/** * AccountController::lost_password() * * @param string $key * @return void */ public function lost_password($key = null) { if ($this->Common->isPosted()) { $keyToCheck = $this->request->data('Form.key'); } elseif (!empty($key)) { $keyToCheck = $key; } if (!empty($keyToCheck)) { $this->Token = ClassRegistry::init('Tools.Token'); $key = $this->Token->useKey('reset_pwd', $keyToCheck); if (!empty($key) && $key['Token']['used'] == 1) { $this->Common->flashMessage(__('alreadyChangedYourPassword'), 'warning'); } elseif (!empty($key)) { $uid = $key['Token']['user_id']; $this->Session->write('Auth.Tmp.id', $uid); $this->redirect(array('action' => 'change_password')); } else { $this->Common->flashMessage(__('Invalid Key'), 'error'); } } elseif (!empty($this->request->data['Form']['login'])) { $this->User->Behaviors->attach('Tools.Captcha'); unset($this->User->validate['email']['isUnique']); $this->User->set($this->request->data); // Validate basic email scheme and captcha input. if ($this->User->validates()) { $res = $this->User->find('first', array('fields' => array('username', 'id', 'email'), 'conditions' => array('email' => $this->request->data['Form']['login']))); // Valid user found to this email address if (!empty($res)) { $uid = $res['User']['id']; $this->Token = ClassRegistry::init('Tools.Token'); $cCode = $this->Token->newKey('reset_pwd', null, $uid); if (Configure::read('debug') > 0) { $debugMessage = 'DEBUG MODE: Show activation key - ' . h($res['User']['username']) . ' | ' . $cCode; $this->Common->flashMessage($debugMessage, 'info'); } // Send email Configure::write('Email.live', true); App::uses('EmailLib', 'Tools.Lib'); $this->Email = new EmailLib(); $this->Email->to($res['User']['email'], $res['User']['username']); $this->Email->subject(Configure::read('Config.pageName') . ' - ' . __('Password request')); $this->Email->template('lost_password'); $this->Email->viewVars(compact('cCode')); if ($this->Email->send()) { // Confirmation output App::uses('FormatHelper', 'Tools.View/Helper'); $email = h(FormatHelper::hideEmail($res['User']['email'])); $this->Common->flashMessage(__('An email with instructions has been send to \'%s\'.', $email), 'success'); $this->Common->flashMessage(__('In a third step you will then be able to change your password.'), 'success'); } else { $this->Common->flashMessage(__('Confirmation Email could not be sent. Please consult an admin.'), 'error'); } return $this->redirect(array('action' => 'lost_password')); } $this->Common->flashMessage(__('No account has been found for \'%s\'', $this->request->data['Form']['login']), 'error'); } } $this->helpers = array_merge($this->helpers, array('Tools.Captcha')); }