public function changePassword($redirect, $checkCurrentPassword = true)
{
$currentPassword = $this->getModel()->getPassword();
$this->setFromPost();
$newPassword = Util\Converter::string('passwordnew', 'post');
$fields = [];
$fields['token'] = $this->validateToken();
if ($checkCurrentPassword) {
$fields['password'] = $this->validatePassword();
}
$fields['passwordnew'] = Util\Validate::validate('passwordnew', $newPassword, ['password' => true, 'required' => true, 'minLength' => 4, 'maxLength' => 40, 'different' => $this->getModel()->getPassword()]);
$this->getValidation()->setFields($fields);
if ($this->getValidation()->isValid()) {
if (!$checkCurrentPassword || Service::validatePassword($currentPassword, $this->getModel()->getPassword())) {
$this->getModel()->setPassword(Util\Security::encryptPassword($newPassword));
\Rebond\Core\User\Data::savePassword($this->getModel());
\Rebond\Core\UserSecurity\Data::deleteSecure($this->getModel()->getId(), \Rebond\Core\UserSecurity\Model::RESET);
Util\Session::allSuccess('passwordChanged', $redirect);
} else {
Util\Session::set('allError', Util\Lang::lang('errorWrongPassword'));
}
} else {
Util\Session::set('allError', $this->getValidation()->getMessage());
}
}
public static function signOut(\Rebond\Core\User\Model $user)
{
Data::deleteSecure($user->getId());
setcookie('signedUser', '', time() - 3600, '/', Util\Nav::removePort(\Rebond\Config::getPath('siteUrl')));
session_destroy();
session_write_close();
header('Location: /');
exit;
}
public function forgotPassword()
{
$signedUser = $this->app->user();
// auth
if (Util\Auth::isAuth($signedUser)) {
header('Location: /profile');
exit;
}
$form = new \Rebond\Core\User\Form($signedUser);
$tpl = new Util\Template(Util\Template::MODULE, ['app', 'User']);
// action
// request
$requestForgotPassword = Util\Converter::string('requestForgotPassword', 'post');
if (isset($requestForgotPassword)) {
$email = Util\Converter::string('email', 'post');
$user = \Rebond\Core\User\Data::loadByEmail($email);
if (isset($user)) {
Mail::resetPassword($this->app->site()->getTitle(), $user);
return $tpl->render('forgot-password-send');
} else {
Util\Session::set('siteError', 'email address not found');
}
}
// reset password form
$reset = Util\Converter::string('reset');
if (isset($reset)) {
$user = \Rebond\Core\UserSecurity\Data::loadBySecure($reset, \Rebond\Core\UserSecurity\Model::RESET);
if (isset($user)) {
$form = new \Rebond\Core\User\Form($user);
// reset password
$resetPassword = Util\Converter::string('resetPassword', 'post');
if (isset($resetPassword)) {
$form->changePassword('/profile', false);
}
$tpl = new Util\Template(Util\Template::MODULE, ['app', 'User']);
$tpl->set('item', $form);
$tpl->set('checkCurrentPassword', false);
return $tpl->render('password-change');
}
}
$tpl = new Util\Template(Util\Template::MODULE, ['app', 'User']);
$tpl->set('item', $form);
return $tpl->render('forgot-password');
}
public function user()
{
if (isset($this->signedUser)) {
return $this->signedUser;
}
if ($this->step != Config::STEP_RUNNING) {
return new \Rebond\Core\User\Model();
}
$session = Util\Session::int('signedUser');
$cookie = Util\Converter::string('signedUser', 'cookie');
if ($session != 0) {
$this->signedUser = \Rebond\Core\User\Data::loadById($session);
} else {
if ($cookie != '') {
$this->signedUser = \Rebond\Core\UserSecurity\Data::loadBySecure($cookie, \Rebond\Core\UserSecurity\Model::REMEMBER);
}
}
if (isset($this->signedUser) && $this->signedUser->getId() != 0) {
if ($this->signedUser->getIsDev()) {
$this->setLogLevel(Config::ENV_LOCAL);
}
if ($session != $this->signedUser->getId()) {
Util\Session::set('signedUser', $this->signedUser->getId());
}
return $this->signedUser;
}
return new \Rebond\Core\User\Model();
}