public static function create($studentId, $validate_code) { $db = getDatabase(); $q = "INSERT INTO temp_validation_table (" . self::KEY_CODE . "," . self::KEY_STUDENT_ID . "," . self::KEY_CREATED_TIME . ") VALUES " . "(" . ":validate_code," . ":studentid, " . ":create_time" . ")"; try { $stmt = $db->prepare($q); $stmt->bindParam(":validate_code", $validate_code); $stmt->bindParam(":studentid", $studentId); $stmt->bindParam(":create_time", time()); $stmt->execute(); $lastInserted = $db->lastInsertId(); $t = new TempValidationCode(); $t->initWithId($lastInserted); return $t; } catch (Exception $ex) { Utils::HandlePDOException($ex); } return null; }
public static function resetPassword() { $error_message = ""; $password = ""; if (!empty($_GET)) { $validate_code = $_GET["validate"]; $accountId = intval($_GET["accountid"]); try { $t = new TempValidationCode(); $t->initWithValidationCode($validate_code); $account = new Account(); $account->initWithId($accountId); if ($account->getStudentId() != $t->getStudentId() || $t->isExpired()) { throw new Exception(""); } else { // allow to reset password } } catch (Exception $ex) { // fail to validate if ($t->isExpired()) { $content = "forgetpassword_expired.php"; include VIEWS_PATH . "account/public.php"; return; } else { header("Location: /"); die; } } } else { // fail to validate header("Location: /"); die; } if (!empty($_POST)) { $password = $_POST["password"]; $confirm_password = $_POST["password-confirm"]; if (empty($password)) { $error_message .= "<li>パスワードを空白にしないでください。</li>"; } if (empty($confirm_password)) { $error_message .= "<li>再確認のパスワードを空白にしないでください。</li>"; } else { if ($confirm_password != $password) { $error_message .= "<li>パスワードと再確認のパスワードは一致しません。</li>"; } } if (strlen($error_message) == 0) { // success and reset password $account = new Account(); $account->initWithId($accountId); $account->resetPassword($password); $t = new TempValidationCode(); $t->initWithValidationCode($validate_code); $t->validate(); header("Location: /account/resetpassworddone"); die; } } $content = "forgetpassword_resetpassword.php"; include VIEWS_PATH . "account/public.php"; }