use com\indigloo\Util; use com\indigloo\Url; use com\indigloo\exception\UIException; if (isset($_POST['save']) && $_POST['save'] == 'Save') { $gWeb = \com\indigloo\core\Web::getInstance(); $fvalues = array(); $fUrl = \com\indigloo\Url::tryFormUrl("fUrl"); try { $fhandler = new Form\Handler('web-form-1', $_POST); $fhandler->addRule('email', 'Email', array('maxlength' => 64, 'required' => 1)); $fvalues = $fhandler->getValues(); if ($fhandler->hasErrors()) { throw new UIException($fhandler->getErrors()); } $userDao = new \com\indigloo\sc\dao\User(); $user = $userDao->getOnEmail($fvalues['email']); if (empty($user)) { $message = "Error: We did not find any account with this email!"; throw new UIException(array($message)); } $mailDao = new \com\indigloo\sc\dao\Mail(); $mailDao->addResetPassword($user['name'], $fvalues['email']); $message = "Success! You will receive an email soon!"; $gWeb->store(Constants::STICKY_MAP, $fvalues); $gWeb->store(Constants::FORM_MESSAGES, array($message)); header("Location: " . $fUrl); exit; } catch (UIException $ex) { $gWeb->store(Constants::STICKY_MAP, $fvalues); $gWeb->store(Constants::FORM_ERRORS, $ex->getMessages()); header("Location: " . $fUrl);
$qUrl = base64_decode($fvalues['qUrl']); if ($fhandler->hasErrors()) { throw new UIException($fhandler->getErrors()); } //form token $session_token = $gWeb->find("change.password.token", true); if ($fvalues['ftoken'] != $session_token) { $message = "form token does not match the value stored in session"; throw new UIException(array($message)); } //decrypt email $email = $gWeb->find("change.password.email", true); $email = Util::decrypt($email); $userDao = new \com\indigloo\sc\dao\User(); //@test with email that can cause issues with encoding! $userDBRow = $userDao->getOnEmail($email); //send raw password $email = strtolower(trim($email)); $password = trim($_POST['password']); WebglooUser::changePassword('sc_user', $userDBRow['login_id'], $email, $password); //success $gWeb->store(Constants::FORM_MESSAGES, array("password changed successfully!")); header("Location: " . $qUrl); exit(1); } catch (UIException $ex) { $gWeb->store(Constants::STICKY_MAP, $fvalues); $gWeb->store(Constants::FORM_ERRORS, $ex->getMessages()); header("Location: " . $fUrl); exit(1); } }