/** Retrieve a password for a user * @access public * @return void */ public function forgottenAction() { if ($this->_auth->getIdentity()) { $this->getFlash()->addMessage('You are already logged in.'); $this->_redirect('/users'); } $form = new ForgotPasswordForm(); $this->view->form = $form; if ($this->getRequest()->isPost() && $form->isValid($this->_request->getPost())) { if ($form->isValid($form->getValues())) { $results = $this->_users->findUser($form->getValue('email'), $form->getValue('username')); if ($results) { $length = 6; $newKey = ""; // define possible characters $possible = "0123456789bcdfghjkmnpqrstvwxyz"; $i = 0; // add random characters to $password until $length is reached while ($i < $length) { // pick a random character from the possible ones $char = substr($possible, mt_rand(0, strlen($possible) - 1), 1); // we don't want this character if it's already in the password if (!strstr($newKey, $char)) { $newKey .= $char; $i++; } } $updatesdata = array('activationKey' => $newKey); $to = array(array('email' => $form->getValue('email'), 'name' => $results[0]['fullname'])); $assignData = array_merge($results[0], array('activationKey' => $newKey), $form->getValues()); $this->_helper->mailer($assignData, 'forgottenPassword', $to); $where = array(); $where[] = $this->_users->getAdapter()->quoteInto('username = ?', (string) $form->getValue('username')); $where[] = $this->_users->getAdapter()->quoteInto('email = ?', (string) $form->getValue('email')); $this->_users->update($updatesdata, $where); $assignData = array_merge($updatesdata, $form->getValues()); $this->getFlash()->addMessage('Please check your email'); $this->_redirect('/users/account/resetpassword'); } else { $this->getFlash()->addMessage('Either your email address/or username is incorrect.'); } } else { $this->getFlash()->addMessage('You have not filled in the form correctly'); } } }
/** Retrieve a password */ public function forgottenAction() { if ($this->_auth->getIdentity()) { $this->_flashMessenger->addMessage('You are already logged in, reset your password if you have forgotten it!'); $this->_redirect('/users'); } $form = new ForgotPasswordForm(); $this->view->form = $form; if ($this->getRequest()->isPost() && $form->isValid($this->_request->getPost())) { if ($form->isValid($form->getValues())) { $email = $formData['email']; $username = $formData['username']; $results = $this->_users->findUser($form->getValue('email'), $form->getValue('username')); if ($results) { $length = 6; $password = ""; // define possible characters $possible = "0123456789bcdfghjkmnpqrstvwxyz"; $i = 0; // add random characters to $password until $length is reached while ($i < $length) { // pick a random character from the possible ones $char = substr($possible, mt_rand(0, strlen($possible) - 1), 1); // we don't want this character if it's already in the password if (!strstr($password, $char)) { $password .= $char; $i++; } } $updatesdata = array('password' => SHA1($this->_helper->config->auth->salt . $password)); $to = array(array('email' => $form->getValue('email'), 'name' => $results[0]['fullname'])); $assignData = array_merge($results[0], array('password' => $password), $form->getValues()); $this->_helper->mailer($assignData, 'forgottenPassword', $to); $where = array(); $where[] = $this->_users->getAdapter()->quoteInto('username = ?', (string) $username); $where[] = $this->_users->getAdapter()->quoteInto('email = ?', (string) $email); $this->_users->update($updatesdata, $where); $assignData = array_merge($updatesdata, $form->getValues()); $this->_flashMessenger->addMessage('A new password has been sent to you'); $this->_redirect('/users/'); } else { $this->_flashMessenger->addMessage('Either your email address/or username is incorrect.'); } } else { $this->_flashMessenger->addMessage('You have not filled in the form correctly. Please check the error messages below.'); } } }