protected function init()
{
$this->add_plugin(new CM_Form_Plugin_ORM(array('password'), array(), Model_User::get_password_validation()));
$this->set_field('old_password', new CM_Field_Password(), 10);
$this->get_field('old_password')->set_label('Старый пароль');
$this->set_field('password', new CM_Field_Password(), 20);
$this->set_field('password_confirm', new CM_Field_Password(), 30);
}
protected function construct_form($param)
{
if (!$param->loaded()) {
$this->set_field('password', new CM_Field_Password(), 20);
$this->set_field('password_confirm', new CM_Field_Password(), 30);
$this->add_plugin(new CM_Form_Plugin_Validate(Model_User::get_password_validation()));
$this->get_renderer()->set_field_fieldgroup('password', 'Общее');
$this->get_renderer()->set_field_fieldgroup('password_confirm', 'Общее');
}
}
/**
* Update an existing user
*
* [!!] We make the assumption that if a user does not supply a password, that they do not wish to update their password.
*
* Example usage:
* ~~~
* $user = ORM::factory('user')
* ->where('username', '=', 'kiall')
* ->find()
* ->update_user($_POST, array(
* 'username',
* 'password',
* 'email',
* );
* ~~~
*
* @param array $values
* @param array $expected
* @throws ORM_Validation_Exception
*/
public function update_user($values, $expected = NULL)
{
if (empty($values['password'])) {
unset($values['password'], $values['password_confirm']);
}
// Validation for passwords
$extra_validation = Model_User::get_password_validation($values);
return $this->values($values, $expected)->update($extra_validation);
}
/**
* Confirmed password change
*/
public function action_confirmed_restore()
{
$this->title = __('user.password_change');
$token = $this->request->param('token');
if ($token === null) {
HTTP::redirect(Route::url('f_auth', ['action' => 'login']));
}
$o_confirm = ORM::factory('User_Confirm', ['token' => $token, 'type' => Model_User_Confirm::TYPE_RESTORE]);
if (!$o_confirm->loaded()) {
HTTP::redirect(Route::url('f_auth', ['action' => 'login']));
}
if (!$o_confirm->user->confirmed) {
Message::warning(__('user.email_сheck_and_confirm', [':email' => $this->user->email]));
HTTP::redirect(Route::url('f_auth', ['action' => 'login']));
}
// If current time > time recovery password
if (time() > $o_confirm->expires) {
$o_confirm->delete();
Message::error(__('user.error_time_confirm_password_expired'));
HTTP::redirect(Route::url('f_auth', ['action' => 'login']));
}
if ($this->request->is_post()) {
$o_validation = Model_User::get_password_validation($_POST)->rule('password', 'not_empty')->rule('password_confirm', 'not_empty')->labels(['password' => __('user.password_new'), 'password_confirm' => __('user.password_confirm')]);
if ($o_validation->check()) {
$o_confirm->user->password = $o_validation['password'];
$o_confirm->user->save();
$this->auth->force_login($o_confirm->user->username);
$o_confirm->delete();
Message::success(__('user.password_changed'));
HTTP::redirect(Route::url('f_user_profile', ['action' => 'view']));
} else {
Message::error(__('settings.error_saving'));
$errors = $o_validation->errors('validation');
}
}
$this->content = View::factory('auth/frontend/v_confirmed_restore')->bind('errors', $errors);
}
/**
* Update user password
*
* @param $values
* @param null $expected
*
* @return ORM
*/
public function update_password($values, $expected = null)
{
// Validation for passwords
$extra_validation = Model_User::get_password_validation($values)->rule('password_current', 'not_empty')->rule('password_current', array(Auth::instance(), 'check_password'))->rule('password', 'not_empty')->rule('password_confirm', 'not_empty')->labels(array('password_current' => __('user.password_current'), 'password' => __('user.password_new'), 'password_confirm' => __('user.password_confirm')));
return $this->values($values, $expected)->update($extra_validation);
}
