public function testSave() { $user = $this->user('testUser'); $form = new PasswordResetForm($user); $password = '******'; $form->password = $password; $form->confirm = $form->password; $form->save(); $user->refresh(); $this->assertTrue(PasswordUtil::validatePassword($password, $user->password)); $this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id))); }
public function actionPasswordReset($token) { try { $model = new PasswordResetForm($token); } catch (InvalidParamException $e) { throw new BadRequestHttpException($e->getMessage()); } if ($model->load(Yii::$app->request->post()) && $model->validate() && $model->resetPassword()) { Yii::$app->getSession()->setFlash('success', 'Спасибо! Пароль успешно изменён.'); return $this->goHome(); } return $this->render('passwordReset', ['model' => $model]); }
public function testSave() { $user = $this->user('testUser'); $form = new PasswordResetForm($user); $password = '******'; $form->password = $password; $form->confirm = $form->password; $form->save(); $user->refresh(); $this->assertTrue(PasswordUtil::validatePassword($password, $user->password)); $this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id))); // Test validation as well, as a "bonus", since there needn't be any // fixture loading for it, and it thus saves a few seconds when running // the test: $form = new PasswordResetForm($user); $passwords = array(false => array('n#6', 'ninininini'), true => array('D83*@)1', 'this that and the next thing')); foreach ($passwords as $good => $passes) { foreach ($passes as $pass) { $form->password = $pass; $form->confirm = $pass; $this->assertEquals($good, $form->validate(array('password'))); } } }
/** Constructor */ function wfSpecialResetpass($par) { $form = new PasswordResetForm(); $form->execute($par); }
function resetLoginForm($error) { global $wgOut; $wgOut->addWikiText("<div class=\"errorbox\">{$error}</div>"); $reset = new PasswordResetForm($this->mName, $this->mPassword); $reset->execute(); }
function resetLoginForm($error) { global $wgOut; $reset = new PasswordResetForm($this->mName, $this->mPassword); $reset->error($error, 'error_general'); $reset->execute(null); }
/** * Alows a user to reset their password if they initiated a forgot password request * @param string $id */ public function actionResetPassword($id = NULL) { $this->layout = '//layouts/main'; $this->setPageTitle(Yii::t('ciims.controllers.Site', '{{app_name}} | {{label}}', array('{{app_name}}' => Cii::getConfig('name', Yii::app()->name), '{{label}}' => Yii::t('ciims.controllers.Site', 'Reset Your password')))); $model = new PasswordResetForm(); $model->reset_key = $id; if (!$model->validateResetKey()) { throw new CHttpException(403, Yii::t('ciims.controllers.Site', 'The password reset key provided is invalid')); } if (Cii::get($_POST, 'PasswordResetForm', false)) { $model->attributes = $_POST['PasswordResetForm']; if ($model->save()) { Yii::app()->user->setFlash('success', Yii::t('ciims.controllers.Site', 'Your password has been reset, and you may now login with your new password')); $this->redirect($this->createUrl('site/login')); } } $this->render('resetpassword', array('model' => $model)); }
/** * Reset a user's password via a really basic email verification process * * @param type $id ID/key of the password recovery record */ public function actionResetPassword($id = null) { if (!Yii::app()->user->isGuest) { $this->redirect(array('/profile/changePassword', 'id' => Yii::app()->user->id)); } $this->layout = '//layouts/login'; $scenario = 'new'; $title = Yii::t('app', 'Reset Password'); $this->pageTitle = $title; $message = Yii::t('app', 'Enter the email address associated with your user account to request a new password and username reminder.'); $request = new PasswordReset(); $resetForm = null; if (isset($_POST['PasswordReset'])) { // Submitting a password reset request $request->setAttributes($_POST['PasswordReset']); if ($request->save()) { $request->setScenario('afterSave'); if (!