/**
* Performs an authentication attempt
*
* @throws Zend_Auth_Adapter_Exception If authentication cannot be performed
* @return Zend_Auth_Result
*/
public function authenticate()
{
$config = new Zend_Config_Ini('../config/zportal.ini', 'mail');
$mailConfig = array('auth' => 'login', 'username' => $this->name, 'password' => $this->password);
$login = new Zend_Mail_Protocol_Smtp_Auth_Login($config->mail->get('server'), null, $mailConfig);
$login->connect();
try {
$login->helo("localhost");
} catch (Exception $e) {
// unauth user
$result = Zend_Auth_Result::FAILURE;
$identity = $this->name;
$message = 'Authentication failed. Please check your login details or call system admin.';
return new Zend_Auth_Result($result, $identity, array($message));
}
// create result array
$users = new Users();
$email = strtolower($this->name . "@zend.com");
$user = $users->getByEmail($email);
// if first time visit
if (!$user) {
// add record to users
$users->addUser(array('email' => $email, 'role' => 'member'));
$user = $users->getByEmail($email);
// send welcome page
$bodyHtml = 'Dear User<br>Welcome to ZPortal.<br>';
$config = new Zend_Config_Ini('../config/zportal.ini', 'mail');
$transport = new Zend_Mail_Transport_Smtp($config->mail->get('server'), $mailConfig);
$mail = new Zend_Mail();
$mail->setBodyText("See html attachment");
$mail->setBodyHtml($bodyHtml, 'UTF-8', Zend_Mime::ENCODING_BASE64);
$mail->setFrom('*****@*****.**', 'ZPortal');
$mail->addTo($email, $email);
$mail->setSubject('Welcome to ZPortal');
$mail->send($transport);
}
$result = Zend_Auth_Result::SUCCESS;
$identity = $user;
$message = '';
return new Zend_Auth_Result($result, $identity, array($message));
}
<?php
$redirect = function () {
if (array_key_exists('state', $_GET)) {
header('Location: ' . $_GET['state']);
} else {
header('Location: /');
}
};
$auth = new GoogleAuth(Config::get('GOOGLE_WA_CLIENT_ID'), Config::get('GOOGLE_WA_CLIENT_SECRET'), Config::get('GOOGLE_OAUTH_REDIRECT_URI'), Config::get('GOOGLE_OAUTH_SCOPES'));
$info = $auth->getUserInfo($_GET['code']);
if (null === $info) {
// Access denied
$redirect();
} else {
// Access granted
$email = $info['email'];
$nick = $info['name'];
$picture = $info['picture'];
$user = Users::getByEmail($email);
if (null == $user) {
$user = Users::add($email);
$user->setNick($nick);
$user->setPicture(Image::INSERT($picture));
}
$user->login();
$redirect();
}
private static function getPersonLinkFromEmailAddress($email, $addr_name, $clean = true, $add_contact_link = true)
{
$name = $email;
$url = "";
$user = Users::getByEmail($email);
if ($user instanceof User && $user->canSeeUser(logged_user())) {
$name = $clean ? clean($user->getDisplayName()) : $user->getDisplayName();
$url = $user->getCardUrl();
} else {
$contact = Contacts::getByEmail($email);
if ($contact instanceof Contact && $contact->canView(logged_user())) {
$name = $clean ? clean($contact->getDisplayName()) : $contact->getDisplayName();
$url = $contact->getCardUrl();
}
}
if ($url != "") {
return '<a class="internalLink" href="' . $url . '" title="' . $email . '">' . $name . " <{$email}></a>";
} else {
if (!(active_project() instanceof Project ? Contact::canAdd(logged_user(), active_project()) : can_manage_contacts(logged_user()))) {
return $email;
} else {
$url = get_url('contact', 'add', array('ce' => $email));
$to_show = $addr_name == '' ? $email : $addr_name . " <{$email}>";
return $to_show . ($add_contact_link ? ' <a class="internalLink link-ico ico-add" style="padding-left:12px;" href="' . $url . '" title="' . lang('add contact') . '"> </a>' : '');
}
}
}
/**
* Render and process forgot password form
*
* @param void
* @return null
*/
function forgot_password()
{
$your_email = trim(array_var($_POST, 'your_email'));
tpl_assign('your_email', $your_email);
if (array_var($_POST, 'submitted') == 'submitted') {
if (!is_valid_email($your_email)) {
tpl_assign('error', new InvalidEmailAddressError($your_email, lang('invalid email address')));
