Example #1
0
 /**
  * Saves password reset info and sends confirmation email.
  * 
  * @return array Error message(s) if an error occurs.
  */
 private function resetPasswordFirstStep($form)
 {
     $loginMail = $form->getSubmitValue('form_login');
     $token = $form->getSubmitValue('form_token');
     $password = $form->getSubmitValue('form_password');
     // check the password
     try {
         Piwik_UsersManager::checkPassword($password);
     } catch (Exception $ex) {
         return array($ex->getMessage());
     }
     // get the user's login
     if ($loginMail === 'anonymous') {
         return array(Piwik_Translate('Login_InvalidUsernameEmail'));
     }
     $user = self::getUserInformation($loginMail);
     if ($user === null) {
         return array(Piwik_Translate('Login_InvalidUsernameEmail'));
     }
     $login = $user['login'];
     // if valid, store password information in options table, then...
     Piwik_Login::savePasswordResetInfo($login, $password);
     // ... send email with confirmation link
     try {
         $this->sendEmailConfirmationLink($user);
     } catch (Exception $ex) {
         // remove password reset info
         Piwik_Login::removePasswordResetInfo($login);
         return array($ex->getMessage() . '<br/>' . Piwik_Translate('Login_ContactAdmin'));
     }
     return null;
 }
Example #2
0
 /**
  * Stores password reset info for a specific login.
  * 
  * @param string $login The user login for whom a password change was requested.
  * @param string $password The new password to set.
  */
 public static function savePasswordResetInfo($login, $password)
 {
     $optionName = self::getPasswordResetInfoOptionName($login);
     $optionData = Piwik_UsersManager::getPasswordHash($password);
     Piwik_SetOption($optionName, $optionData);
 }
Example #3
0
 /**
  * Updates a user in the database. 
  * Only login and password are required (case when we update the password).
  * When the password changes, the key token for this user will change, which could break
  * its API calls.
  * 
  * @see addUser() for all the parameters
  */
 public function updateUser($userLogin, $password = false, $email = false, $alias = false, $_isPasswordHashed = false)
 {
     Piwik::checkUserIsSuperUserOrTheUser($userLogin);
     $this->checkUserIsNotAnonymous($userLogin);
     $this->checkUserIsNotSuperUser($userLogin);
     $userInfo = $this->getUser($userLogin);
     if (empty($password)) {
         $password = $userInfo['password'];
     } else {
         $password = Piwik_Common::unsanitizeInputValue($password);
         if (!$_isPasswordHashed) {
             Piwik_UsersManager::checkPassword($password);
             $password = Piwik_UsersManager::getPasswordHash($password);
         }
     }
     if (empty($alias)) {
         $alias = $userInfo['alias'];
     }
     if (empty($email)) {
         $email = $userInfo['email'];
     }
     if ($email != $userInfo['email']) {
         $this->checkEmail($email);
     }
     $alias = $this->getCleanAlias($alias, $userLogin);
     $token_auth = $this->getTokenAuth($userLogin, $password);
     $db = Zend_Registry::get('db');
     $db->update(Piwik_Common::prefixTable("user"), array('password' => $password, 'alias' => $alias, 'email' => $email, 'token_auth' => $token_auth), "login = '******'");
     Piwik_Common::deleteTrackerCache();
     Piwik_PostEvent('UsersManager.updateUser', $userLogin);
 }