$request->validate(array('email'))) { // Create a new model. It is done this way (adding the // validation error to a new model) so that there is a trail // of reset request attempts that can be counted to determine // if the user has made too many. $oldRequest = $request; $request = new $request(); $request->setAttributes($oldRequest->getAttributes(array('email')), false); $request->addErrors($oldRequest->getErrors()); } else { // A user with the corresponding email was found. Attempt to // send the email and whatever happens, don't display the // form again. $scenario = 'message'; $mail = new EmailDeliveryBehavior(); $mail->credId = Credentials::model()->getDefaultUserAccount(Credentials::$sysUseId['systemNotificationEmail'], 'email'); // Compose the message & headers $message = Yii::t('users', "You have requested to reset the password for user {user} in {appName}.", array('{user}' => $request->user->alias, '{appName}' => Yii::app()->settings->appName)); $message .= ' ' . Yii::t('users', "To finish resetting your password, please open the following link: "); $message .= "<br /><br />" . $this->createAbsoluteUrl('/site/resetPassword') . '?' . http_build_query(array('id' => $request->id)); $message .= "<br /><br />" . Yii::t('users', "If you did not make this request, please disregard this email."); $recipients = array('to' => array(array('', $request->email))); // Send the email $status = $mail->deliverEmail($recipients, Yii::app()->settings->appName . " password reset", $message); // Set the response message accordingly. if ($status['code'] == 200) { $title = Yii::t('users', 'Almost Done!'); $message = Yii::t('users', 'Check your email at {email} for ' . 'further instructions to finish resetting your password.', array('{email}' => $request->email)); } else { $title = Yii::t('users', 'Could not send email.'); $message = Yii::t('users', 'Sending of the password reset verification email failed with message: {message}', array('{message}' => $status['message'])); } } } else { if ($request->limitReached) { $scenario = 'message'; $message = Yii::t('app', 'You have made too many requests to reset passwords. ' . 'Please wait one hour before trying again.'); } } } else { if ($id !== null) { // User might have arrived here through the link in a reset email. $scenario = 'apply'; $request = PasswordReset::model()->findByPk($id); if ($request instanceof PasswordReset && !$request->isExpired) { // Reset request record exists. $user = $request->user; if ($user instanceof User) { // ...and is valid (points to an existing user) // // Default message: the password entry form (initial request) $message = Yii::t('users', 'Enter a new password for user "{user}" ({name}):', array('{user}' => $user->alias, '{name}' => CHtml::encode($user->firstName . ' ' . $user->lastName))); $resetForm = new PasswordResetForm($user); if (isset($_POST['PasswordResetForm'])) { // Handle the form submission: $resetForm->setAttributes($_POST['PasswordResetForm']); if ($resetForm->save()) { // Done, success. $scenario = 'message'; $title = Yii::t('users', 'Password Has Been Reset'); $message = Yii::t('users', 'You should now have access ' . 'as "{user}" with the new password specified.', array('{user}' => $user->alias)); } } } else { // Invalid request record; it does not correspond to an // existing user, i.e. it's an "attempt" (entering an email // address to see if that sticks). $scenario = 'message'; $title = Yii::t('users', 'Access Denied'); $message = Yii::t('users', 'Invalid reset key.'); } } else { $scenario = 'message'; $title = Yii::t('users', 'Access Denied'); if ($request->isExpired) { $message = Yii::t('users', 'The password reset link has expired.'); } else { $message = Yii::t('users', 'Invalid reset link.'); } } } } $this->render('resetPassword', compact('scenario', 'title', 'message', 'request', 'resetForm')); }
