($form->getValue('email')); $duplicate = false; if ($email) { $email = $email[0]; if ($id != $email->getId()) { $duplicate = true; } } if (!$duplicate) { // update the user $values = $form->getValues(); $user_mapper = new Application_Model_UserMapper(); $user = new Application_Model_User($values); $user->setId($id); $user->setUsername($username); $user->setPassword_salt($password_salt); $user->setPassword_hash($password_hash); $user->setActive(1); $user_mapper->save($user); // update the session $session = new Zend_Session_Namespace('user'); $session->user = $user->get_array(); $this->_helper->FlashMessenger('Successful Update'); return $this->_redirect('/user'); } else { print "A user with this email already exists."; } } else { print "The password was not confirmed."; } } else { print 'Invalid form'; } } // populate the form with the user's information $elements = $form->getElements(); unset($elements['submit']); foreach ($elements as $key => $row) { $form->{$key}->setValue($user->user[$key]); } $this->view->form = $form; }