Example #1
0
 function reset($code = null)
 {
     if ($code != null) {
         // Process reset
         // If two passwords submitted then check, otherwise show form
         if (isset($_POST['password1']) && $_POST['password1'] != '' && isset($_POST['password2']) && $_POST['password2'] != '') {
             if (User::check_password_reset_code($code) == FALSE) {
                 exit;
             }
             $error = '';
             // Check password
             $password_check = $this->check_password($_POST['password1'], $_POST['password2']);
             if ($password_check !== TRUE) {
                 $error .= $password_check;
             }
             // Error processing
             if ($error == '') {
                 $user_id = User::check_password_reset_code($code);
                 // Get user object
                 $user = User::get_by_id($user_id);
                 // Do update
                 $user->update_password($_POST['password1'], $this->config->encryption_salt);
                 $user->authenticate($_POST['password1'], $this->config->encryption_salt);
                 // Set welcome message
                 Application::flash('success', 'Password updated! Welcome back to ' . $this->config->name . '!');
                 // Get redirected
                 if (isset($this->uri['params']['redirect_to'])) {
                     $redirect_url = $this->uri['params']['redirect_to'];
                 } else {
                     $redirect_url = $this->config->url;
                 }
                 // Go forth
                 header('Location: ' . $redirect_url);
                 exit;
             } else {
                 // Show error message
                 if (User::check_password_reset_code($code) == TRUE) {
                     Application::flash('error', $error);
                     $this->loadView('users/reset', array('valid_code' => TRUE, 'code' => $code));
                 } else {
                     $this->loadView();
                 }
             }
         } else {
             // Code present so show password reset form
             if (User::check_password_reset_code($code) == TRUE) {
                 // Invite code valid
                 $this->loadView('users/reset', array('valid_code' => TRUE, 'code' => $code));
             } else {
                 throw new RoutingException($uri, "Page not found");
             }
         }
     } else {
         // No code in URL so show new reset form
         if (isset($_POST['email'])) {
             // Email submitted so send password reset email
             $user = User::get_by_email($_POST['email']);
             // Check is a user
             if ($user != NULL) {
                 // Generate code
                 $code = $user->generate_password_reset_code();
                 $to = array('email' => $_POST['email']);
                 $link = substr($this->config->url, 0, -1) . $this->url_for('users', 'reset', $code);
                 $subject = '[' . $this->config->name . '] Password reset';
                 $body = $this->twig_string->render(file_get_contents("themes/{$this->config->theme}/emails/password_reset.html"), array('user' => $user, 'link' => $link, 'app' => $this));
                 // Email user
                 $this->email->send_email($to, $subject, $body);
             }
             Application::flash('info', 'Check your email for instructions about how to reset your password!');
         }
         $this->loadView('users/reset', array('valid_code' => FALSE, 'code' => $code));
     }
 }