public function testSave()
{
$user = $this->user('testUser');
$form = new PasswordResetForm($user);
$password = '******';
$form->password = $password;
$form->confirm = $form->password;
$form->save();
$user->refresh();
$this->assertTrue(PasswordUtil::validatePassword($password, $user->password));
$this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id)));
}
public function actionPasswordReset($token)
{
try {
$model = new PasswordResetForm($token);
} catch (InvalidParamException $e) {
throw new BadRequestHttpException($e->getMessage());
}
if ($model->load(Yii::$app->request->post()) && $model->validate() && $model->resetPassword()) {
Yii::$app->getSession()->setFlash('success', 'Спасибо! Пароль успешно изменён.');
return $this->goHome();
}
return $this->render('passwordReset', ['model' => $model]);
}
public function testSave()
{
$user = $this->user('testUser');
$form = new PasswordResetForm($user);
$password = '******';
$form->password = $password;
$form->confirm = $form->password;
$form->save();
$user->refresh();
$this->assertTrue(PasswordUtil::validatePassword($password, $user->password));
$this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id)));
// Test validation as well, as a "bonus", since there needn't be any
// fixture loading for it, and it thus saves a few seconds when running
// the test:
$form = new PasswordResetForm($user);
$passwords = array(false => array('n#6', 'ninininini'), true => array('D83*@)1', 'this that and the next thing'));
foreach ($passwords as $good => $passes) {
foreach ($passes as $pass) {
$form->password = $pass;
$form->confirm = $pass;
$this->assertEquals($good, $form->validate(array('password')));
}
}
}
/** Constructor */
function wfSpecialResetpass($par)
{
$form = new PasswordResetForm();
$form->execute($par);
}
function resetLoginForm($error)
{
global $wgOut;
$wgOut->addWikiText("<div class=\"errorbox\">{$error}</div>");
$reset = new PasswordResetForm($this->mName, $this->mPassword);
$reset->execute();
}
function resetLoginForm($error)
{
global $wgOut;
$reset = new PasswordResetForm($this->mName, $this->mPassword);
$reset->error($error, 'error_general');
$reset->execute(null);
}
/**
* Alows a user to reset their password if they initiated a forgot password request
* @param string $id
*/
public function actionResetPassword($id = NULL)
{
$this->layout = '//layouts/main';
$this->setPageTitle(Yii::t('ciims.controllers.Site', '{{app_name}} | {{label}}', array('{{app_name}}' => Cii::getConfig('name', Yii::app()->name), '{{label}}' => Yii::t('ciims.controllers.Site', 'Reset Your password'))));
$model = new PasswordResetForm();
$model->reset_key = $id;
if (!$model->validateResetKey()) {
throw new CHttpException(403, Yii::t('ciims.controllers.Site', 'The password reset key provided is invalid'));
}
if (Cii::get($_POST, 'PasswordResetForm', false)) {
$model->attributes = $_POST['PasswordResetForm'];
if ($model->save()) {
Yii::app()->user->setFlash('success', Yii::t('ciims.controllers.Site', 'Your password has been reset, and you may now login with your new password'));
$this->redirect($this->createUrl('site/login'));
}
}
$this->render('resetpassword', array('model' => $model));
}
/**
* Reset a user's password via a really basic email verification process
*
* @param type $id ID/key of the password recovery record
*/
public function actionResetPassword($id = null)
{
if (!Yii::app()->user->isGuest) {
$this->redirect(array('/profile/changePassword', 'id' => Yii::app()->user->id));
}
$this->layout = '//layouts/login';
$scenario = 'new';
$title = Yii::t('app', 'Reset Password');
$this->pageTitle = $title;
$message = Yii::t('app', 'Enter the email address associated with your user account to request a new password and username reminder.');
$request = new PasswordReset();
$resetForm = null;
if (isset($_POST['PasswordReset'])) {
// Submitting a password reset request
$request->setAttributes($_POST['PasswordReset']);
if ($request->save()) {
$request->setScenario('afterSave');
if (!$request->validate(array('email'))) {
// Create a new model. It is done this way (adding the
// validation error to a new model) so that there is a trail
// of reset request attempts that can be counted to determine
// if the user has made too many.
