/** * Set new password for user, which requested new password * * @service * @anonym * @param Gfp_Rpc_Params $params * @return Gpf_Rpc_Form */ public function setNewPassword(Gpf_Rpc_Params $params) { $response = new Gpf_Rpc_Form($params); if (!Gpf_Captcha::isValid('set_pw_captcha', $response->getFieldValue('set_pw_captcha'))) { $response->setFieldError('set_pw_captcha', $this->_("You entered invalid security code")); return $response; } Gpf_Db_Table_PasswordRequests::expireOldRequest(); $errorMessageInvalidUsername = $this->_('You entered invalid username'); $user = new Gpf_Db_AuthUser(); $user->setUsername($response->getFieldValue('username')); try { $user->loadFromData(array(Gpf_Db_Table_AuthUsers::USERNAME)); } catch (Gpf_Exception $e) { $response->setFieldError('username', $errorMessageInvalidUsername); return $response; } $errorMessage = $this->getInvalidPasswordRequestErrorMessage(); $passwordRequest = new Gpf_Db_PasswordRequest(); $passwordRequest->setId($response->getFieldValue('requestid')); try { $passwordRequest->load(); } catch (Gpf_Exception $e) { $response->setErrorMessage($errorMessage); return $response; } if ($user->getId() != $passwordRequest->getAuthUser()) { $response->setFieldError('username', $errorMessageInvalidUsername); return $response; } if ($passwordRequest->getStatus() != Gpf_Db_Table_PasswordRequests::STATUS_PENDING || $user->getUsername() != $response->getFieldValue('username')) { $response->setErrorMessage($errorMessage); return $response; } $user->setPassword($response->getFieldValue('password')); try { $user->update(array(Gpf_Db_Table_AuthUsers::PASSWORD)); } catch (Gpf_DbEngine_Row_ConstraintException $e) { $response->setErrorMessage($e->getMessage()); return $response; } $passwordRequest->setStatus(Gpf_Db_Table_PasswordRequests::STATUS_APPLIED); $passwordRequest->update(array(Gpf_Db_Table_PasswordRequests::STATUS)); $response->setInfoMessage($this->_("Your password was changed. Go back to login dialog and login.")); return $response; }