public function POST() { $policy = new Policy_LoggedIn($this->app); $policy->ensure(); $userid = $policy->getData(); $mapper = new Mapper_User(); $user = $mapper->getUserById($userid); $app = Config::get('app'); $request = $this->app->request(); $email = trim($request->post('email')); if (!$email) { $this->error("Email is a required field."); } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $this->error("Invalid email format."); } $possibleUser = $mapper->getUserByEmail($email); if ($possibleUser && $possibleUser['id'] != $userid) { $this->error("A user with that email address already exists."); } $oldPassword = trim($request->post('old_password')); $newPassword = trim($request->post('new_password')); if ($oldPassword && !$newPassword || !$oldPassword && $newPassword) { $this->error("You must enter both your old and your new passwords."); } else { if ($oldPassword && $newPassword) { if ($user['password_hash'] != Mapper_User::generateHash($oldPassword)) { $this->error("Old password is incorrect."); } if (strlen($newPassword) < 5 || strlen($newPassword) > 15) { $this->error("New password must be between 5 and 15 characters."); } if (!ctype_alnum($newPassword)) { $this->error("Invalid password. Only letters and numbers are allowed."); } $mapper->updatePasswordForUser($userid, $newPassword); } } $mapper->updateEmailForUser($userid, $email); $this->success(); }
public function POST() { $policy = new Policy_LoggedIn($this->app); $policy->ensure(); $userid = $policy->getData(); $request = $this->app->request(); $tempPassword = $request->post('password'); $user_mapper = new Mapper_User(); $user = $user_mapper->getUserById($userid); if ($user['password_hash'] != Mapper_User::generateHash($tempPassword)) { $this->error("The password you entered was invalid."); } else { // Delete settings $settings_mapper = new Mapper_Settings(); $settings_mapper->deleteAllSettingsForUser($userid); // Delete weights $weight_mapper = new Mapper_Weight(); $weight_mapper->deleteAllWeightsForUser($userid); // Delete user last $user_mapper->deleteUserById($userid); $this->success(); } }
public function POST() { $policy = new Policy_LoggedOut($this->app); $policy->ensure(); $request = $this->app->request(); $username = trim($request->post('username')); $password = trim($request->post('password')); if ($username == "" || $password == "") { $this->error("Both fields are required."); } $user_mapper = new Mapper_User(); $user = $user_mapper->getUserByUsername($username); if (!$user) { $user = $user_mapper->getUserByEmail($username); if (!$user) { $this->error("Invalid user name or password."); } } $hash = Mapper_User::generateHash($password); if ($user['password_hash'] !== $hash) { $this->error("Invalid user name or password."); } $this->success($user['id']); }