$oldRequest = $request;
$request = new $request();
$request->setAttributes($oldRequest->getAttributes(array('email')), false);
$request->addErrors($oldRequest->getErrors());
} else {
// A user with the corresponding email was found. Attempt to
// send the email and whatever happens, don't display the
// form again.
$scenario = 'message';
$mail = new EmailDeliveryBehavior();
$mail->credId = Credentials::model()->getDefaultUserAccount(Credentials::$sysUseId['systemNotificationEmail'], 'email');
// Compose the message & headers
$message = Yii::t('users', "You have requested to reset the password for user {user} in {appName}.", array('{user}' => $request->user->alias, '{appName}' => Yii::app()->settings->appName));
$message .= ' ' . Yii::t('users', "To finish resetting your password, please open the following link: ");
$message .= "<br /><br />" . $this->createAbsoluteUrl('/site/resetPassword') . '?' . http_build_query(array('id' => $request->id));
$message .= "<br /><br />" . Yii::t('users', "If you did not make this request, please disregard this email.");
$recipients = array('to' => array(array('', $request->email)));
// Send the email
$status = $mail->deliverEmail($recipients, Yii::app()->settings->appName . " password reset", $message);
// Set the response message accordingly.
if ($status['code'] == 200) {
$title = Yii::t('users', 'Almost Done!');
$message = Yii::t('users', 'Check your email at {email} for ' . 'further instructions to finish resetting your password.', array('{email}' => $request->email));
} else {
$title = Yii::t('users', 'Could not send email.');
$message = Yii::t('users', 'Sending of the password reset verification email failed with message: {message}', array('{message}' => $status['message']));
}
}
} else {
if ($request->limitReached) {
$scenario = 'message';
$message = Yii::t('app', 'You have made too many requests to reset passwords. ' . 'Please wait one hour before trying again.');
}
}
} else {
if ($id !== null) {
// User might have arrived here through the link in a reset email.
$scenario = 'apply';
$request = PasswordReset::model()->findByPk($id);
if ($request instanceof PasswordReset && !$request->isExpired) {
// Reset request record exists.
$user = $request->user;
if ($user instanceof User) {
// ...and is valid (points to an existing user)
//
// Default message: the password entry form (initial request)
$message = Yii::t('users', 'Enter a new password for user "{user}" ({name}):', array('{user}' => $user->alias, '{name}' => CHtml::encode($user->firstName . ' ' . $user->lastName)));
$resetForm = new PasswordResetForm($user);
if (isset($_POST['PasswordResetForm'])) {
// Handle the form submission:
$resetForm->setAttributes($_POST['PasswordResetForm']);
if ($resetForm->save()) {
// Done, success.
$scenario = 'message';
$title = Yii::t('users', 'Password Has Been Reset');
$message = Yii::t('users', 'You should now have access ' . 'as "{user}" with the new password specified.', array('{user}' => $user->alias));
}
}
} else {
// Invalid request record; it does not correspond to an
// existing user, i.e. it's an "attempt" (entering an email
// address to see if that sticks).
