public function do_change()
{
$token = $this->input->post("token");
$pass = $this->input->post("password");
$pass2 = $this->input->post("password2");
$query = $this->db->get_where("users", array("token" => $token));
if ($query->num_rows()) {
$row = $query->row();
if (strlen($pass) < 4) {
$alert_msg = '<div class="alert alert-warning">Password too short.</div>';
$this->load->view('forgot_pass_change', array('token' => $token, 'alert_msg' => $alert_msg));
} else {
if ($pass != $pass2) {
$alert_msg = '<div class="alert alert-warning">Passwords do not match.</div>';
$this->load->view('forgot_pass_change', array('token' => $token, 'alert_msg' => $alert_msg));
} else {
$this->db->where(array('id' => $row->id));
$this->db->update("users", array('password' => ts_hash($pass), 'token' => random_string('unique')));
$alert_msg = '<div class="alert alert-success">Password changed successfully! Please return to <a href="' . base_url("login") . '">login</a> page.</div>';
$this->load->view('forgot_pass_change', array('alert_msg' => $alert_msg));
}
}
} else {
redirect("fpw?reason=verify_fail");
}
}
public function do_login()
{
$username = $this->input->post('username');
$password = ts_hash($this->input->post('password'));
$status = 1;
$message = '';
$query = $this->model->login($username, $password);
if ($query->num_rows()) {
$row = $query->row();
switch ($row->status) {
case 0:
$status = 0;
$message = sprintf('Account not yet verified. <br /><a href="%s">Resend Verification?</a>', base_url('signup/resend_verification?token=' . $row->token . '&t=' . strtotime('now')));
break;
case 2:
$status = 0;
$message = 'This account has been banned.';
break;
default:
$uniqueToken = random_string('unique');
$this->model->user_update(array('last_active' => today(), 'token' => $uniqueToken), array('id' => $row->id));
$sessData = array('user_id' => $row->id, 'username' => $row->username, 'userlevel' => $row->userlevel, 'display_name' => $row->display_name, 'email_address' => $row->email_address, 'token' => $uniqueToken);
$this->session->set_userdata($sessData);
$message = $uniqueToken;
}
} else {
$status = 0;
$message = 'Incorrect Username / Password.';
}
generate_json(array('status' => $status, 'message' => $message));
}
private function do_signup()
{
if ($_POST) {
$username = $this->input->post('username');
$fullname = $this->input->post('fullname');
$email = $this->input->post('email');
$gender = $this->input->post('gender');
$password = $this->input->post('password');
$password2 = $this->input->post('password2');
$alertMsg = '';
$this->form_validation->set_rules('username', 'Username', 'required|trim|alpha_numeric|min_length[4]|max_length[20]|is_unique[users.username]');
$this->form_validation->set_rules('fullname', 'Display name', 'required|alpha_numeric_spaces|max_length[30]');
$this->form_validation->set_rules('email', 'Email address', 'required|valid_email|is_unique[users.email_address]');
$this->form_validation->set_rules('password', 'Password', 'required|min_length[4]|max_length[20]');
$this->form_validation->set_rules('password2', 'Confirm Password', 'matches[password]');
$this->form_validation->set_message('required', '%s is required.');
$this->form_validation->set_message('alpha_numeric', '%s must be alpha numeric only.');
$this->form_validation->set_message('alpha_numeric_spaces', '%s must be letters, numbers and spaces only.');
$this->form_validation->set_message('valid_email', 'Invalid %s.');
$this->form_validation->set_message('is_unique', '%s already exists.');
$this->form_validation->set_message('min_length', '%s must contain atleast %d characters.');
$this->form_validation->set_message('max_length', '%s too long, allowed up to %d characters only.');
$this->form_validation->set_message('matches', 'Passwords do not match.');
$this->form_validation->set_error_delimiters('', '|');
if ($this->form_validation->run()) {
$emailVerification = $this->siteinfo->config('signup_verification');
/* SUCCESS MESSAGE */
$successMsg = array(sprintf('<div class="alert alert-success">Thank you for joining %s we are happy to have you here. You can now <a href="%s">Login</a>.</div>', ucfirst($this->siteinfo->config('site_name')), base_url()), '<div class="alert alert-danger">Thanks for joining, We have send you an email confirmation to validate your account.</div>');
$alertMsg .= $emailVerification ? $successMsg[1] : $successMsg[0];
/* SUCCESS MESSAGE END */
//Inserts to database
$mData = array('userlevel' => 0, 'username' => $username, 'email_address' => $email, 'password' => ts_hash($password), 'display_name' => $fullname, 'date_registered' => today(), 'last_active' => NULL, 'status' => $emailVerification ? 0 : 1, 'token' => random_string('unique'));
$newID = $this->mdb->users_add($mData);
$genders = $this->config->item('genders');
if ($newID) {
$this->mdb->users_info_add(array('user_id' => $newID, 'firstname' => '', 'middlename' => '', 'lastname' => '', 'gender' => in_array($gender, $genders) ? $gender : $genders[0], 'timezone' => $this->siteinfo->config('timezone'), 'location' => '', 'contact_number' => '', 'company' => '', 'profile_pic' => '', 'email_privacy' => 1));
}
//Process Email Notification
if ($emailVerification) {
}
//Clear fields after Success
$username = '';
$fullname = '';
$email = '';
$password = '';
$password2 = '';
} else {
$errors = validation_errors();
$errorsArr = explode("|", $errors);
$alertMsg = '<div class="alert alert-warning">';
$alertMsg .= isset($errorsArr[0]) ? $errorsArr[0] : 'Unknown error!';
$alertMsg .= '</div>';
}
return array('alert_msg' => $alertMsg, 'username' => htmlentities($username), 'fullname' => htmlentities($fullname), 'email' => htmlentities($email), 'password' => htmlentities($password), 'password2' => htmlentities($password2));
}
}
public function index()
{
$myID = getUserID();
$new_pass = jsonInput('password');
$re_type_pass = jsonInput('password2');
if ($new_pass != $re_type_pass) {
generate_json(array('status' => 0, 'message' => 'Password does not match.'));
} elseif (strlen($new_pass) < 4) {
generate_json(array('status' => 0, 'message' => 'Password too short.'));
} else {
$where = array('id' => $myID);
$this->mdb->update_user($where, array('password' => ts_hash($new_pass)));
generate_json(array('status' => 1, 'message' => 'Password successfuly changed.'));
}
}
