public function actionPassword($code = null) { $message = null; $model = null; $user = $code ? User::findOne(['code' => $code]) : Yii::$app->user->identity; if ($user) { $model = new Password(['scenario' => $code ? 'reset' : 'default', 'user' => $user]); if ($model->load(Yii::$app->request->post()) && $model->validate()) { if ($code) { $user->code = null; if (!$user->auth) { $user->generateAuthKey(); } $user->setPassword($model->new_password); if ($user->save()) { return $this->redirect(['user/login']); } else { $message = 'User validation error'; } } else { if ($user->validatePassword($model->password)) { $user->setPassword($model->new_password); if ($user->save()) { return $this->redirect(['user/view', 'name' => $user->name]); } else { $message = 'User validation error'; } } else { $model->addError('password', Yii::t('app', 'Invalid password')); } } } } else { $message = Yii::t('app', 'Invalid code'); } return $this->render('password', ['model' => $model, 'message' => $message]); }
public function actionPassword($code = null, $name = null) { /** @var User $user */ $message = null; $model = null; if (isset($_POST['name'])) { $name = $_POST['name']; } if ($name) { if (Yii::$app->user->identity->isAdmin() || $name == Yii::$app->user->identity->name) { $user = User::findOne(['name' => $name]); } else { throw new ForbiddenHttpException(); } } else { $user = $code ? User::findOne(['code' => $code]) : Yii::$app->user->identity; } if ($user) { $model = new Password(['scenario' => $code || $name ? 'reset' : 'default', 'user' => $user]); if ($model->load(Yii::$app->request->post()) && $model->validate()) { if ('reset' == $model->scenario) { $user->code = null; if (!$user->auth) { $user->generateAuthKey(); } $user->setPassword($model->new_password); if ($user->save()) { Yii::$app->session->addFlash('success', Yii::t('app', 'Password saved')); return Yii::$app->user->isGuest ? $this->redirect(['user/login']) : $this->redirect(['user/view', 'name' => $user->name]); } else { $message = json_encode($user->errors, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE); } } else { if ($user->validatePassword($model->password)) { $user->setPassword($model->new_password); if ($user->save()) { Yii::$app->session->addFlash('success', Yii::t('app', 'Password saved')); return $this->redirect(['user/view', 'name' => $user->name]); } else { $message = json_encode($user->errors, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE); } } else { $model->addError('password', Yii::t('app', 'Invalid password')); } } } } else { $message = Yii::t('app', 'Invalid code'); } return $this->render('password', ['model' => $model, 'message' => $message]); }