$this->render();
}
// if
$user = Users::getByEmail($your_email);
if (!$user instanceof User) {
flash_error(lang('email address not in use', $your_email));
$this->redirectTo('access', 'forgot_password');
}
// if
try {
Notifier::forgotPassword($user);
flash_success(lang('success forgot password'));
} catch (Exception $e) {
flash_error(lang('error forgot password'));
}
// try
$this->redirectTo('access', 'forgot_password');
}
// if
}
/**
* Add single mail
*
* @access public
* @param void
* @return null
*/
function add_mail()
{
if (logged_user()->isGuest()) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
$this->addHelper('textile');
$mail_accounts = MailAccounts::getMailAccountsByUser(logged_user());
if (count($mail_accounts) < 1) {
flash_error(lang('no mail accounts set'));
ajx_current("empty");
return;
}
$this->setTemplate('add_mail');
$mail_data = array_var($_POST, 'mail');
$isDraft = array_var($mail_data, 'isDraft', '') == 'true' ? true : false;
$isUpload = array_var($mail_data, 'isUpload', '') == 'true' ? true : false;
$autosave = array_var($mail_data, 'autosave', '') == 'true';
$id = array_var($mail_data, 'id');
$mail = MailContents::findById($id);
$isNew = false;
if (!$mail) {
$isNew = true;
$mail = new MailContent();
}
tpl_assign('mail_to', urldecode(array_var($_GET, 'to')));
tpl_assign('link_to_objects', array_var($_GET, 'link_to_objects'));
$def_acc = $this->getDefaultAccountId();
if ($def_acc > 0) {
tpl_assign('default_account', $def_acc);
}
tpl_assign('mail', $mail);
tpl_assign('mail_data', $mail_data);
tpl_assign('mail_accounts', $mail_accounts);
// Form is submited
if (is_array($mail_data)) {
$account = MailAccounts::findById(array_var($mail_data, 'account_id'));
if (!$account instanceof MailAccount) {
flash_error(lang('mail account dnx'));
ajx_current("empty");
return;
}
$accountUser = MailAccountUsers::getByAccountAndUser($account, logged_user());
if (!$accountUser instanceof MailAccountUser) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
if ($account->getOutgoingTrasnportType() == 'ssl' || $account->getOutgoingTrasnportType() == 'tls') {
$available_transports = stream_get_transports();
if (array_search($account->getOutgoingTrasnportType(), $available_transports) === FALSE) {
flash_error('The server does not support SSL.');
ajx_current("empty");
return;
}
}
$cp_errs = $this->checkRequiredCustomPropsBeforeSave(array_var($_POST, 'object_custom_properties', array()));
if (is_array($cp_errs) && count($cp_errs) > 0) {
foreach ($cp_errs as $err) {
flash_error($err);
}
ajx_current("empty");
return;
}
$subject = array_var($mail_data, 'subject');
$body = array_var($mail_data, 'body');
if (($pre_body_fname = array_var($mail_data, 'pre_body_fname')) != "") {
$body = str_replace(lang('content too long not loaded'), '', $body, $count = 1);
$tmp_filename = ROOT . "/tmp/{$pre_body_fname}";
if (is_file($tmp_filename)) {
$body .= file_get_contents($tmp_filename);
if (!$isDraft) {
@unlink($tmp_filename);
}
}
}
if (array_var($mail_data, 'format') == 'html') {
$css = "font-family:Arial,Verdana,sans-serif;font-size:12px;color:#222;";
Hook::fire('email_base_css', null, $css);
str_replace(array("\r", "\n"), "", $css);
$body = '<div style="' . $css . '">' . $body . '</div>';
$body = str_replace('<blockquote>', '<blockquote style="border-left:1px solid #987ADD;padding-left:10px;">', $body);
}
$type = 'text/' . array_var($mail_data, 'format');
$to = trim(array_var($mail_data, 'to'));
if (str_ends_with($to, ",") || str_ends_with($to, ";")) {
$to = substr($to, 0, strlen($to) - 1);
}
$mail_data['to'] = $to;
$cc = trim(array_var($mail_data, 'cc'));
if (str_ends_with($cc, ",") || str_ends_with($cc, ";")) {
$cc = substr($cc, 0, strlen($cc) - 1);
}
$mail_data['cc'] = $cc;
$bcc = trim(array_var($mail_data, 'bcc'));
if (str_ends_with($bcc, ",") || str_ends_with($bcc, ";")) {
$bcc = substr($bcc, 0, strlen($bcc) - 1);
}
