function showDefaultView($option)
{
$controller = new ResetPasswordController();
// Perform the Request task
$task = JRequest::getCmd('task', 'display');
//default = display
$controller->execute($task);
// Redirect if set by the controller
$controller->redirect();
}
/**
* @param $json
* @param $email_type
* @return ErrorResponse|null|Response
*/
public static function setNewPassword($json, $email_type)
{
$response = null;
$missing_fields = UserController::validateJSONFormat($json, User::REQUIRED_PASSWORD_RESET_FIELD);
// Check that required fields are not missing
if (!$missing_fields) {
$user_mapper = new UserDBMapper();
$email = $json['email'];
$user = User::fromDBArray($user_mapper->getByEmail($email));
// Set random password
$password = ResetPasswordController::getRandomString(ResetPasswordController::PASSWORD_LENGTH);
$json['password'] = $password;
$id = $user->getId();
$reset_password_user = User::fromResetPasswordQuery($id, $json);
if ($reset_password_user) {
$db_response = $user_mapper->resetPassword($reset_password_user);
if ($db_response instanceof DBError) {
$response = new ErrorResponse($db_response);
} else {
$reset_password_user = $user_mapper->getById($id);
if ($reset_password_user) {
EmailSender::sendEmail($email, $password, $email_type);
// Sending Email notification
$response = new Response(json_encode(array('message' => ResetPasswordController::RESET_PASSWORD_ACCEPTED_MESSAGE), JSON_PRETTY_PRINT), Response::STATUS_CODE_ACCEPTED);
} else {
$response = new ErrorResponse(new NotFoundError());
}
}
}
return $response;
}
return new Response($response);
}
/**
*
* @return ErrorResponse|Response
* @throws Exception
*/
protected function create()
{
$missing_fields = UserController::validateJSONFormat($this->body, User::REQUIRED_POST_FIELDS);
// Check that required fields are not missing
if (!$missing_fields) {
$mapper = new UserDBMapper();
$user = User::fromJSON($this->body);
if ($this->isValidEmail($user->getEmail())) {
$db_response = $mapper->add($user);
if ($db_response instanceof DBError) {
$response = new ErrorResponse($db_response);
} elseif (is_numeric($db_response)) {
$this->id = $db_response;
ResetPasswordController::setNewPassword($this->body, EmailSender::REGISTER_EMAIL);
// Set random password and notify user by email
$response = $this->get();
$response->setResponseCode(Response::STATUS_CODE_CREATED);
} else {
throw new Exception("Not implemented error");
}
} else {
$response = new ErrorResponse(new DuplicateUserError());
}
} else {
$response = new ErrorResponse(new MalformedJSONFormatError($missing_fields));
}
return $response;
}
* * The page for calling the Hackademic Reset Password Controller * * Copyright (c) 2012 OWASP * * LICENSE: * * This file is part of Hackademic CMS (https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project). * * Hackademic CMS is free software: you can redistribute it and/or modify it under the terms of the GNU General Public * License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any * later version. * * Hackademic CMS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. * * You should have received a copy of the GNU General Public License along with Hackademic CMS. If not, see * <http://www.gnu.org/licenses/>. * * * @author Pragya Gupta <pragya18nsit[at]gmail[dot]com> * @author Konstantinos Papapanagiotou <conpap[at]gmail[dot]com> * @license http://www.gnu.org/licenses/gpl.html * @copyright 2012 OWASP * */ require_once "../init.php"; require_once HACKADEMIC_PATH . "controller/class.ResetPasswordController.php"; $controller = new ResetPasswordController(); echo $controller->go();
<?php
/*
* Created on Jan 25, 2011
*
*/
// no direct access
defined('_JEXEC') or die('Restricted access');
// Require the base controller
require_once JPATH_COMPONENT . DS . 'controller.php';
$controller = new ResetPasswordController();
// Perform the Request task
$task = JRequest::getCmd('task', 'display');
//default = display
$controller->execute($task);
// Redirect if set by the controller
$controller->redirect();
/**
* Test reset password
*/
public function test_reset_password_for_user_password_creates_user()
{
$this->mySetup(__DIR__ . "/basic_user_table.xml");
$new_data = ["email" => "*****@*****.**"];
$controller = new ResetPasswordController([], Response::REQUEST_METHOD_POST, $new_data, 1);
$response = $controller->getResponse();
self::assertEquals(Response::STATUS_CODE_ACCEPTED, $response->getResponseCode());
}