public function changePasswordAction()
{
$data = $_POST;
$token = isset($data['TOKEN']) ? trim($data['TOKEN']) : null;
if (!$token) {
return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => buckys_api_get_error_result('Api token should not be blank')];
}
if (!($userID = BuckysUsersToken::checkTokenValidity($token, "api"))) {
return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('Api token is not valid.')];
}
$current = BuckysUser::getUserData($userID);
if (!buckys_validate_password($data['current_password'], $current['password'])) {
return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => buckys_api_get_error_result('Current password is incorrect.')];
} else {
$pwd = buckys_encrypt_password($data['new_password']);
if (BuckysUser::updateUserFields($userID, ['password' => $pwd])) {
return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => ['STATUS' => 'SUCCESS']];
} else {
return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('There was an error to saving your information.')];
}
}
exit;
}
require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
$userID = buckys_is_logged_in();
//If the parameter is null, goto homepage
if ($userID) {
buckys_redirect('/account.php');
}
$token = isset($_REQUEST['token']) ? $_REQUEST['token'] : '';
if (!$token) {
buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if (!($userID = BuckysUsersToken::checkTokenValidity($token, 'password'))) {
buckys_redirect('/register.php?forgotpwd=1', MSG_USER_TOKEN_LINK_NOT_CORRECT, MSG_TYPE_ERROR);
}
if (isset($_POST['action']) && $_POST['action'] == 'reset-password') {
if (!$_POST['password'] || !$_POST['password']) {
buckys_add_message(MSG_EMPTY_PASSWORD, MSG_TYPE_ERROR);
} else {
if ($_POST['password'] != $_POST['password']) {
buckys_add_message(MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR);
} else {
$pwd = buckys_encrypt_password($_POST['password']);
BuckysUser::updateUserFields($userID, ['password' => $pwd]);
buckys_redirect('/index.php', MSG_PASSWORD_UPDATED);
}
}
}
buckys_enqueue_stylesheet('register.css');
buckys_enqueue_javascript('register.js');
$TNB_GLOBALS['content'] = 'reset_password';
require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php";
/**
* Create New Account
*
* @param Array $data
*/
public function createNewAccount($data)
{
global $db;
$data = array_map('trim', $data);
if ($data['firstName'] == '' || $data['lastName'] == '') {
buckys_add_message(MSG_USERNAME_EMPTY_ERROR, MSG_TYPE_ERROR);
return false;
}
//Check Email Address
if (!preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\\._-]+)+\$/", $data['email'])) {
buckys_add_message(MSG_INVALID_EMAIL, MSG_TYPE_ERROR);
return false;
}
//Check Email Duplication
if (BuckysUser::checkEmailDuplication($data['email'])) {
buckys_add_message(MSG_EMAIL_EXIST, MSG_TYPE_ERROR);
return false;
}
if (!$data['password'] || !$data['password2']) {
buckys_add_message(MSG_EMPTY_PASSWORD, MSG_TYPE_ERROR);
return false;
}
if ($data['password'] != $data['password2']) {
buckys_add_message(MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR);
return false;
}
//Create Token
$token = md5(mt_rand(0, 99999) . time() . $data['email'] . mt_rand(0, 99999));
$password = buckys_encrypt_password($data['password']);
//Create New Account
$newId = $db->insertFromArray(TABLE_USERS, array('firstName' => $data['firstName'], 'lastName' => $data['lastName'], 'email' => $data['email'], 'email_visibility' => 0, 'password' => $password, 'thumbnail' => '', 'user_type' => 'Registered', 'user_acl_id' => 2, 'token' => $token));
if (!$newId) {
buckys_add_message($db->getLastError(), MSG_TYPE_ERROR);
return false;
}
//Send an email to new user with a validation link
$link = "http://" . $_SERVER['HTTP_HOST'] . "/register.php?action=verify&email=" . $data['email'] . "&token=" . $token;
$title = "Please verify your account.";
$body = "Dear " . $data['firstName'] . " " . $data['lastName'] . "\n\n" . "Thanks for your registration. \n" . "To complete your registration, please verify your email address by clicking the below link:. \n" . $link . "\n\nBuckysroom.com";
buckys_sendmail($data['email'], $data['firstName'] . " " . $data['lastName'], $title, $body);
return $newId;
}
/**
* Create New Account
*
* @param Array $data
* @return bool|int|null|string
*/
public static function createNewAccount($data)
{
global $db;
$data = array_map('trim', $data);
if ($data['firstName'] == '' || $data['lastName'] == '') {
buckys_add_message(MSG_USERNAME_EMPTY_ERROR, MSG_TYPE_ERROR);
return false;
}
//Check Email Address
if (!preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\\._-]+)+\$/", $data['email'])) {
buckys_add_message(MSG_INVALID_EMAIL, MSG_TYPE_ERROR);
return false;
}
//Check Email Duplication
if (BuckysUser::checkEmailDuplication($data['email'])) {
//If this one is banned?
if (BuckysUser::getUserStatus($data['email']) == BuckysUser::STATUS_USER_DELETED) {
buckys_add_message(MSG_EMAIL_BANNED, MSG_TYPE_ERROR);
} else {
buckys_add_message(MSG_EMAIL_EXIST, MSG_TYPE_ERROR);
}
return false;
}
if (!$data['password'] || !$data['password2']) {
buckys_add_message(MSG_EMPTY_PASSWORD, MSG_TYPE_ERROR);
return false;
}
if ($data['password'] != $data['password2']) {
buckys_add_message(MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR);
return false;
}
if (!buckys_check_password_strength($data['password'])) {
buckys_add_message(MSG_PASSWORD_STRENGTH_ERROR, MSG_TYPE_ERROR);
return false;
}
//Create Token
$token = md5(mt_rand(0, 99999) . time() . $data['email'] . mt_rand(0, 99999));
$password = buckys_encrypt_password($data['password']);
//Create New Account
$newId = $db->insertFromArray(TABLE_USERS, ['firstName' => $data['firstName'], 'lastName' => $data['lastName'], 'email' => $data['email'], 'email_visibility' => -1, 'password' => $password, 'thumbnail' => '', 'user_type' => 'Registered', 'user_acl_id' => 2, 'ip_addr' => $_SERVER['REMOTE_ADDR'], 'created_date' => date('Y-m-d H:i:s'), 'token' => $token]);
if (!$newId) {
buckys_add_message($db->getLastError(), MSG_TYPE_ERROR);
return false;
}
//Create New Record on the users_stats table
$db->insertFromArray(TABLE_USERS_STATS, ['userID' => $newId, 'pageFollowers' => 0, 'likes' => 0, 'comments' => 0, 'voteUps' => 0, 'replies' => 0, 'reputation' => 0]);
//Make new user to follow all categories
BuckysForumFollower::followBasicForums($newId);
$url_protocol = "http://";
if (SITE_USING_SSL == true) {
$url_protocol = "https://";
}
//Send an email to new user with a validation link
$link = $url_protocol . $_SERVER['HTTP_HOST'] . "/register.php?action=verify&email=" . $data['email'] . "&token=" . $token;
$title = "Please verify your account.";
$body = "Dear " . $data['firstName'] . " " . $data['lastName'] . "\n\n" . "Thanks for your registration. \n" . "To complete your registration, please verify your email address by clicking the below link:. \n" . $link . "\n\n" . TNB_DOMAIN;
buckys_sendmail($data['email'], $data['firstName'] . " " . $data['lastName'], $title, $body);
return $newId;
}