$mail_data['bcc'] = $bcc;
if (!$isDraft && trim($to . $cc . $bcc) == '') {
flash_error(lang('recipient must be specified'));
ajx_current("empty");
return;
}
$invalid_to = MailUtilities::validate_email_addresses($to);
if (is_array($invalid_to)) {
flash_error(lang('error invalid recipients', lang('mail to'), implode(", ", $invalid_to)));
ajx_current("empty");
return;
}
$invalid_cc = MailUtilities::validate_email_addresses($cc);
if (is_array($invalid_cc)) {
flash_error(lang('error invalid recipients', lang('mail CC'), implode(", ", $invalid_cc)));
ajx_current("empty");
return;
}
$invalid_bcc = MailUtilities::validate_email_addresses($bcc);
if (is_array($invalid_bcc)) {
flash_error(lang('error invalid recipients', lang('mail BCC'), implode(", ", $invalid_bcc)));
ajx_current("empty");
return;
}
$last_mail_in_conversation = array_var($mail_data, 'last_mail_in_conversation');
$conversation_id = array_var($mail_data, 'conversation_id');
if ($last_mail_in_conversation && $conversation_id) {
$new_mail_in_conversation = MailContents::getLastMailIdInConversation($conversation_id, true);
if ($new_mail_in_conversation != $last_mail_in_conversation) {
ajx_current("empty");
evt_add("new email in conversation", array('id' => $new_mail_in_conversation, 'genid' => array_var($_POST, 'instanceName')));
return;
}
}
$mail->setFromAttributes($mail_data);
$mail->setTo($to);
$mail->setCc($cc);
$mail->setBcc($bcc);
$mail->setSubject($mail_data['subject']);
$utils = new MailUtilities();
// attachment
$linked_attachments = array();
$attachments = array();
$objects = array_var($_POST, 'linked_objects');
$attach_contents = array_var($_POST, 'attach_contents', array());
if (is_array($objects)) {
$err = 0;
$count = -1;
foreach ($objects as $objid) {
$count++;
$split = explode(":", $objid);
if (count($split) == 2) {
$object = get_object_by_manager_and_id($split[1], $split[0]);
} else {
if (count($split) == 4) {
if ($split[0] == 'FwdMailAttach') {
$tmp_filename = ROOT . "/tmp/" . logged_user()->getId() . "_" . $mail_data['account_id'] . "_FwdMailAttach_" . $split[3];
if (is_file($tmp_filename)) {
$attachments[] = array("data" => file_get_contents($tmp_filename), "name" => $split[1], "type" => $split[2]);
continue;
}
}
}
}
if (!isset($object) || !$object) {
flash_error(lang('file dnx'));
$err++;
} else {
if (isset($attach_contents[$count])) {
if ($split[0] == 'ProjectFiles') {
$file = ProjectFiles::findById($object->getId());
if (!$file instanceof ProjectFile) {
flash_error(lang('file dnx'));
$err++;
}
// if
if (!$file->canDownload(logged_user())) {
flash_error(lang('no access permissions'));
$err++;
}
// if
$attachments[] = array("data" => $file->getFileContent(), "name" => $file->getFilename(), "type" => $file->getTypeString());
} else {
if ($split[0] == 'MailContents') {
$email = MailContents::findById($object->getId());
if (!$email instanceof MailContent) {
flash_error(lang('email dnx'));
$err++;
}
// if
if (!$email->canView(logged_user())) {
flash_error(lang('no access permissions'));
$err++;
}
// if
$attachments[] = array("data" => $email->getContent(), "name" => $email->getSubject() . ".eml", "type" => 'message/rfc822');
}
}
} else {
$linked_attachments[] = array("data" => $object->getViewUrl(), "name" => clean($object->getObjectName()), "type" => lang($object->getObjectTypeName()), "manager" => $object->getObjectManagerName(), "id" => $object->getId());
}
}
}
if ($err > 0) {
flash_error(lang('some objects could not be linked', $err));
ajx_current('empty');
return;
}
}
$to = preg_split('/;|,/', $to);
$to = $utils->parse_to($to);
if ($body == '') {
$body .= ' ';
}
try {
if (count($linked_attachments)) {
$linked_users = array();
foreach ($to as $to_user) {
$linked_user = Users::getByEmail($to_user[1]);
if (!$linked_user instanceof User) {
try {
$linked_user = create_user_from_email($to_user[1], $to_user[0]);
} catch (Exception $e) {
//Logger::log($e->getMessage());
}
}
if ($linked_user instanceof User) {