$scenario = 'message';
$title = Yii::t('users', 'Access Denied');
$message = Yii::t('users', 'Invalid reset key.');
}
} else {
$scenario = 'message';
$title = Yii::t('users', 'Access Denied');
if ($request->isExpired) {
$message = Yii::t('users', 'The password reset link has expired.');
} else {
$message = Yii::t('users', 'Invalid reset link.');
}
}
}
}
$this->render('resetPassword', compact('scenario', 'title', 'message', 'request', 'resetForm'));
}
}
protected function btnResetPassword_Click()
{
$blnError = false;
if ($this->txtNewPassword->Text != $this->txtNewPassword2->Text) {
$blnError = true;
$this->txtNewPassword2->Warning = "The passwords do not match.";
} else {
if (strlen($this->txtNewPassword->Text) < 8) {
$blnError = true;
$this->txtNewPassword2->Warning = "Password must be at least 8 characters.";
}
}
if (!$blnError) {
// Reset the password
$this->objUserAccount->PasswordHash = QApplication::HashPassword(sha1($this->txtNewPassword->Text));
// Clear the password reset code and expiry
$this->objUserAccount->PasswordResetCode = null;
$this->objUserAccount->PasswordResetExpiry = null;
// Save the User Account
$this->objUserAccount->Save();
QApplication::Redirect('./reset.php?c=success');
} else {
$this->txtNewPassword->Blink();
$this->txtNewPassword2->Blink();
$this->txtNewPassword->Focus();
}
}
}
PasswordResetForm::Run('PasswordResetForm');
/**
* Allows the user to change their password if provided with a valid activation ID
* @param string $id The activation ID that was emailed to the user
*/
public function actionResetPassword($id = NULL)
{
if ($id == NULL) {
throw new CHttpException(400, 'Missing Password Reset ID');
}
$user = User::model()->findByAttributes(array('activation_key' => $id));
if ($user == NULL) {
throw new CHttpException(400, 'The password reset id you supplied is invalid');
}
$form = new PasswordResetForm();
if (isset($_POST['PasswordResetForm'])) {
$form->attributes = array('user' => $user, 'password' => $_POST['PasswordResetForm']['password'], 'password_repeat' => $_POST['PasswordResetForm']['password_repeat']);
if ($form->save()) {
$this->render('resetpasswordsuccess');
Yii::app()->end();
}
}
$this->render('resetpassword', array('passwordresetform' => $form, 'id' => $id));
}
/**
* Allows password reset
*/
public function actionResetPassword()
{
$this->layout = '//layouts/accession';
$this->pageTitle = 'Reset Password | ' . Yii::app()->name;
if (!Yii::app()->user->isGuest) {
// can't be here
$this->redirect(array('site/dashboard'));
}
$PasswordResetForm = new PasswordResetForm();
$User = new User();
$User->scenario = 'resetPassword';
if ($_GET['hash']) {
$User = User::model()->findByAttributes(array('reset_hash' => $_GET['hash']));
if (!is_null($User)) {
if ($_POST['PasswordResetForm']) {
$PasswordResetForm->attributes = $_POST['PasswordResetForm'];
if ($PasswordResetForm->validate()) {
// submitting updated password
$User->password1 = $_POST['PasswordResetForm']['password'];
$User->password2 = $_POST['PasswordResetForm']['password_repeat'];
$User->reset_hash = '';
$User->verified = 1;
if ($User->save(true, array('password', 'reset_hash', 'verified'))) {
Yii::app()->user->setFlash('success', 'We\'ve saved your new password. Please log in below');
$this->redirect(array('site/login'));
}
}
}
$User->password2 = '';
$User->password1 = '';
} else {
// Check for a contact user
$Store = $this->getContactStoreByHash($_GET['hash']);
$Accession = $Store->store2contact->accession;
if (!is_null($Store)) {
$PasswordResetForm = new PasswordResetForm();
if ($_POST['PasswordResetForm']) {
$PasswordResetForm->attributes = $_POST['PasswordResetForm'];
if ($PasswordResetForm->validate()) {
$Accession->password = hash('sha256', $_POST['PasswordResetForm']['password'] . SHASALT);
$Accession->reset_hash = '';
$Accession->save(true, array('password', 'reset_hash'));
Yii::app()->user->setFlash('success', 'We\'ve saved your new password. Please log in below');
$this->redirect(array('site/login'));
}
}
} else {
$User = new User();
$User->addError('email', 'That hash is expired or has been used. Please generate a new one below.');
unset($_GET['hash']);
}
}
} elseif ($_POST['PasswordResetForm']['email']) {
if (!strlen(trim($_POST['PasswordResetForm']['email']))) {
$User->addError('email', 'A valid email address is required.');
} else {
// trying to reset an email address
// Check admin users first
$User = User::model()->findByAttributes(array('email' => $_POST['PasswordResetForm']['email']));
if (!is_null($User)) {
// Admin user found. Send email
$User->sendPasswordResetEmail();
} else {
$Store = new Store();
// Check for a contact user
$Store = $this->getContactStore($Store->encryptEmail($_POST['PasswordResetForm']['email']));
if (!is_null($Store)) {
$Store->sendPasswordResetEmail();
} else {
$User = new User();
}
}
}
}
$this->render('resetPassword', array('User' => $User, 'PasswordResetForm' => $PasswordResetForm));
}