} protected function btnResetPassword_Click() { $blnError = false; if ($this->txtNewPassword->Text != $this->txtNewPassword2->Text) { $blnError = true; $this->txtNewPassword2->Warning = "The passwords do not match."; } else { if (strlen($this->txtNewPassword->Text) < 8) { $blnError = true; $this->txtNewPassword2->Warning = "Password must be at least 8 characters."; } } if (!$blnError) { // Reset the password $this->objUserAccount->PasswordHash = QApplication::HashPassword(sha1($this->txtNewPassword->Text)); // Clear the password reset code and expiry $this->objUserAccount->PasswordResetCode = null; $this->objUserAccount->PasswordResetExpiry = null; // Save the User Account $this->objUserAccount->Save(); QApplication::Redirect('./reset.php?c=success'); } else { $this->txtNewPassword->Blink(); $this->txtNewPassword2->Blink(); $this->txtNewPassword->Focus(); } } } PasswordResetForm::Run('PasswordResetForm');
/** * Allows the user to change their password if provided with a valid activation ID * @param string $id The activation ID that was emailed to the user */ public function actionResetPassword($id = NULL) { if ($id == NULL) { throw new CHttpException(400, 'Missing Password Reset ID'); } $user = User::model()->findByAttributes(array('activation_key' => $id)); if ($user == NULL) { throw new CHttpException(400, 'The password reset id you supplied is invalid'); } $form = new PasswordResetForm(); if (isset($_POST['PasswordResetForm'])) { $form->attributes = array('user' => $user, 'password' => $_POST['PasswordResetForm']['password'], 'password_repeat' => $_POST['PasswordResetForm']['password_repeat']); if ($form->save()) { $this->render('resetpasswordsuccess'); Yii::app()->end(); } } $this->render('resetpassword', array('passwordresetform' => $form, 'id' => $id)); }
/** * Allows password reset */ public function actionResetPassword() { $this->layout = '//layouts/accession'; $this->pageTitle = 'Reset Password | ' . Yii::app()->name; if (!Yii::app()->user->isGuest) { // can't be here $this->redirect(array('site/dashboard')); } $PasswordResetForm = new PasswordResetForm(); $User = new User(); $User->scenario = 'resetPassword'; if ($_GET['hash']) { $User = User::model()->findByAttributes(array('reset_hash' => $_GET['hash'])); if (!is_null($User)) { if ($_POST['PasswordResetForm']) { $PasswordResetForm->attributes = $_POST['PasswordResetForm']; if ($PasswordResetForm->validate()) { // submitting updated password $User->password1 = $_POST['PasswordResetForm']['password']; $User->password2 = $_POST['PasswordResetForm']['password_repeat']; $User->reset_hash = ''; $User->verified = 1; if ($User->save(true, array('password', 'reset_hash', 'verified'))) { Yii::app()->user->setFlash('success', 'We\'ve saved your new password. Please log in below'); $this->redirect(array('site/login')); } } } $User->password2 = ''; $User->password1 = ''; } else { // Check for a contact user $Store = $this->getContactStoreByHash($_GET['hash']); $Accession = $Store->store2contact->accession; if (!is_null($Store)) { $PasswordResetForm = new PasswordResetForm(); if ($_POST['PasswordResetForm']) { $PasswordResetForm->attributes = $_POST['PasswordResetForm']; if ($PasswordResetForm->validate()) { $Accession->password = hash('sha256', $_POST['PasswordResetForm']['password'] . SHASALT); $Accession->reset_hash = ''; $Accession->save(true, array('password', 'reset_hash')); Yii::app()->user->setFlash('success', 'We\'ve saved your new password. Please log in below'); $this->redirect(array('site/login')); } } } else { $User = new User(); $User->addError('email', 'That hash is expired or has been used. Please generate a new one below.'); unset($_GET['hash']); } } } elseif ($_POST['PasswordResetForm']['email']) { if (!strlen(trim($_POST['PasswordResetForm']['email']))) { $User->addError('email', 'A valid email address is required.'); } else { // trying to reset an email address // Check admin users first $User = User::model()->findByAttributes(array('email' => $_POST['PasswordResetForm']['email'])); if (!is_null($User)) { // Admin user found. Send email $User->sendPasswordResetEmail(); } else { $Store = new Store(); // Check for a contact user $Store = $this->getContactStore($Store->encryptEmail($_POST['PasswordResetForm']['email'])); if (!is_null($Store)) { $Store->sendPasswordResetEmail(); } else { $User = new User(); } } } } $this->render('resetPassword', array('User' => $User, 'PasswordResetForm' => $PasswordResetForm)); }