$linked_users[] = $linked_user;
}
}
$linked_atts = $type == 'text/html' ? '<div style="font-family:arial;"><br><br><br><span style="font-size:12pt;font-weight:bold;color:#777">' . lang('linked attachments') . '</span><ul>' : "\n\n\n-----------------------------------------\n" . lang('linked attachments') . "\n\n";
foreach ($linked_attachments as $att) {
$linked_atts .= $type == 'text/html' ? '<li><a href="' . $att['data'] . '">' . $att['name'] . ' (' . $att['type'] . ')</a></li>' : $att['name'] . ' (' . $att['type'] . '): ' . $att['data'] . "\n";
foreach ($linked_users as $linked_user) {
try {
$linked_user->giveAccessToObject(get_object_by_manager_and_id($att['id'], $att['manager']));
} catch (Exception $e) {
//Logger::log($e->getMessage());
}
}
}
$linked_atts .= $type == 'text/html' ? '</ul></div>' : '';
} else {
$linked_atts = '';
}
$body .= $linked_atts;
if (count($attachments) > 0) {
$i = 0;
$str = "";
/* foreach ($attachments as $att) {
$str .= "--000000000000000000000000000$i\n";
$str .= "Name: ".$att['name'] .";\n";
$str .= "Type: ".$att['type'] .";\n";
//$str .= "Encoding: ".$att['type'] .";\n";
$str .= base64_encode($att['data']) ."\n";
$str .= "--000000000000000000000000000$i--\n";
$i++;
}
*/
$str = "#att_ver 2\n";
foreach ($attachments as $att) {
$rep_id = $utils->saveContent($att['data']);
$str .= $att['name'] . "," . $att['type'] . "," . $rep_id . "\n";
}
// save attachments, when mail is sent this file is deleted and full content is saved
$repository_id = $utils->saveContent($str);
if (!$isNew) {
if (FileRepository::isInRepository($mail->getContentFileId())) {
// delete old attachments
$content = FileRepository::getFileContent($mail->getContentFileId());
if (str_starts_with($content, "#att_ver")) {
$lines = explode("\n", $content);
foreach ($lines as $line) {
if (!str_starts_with($line, "#") && trim($line) !== "") {
$data = explode(",", $line);
if (isset($data[2]) && FileRepository::isInRepository($data[2])) {
FileRepository::deleteFile($data[2]);
}
}
}
}
FileRepository::deleteFile($mail->getContentFileId());
}
}
$mail->setContentFileId($repository_id);
}
$mail->setHasAttachments(is_array($attachments) && count($attachments) > 0 ? 1 : 0);
$mail->setAccountEmail($account->getEmailAddress());
$mail->setSentDate(DateTimeValueLib::now());
$mail->setReceivedDate(DateTimeValueLib::now());
DB::beginWork();
$msg_id = MailUtilities::generateMessageId($account->getEmailAddress());
$conversation_id = array_var($mail_data, 'conversation_id');
$in_reply_to_id = array_var($mail_data, 'in_reply_to_id');
if ($conversation_id) {
$in_reply_to = MailContents::findById(array_var($mail_data, 'original_id'));
if ($in_reply_to instanceof MailContent && $in_reply_to->getSubject() && strpos(strtolower($mail->getSubject()), strtolower($in_reply_to->getSubject())) === false) {
$conversation_id = null;
$in_reply_to_id = '';
}
}
if (!$conversation_id) {
$conversation_id = MailContents::getNextConversationId($account->getId());
}
$mail->setMessageId($msg_id);
$mail->setConversationId($conversation_id);
$mail->setInReplyToId($in_reply_to_id);
$mail->setUid(gen_id());
$mail->setState($isDraft ? 2 : 200);
$mail->setIsPrivate(false);
set_user_config_option('last_mail_format', array_var($mail_data, 'format', 'plain'), logged_user()->getId());
$body = utf8_safe($body);
if (array_var($mail_data, 'format') == 'html') {
$mail->setBodyHtml($body);
$mail->setBodyPlain(utf8_safe(html_to_text($body)));
} else {
$mail->setBodyPlain($body);
$mail->setBodyHtml('');
}
$mail->setFrom($account->getEmailAddress());
$mail->setFromName(logged_user()->getDisplayName());
$mail->save();
$mail->setIsRead(logged_user()->getId(), true);
$mail->setTagsFromCSV(array_var($mail_data, 'tags'));
// autoclassify sent email
// if replying a classified email classify on same workspace
$classified = false;
if (array_var($mail_data, 'original_id')) {
$in_reply_to = MailContents::findById(array_var($mail_data, 'original_id'));
