public function restPutResetProcess() { $form = new Form\ResetPasswordForm(); $form->bind($this->params()->fromPost()); if ($form->isValid()) { $item = $form->getData(); $itemModel = Api::_()->getModel('User\\Model\\Reset'); $itemModel->resetProcess($item['code'], $item['password']); return $this->redirect()->toUrl('/login/'); } else { } return array('form' => $form); }
public function resetPasswordAction() { // process the form $form = new ResetPasswordForm(); $request = $this->getRequest(); if ($this->getRequest()->isPost()) { $form->setData($request->getPost()); if ($form->isValid()) { $data = $form->getData(); if ($data['password'] == $data['password_confirm']) { // check if the reset key is valid $sm = $this->getServiceLocator(); $password_reset_mapper = $sm->get('User\\Model\\PasswordResetMapper'); $params = array('where' => 'password_reset_key = "' . $data['password_reset_key'] . '"'); $password_reset = $password_reset_mapper->select($params); if ($password_reset) { $password_reset = $password_reset[0]; /** * Check if the activation key has not expired (24 hours * have not passed) */ $now = date('Y-m-d H:i:s'); $time_elapsed = abs(strtotime($now) - strtotime($password_reset->getCreated())); $time_elapsed = (int) ($time_elapsed / 86400); if ($time_elapsed) { /** * Redirect the user back to the form to generate a * fresh reset key */ return $this->redirect()->toRoute('auth', array('action' => 'forgot-password')); } /** * Check if the user associated with the reset key exists */ $user_mapper = $sm->get('User\\Model\\UserMapper'); $user = $user_mapper->fetch($password_reset->getUser_id()); if (!$user) { $password_reset_mapper->delete($password_reset->getId()); return $this->redirect()->toRoute('home'); } // Hash the password with a random salt $user->setPassword_salt(mcrypt_create_iv(64)); $user->setPassword_hash(hash('sha256', $user->getPassword_salt() . $data['password'])); // Save the new password $user_mapper->save($user); $password_reset_mapper->delete($password_reset->getId()); print 'Your password has been successfully reset.'; } } else { print "The password was not confirmed."; $form->get('password_reset_key')->setValue($data['password_reset_key']); return new ViewModel(array('form' => $form)); } } else { $data = $form->getData(); $form->get('password_reset_key')->setValue($data['password_reset_key']); return new ViewModel(array('form' => $form)); } } else { if ($this->params('key') == null) { return $this->redirect()->toRoute('home'); } // check if the reset key is valid $sm = $this->getServiceLocator(); $password_reset_mapper = $sm->get('User\\Model\\PasswordResetMapper'); $params = array('where' => 'password_reset_key = "' . $this->params('key') . '"'); $password_reset = $password_reset_mapper->select($params); if ($password_reset) { $password_reset = $password_reset[0]; /** * Check if the activation key has not expired (24 hours have not * passed) */ $now = date('Y-m-d H:i:s'); $time_elapsed = abs(strtotime($now) - strtotime($password_reset->getCreated())); $time_elapsed = (int) ($time_elapsed / 86400); if ($time_elapsed) { /** * Redirect the user back to the form to generate a fresh * reset key */ return $this->redirect()->toRoute('auth', array('action' => 'forgot-password')); } // check if the user associated with the reset key exists $user_mapper = $sm->get('User\\Model\\UserMapper'); $user = $user_mapper->fetch($password_reset->getUser_id()); if (!$user) { $password_reset_mapper->delete($password_reset->getId()); return $this->redirect()->toRoute('home'); } $form->get('password_reset_key')->setValue($this->params('key')); return new ViewModel(array('form' => $form)); } } }