if ($in_reply_to instanceof MailContent) {
$workspaces = $in_reply_to->getWorkspaces();
foreach ($workspaces as $w) {
if ($mail->canAdd(logged_user(), $w)) {
$mail->addToWorkspace($w);
$classified = true;
}
}
}
}
if (!$classified && $account->getWorkspace() instanceof Project) {
$mail->addToWorkspace($account->getWorkspace());
}
if (!$classified && active_project() instanceof Project) {
$mail->addToWorkspace(active_project());
}
$object_controller = new ObjectController();
$object_controller->add_custom_properties($mail);
$object_controller->link_to_new_object($mail);
if (array_var($mail_data, 'link_to_objects') != '') {
$lto = explode('|', array_var($mail_data, 'link_to_objects'));
foreach ($lto as $object_string) {
$split_object = explode('-', $object_string);
$object = get_object_by_manager_and_id($split_object[1], $split_object[0]);
if ($object instanceof ProjectDataObject) {
$mail->linkObject($object);
}
}
}
ApplicationLogs::createLog($mail, $mail->getWorkspaces(), ApplicationLogs::ACTION_ADD);
if (user_config_option('create_contacts_from_email_recipients') && can_manage_contacts(logged_user())) {
// automatically create contacts
foreach ($to as $recipient) {
$recipient_name = trim($recipient[0]);
$recipient_address = trim($recipient[1]);
if (!$recipient_address) {
continue;
}
$contact = Contacts::getByEmail($recipient_address);
if (!$contact instanceof Contact) {
try {
$contact = new Contact();
$contact->setEmail($recipient_address);
if ($recipient_name && $recipient_name != $recipient_address) {
$contact->setFirstName($recipient_name);
} else {
$index = strpos($recipient_address, "@");
$recipient_name = substr($recipient_address, 0, $index);
$contact->setFirstName($recipient_name);
}
$contact->save();
} catch (Exception $e) {
// TODO: show error message?
}
}
}
}
DB::commit();
if (!$autosave) {
if ($isDraft) {
flash_success(lang('success save mail'));
ajx_current("empty");
} else {
evt_add("must send mails", array("account" => $mail->getAccountId()));
//flash_success(lang('mail is being sent'));
ajx_current("back");
}
evt_add("email saved", array("id" => $mail->getId(), "instance" => array_var($_POST, 'instanceName')));
} else {
evt_add("draft mail autosaved", array("id" => $mail->getId(), "hf_id" => $mail_data['hf_id']));
flash_success(lang('success autosave draft'));
ajx_current("empty");
}
} catch (Exception $e) {
DB::rollback();
flash_error($e->getMessage());
ajx_current("empty");
}
// try
}
// if
}
function getSenderUrl()
{
$user = Users::getByEmail($this->getFrom());
if ($user instanceof User && $user->canSeeUser(logged_user())) {
return $user->getCardUrl();
} else {
$contact = Contacts::getByEmail($this->getFrom());
if ($contact instanceof Contact && $contact->canView(logged_user())) {
return $contact->getCardUrl();
}
}
return $this->getViewUrl();
}
/**
* Resend activation email
*/
public function resendActivationAction()
{
$config = new Zend_Config_Ini(APPLICATION_PATH . '/configs/forms.ini');
$this->view->form = new Zend_Form($config->feed->resendactivation);
if ($this->getRequest()->isPost() && $this->view->form->isValid($_POST)) {
$feeds = new Feeds();
$users = new Users();
$user = $users->getByEmail($this->view->form->email->getValue());
$feed = $feeds->getBySiteUrlAndUserId($this->view->form->url->getValue(), $user->id);
if ($feed) {
$this->sendActivationEmail($feed, $user);
} else {
$this->view->form->email->markAsError();
}
}
}
public function actionPassRequest()
{
if (!isset($_POST['PassRequestForm'])) {
//new request
$requestForm = new PassRequestForm();
$this->render('passrequest', array('model' => $requestForm));
} else {
//requst form has been filled
$requestForm = new PassRequestForm();
$requestForm->attributes = $_POST['PassRequestForm'];
if (!$requestForm->validate()) {
yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Restore form validation failed'));
$this->render('passrequest', array('model' => $requestForm));
return;
}
//for is correct so, prepare and send request email
$email = $_POST['PassRequestForm']['email'];
//create new guid and sent it to user
$guid = AuthCommon::getGUID();
$userModel = new Users();
$user = $userModel->getByEmail($email);
if ($user == null) {
yii::app()->user->setFlash('warning', sprintf(Yii::t('AuthModule.main', 'Email address was not found'), $email));
$this->redirect(array('user/passrequest'));
return;
}
$user_id = $user->id;
$validations = new Validations();
$validations->guid = $guid;
$validations->user_id = $user_id;
$validations->email = $email;
$validations->type = self::VALIDATOR_RESTORE;
$date = new DateTime();
$date->modify("+24 hours");
$exp_time = $date->format(AuthCommon::getParam('dateFormat'));
$validations->exp_datetime = $exp_time;
$validations->comments = 'Restore user password';
if (!$validations->validate()) {
yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Password restore not complited'));
$this->render('passrequest', array('model' => $requestForm));
return;
}
if (!$validations->save()) {
yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Password restore not complited'));
$this->render('passrequest', array('model' => $requestForm));
return;
}
//send email with restore link
if (!$requestForm->validate()) {
yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Restore form validation failed'));
$this->render('passrequest', array('model' => $requestForm));
return;
}
$result = AuthCommon::sendPassRequestEmail($email, $guid, $user->username);
if ($result) {
Yii::app()->user->setFlash('success', sprintf(Yii::t('AuthModule.main', 'Password restore link has been sent'), $email));
$this->redirect(array('user/passchange'));
} else {
Yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Error sending email message'));
$this->redirect(array('user/passrequest'));
}
}
}
<?php
if ($page->isPostBack()) {
if (!isset($_POST["username"]) || !isset($_POST["password"])) {
$page->smarty->assign('error', "Please enter your username and password.");
} else {
$page->smarty->assign('username', $_POST["username"]);
$users = new Users();
$res = $users->getByUsername($_POST["username"]);
$dis = $users->isDisabled($_POST["username"]);
if (!$res) {
$res = $users->getByEmail($_POST["username"]);
}
if ($res) {
if ($dis) {
$page->smarty->assign('error', "Your account has been disabled.");
} else {
if ($users->checkPassword($_POST["password"], $res["password"])) {
$rememberMe = isset($_POST['rememberme']) && $_POST['rememberme'] == 'on' ? 1 : 0;
$users->login($res["ID"], $_SERVER['REMOTE_ADDR'], $rememberMe);
if (isset($_POST["redirect"]) && $_POST["redirect"] != "") {
header("Location: " . $_POST["redirect"]);
} else {
header("Location: " . WWW_TOP . $page->site->home_link);
}
die;
} else {
$page->smarty->assign('error', "Incorrect username or password.");
}
}
} else {
/**
* Render and process forgot password form
*
* @param void
* @return null
*/
function forgot_password()
{
$your_email = trim(array_var($_POST, 'your_email'));
tpl_assign('your_email', $your_email);
if (array_var($_POST, 'submited') == 'submited') {
if (!is_valid_email($your_email)) {
tpl_assign('error', new InvalidEmailAddressError($your_email, lang('invalid email address')));
$this->render();
}
// if
$user = Users::getByEmail($your_email);
if (!$user instanceof User) {
flash_error(lang('email address not in use', $your_email));
$this->redirectTo('access', 'forgot_password');
}
// if
$token = sha1(gen_id() . (defined('SEED') ? SEED : ''));
$timestamp = time() + 60 * 60 * 24;
set_user_config_option('reset_password', $token . ";" . $timestamp, $user->getId());
try {
DB::beginWork();
Notifier::forgotPassword($user, $token);
flash_success(lang('success forgot password'));
DB::commit();
} catch (Exception $e) {
DB::rollback();
flash_error(lang('error forgot password'));
}
// try
$this->redirectTo('access', 'forgot_password');
}
// if
}
