public function resend_verification($redirect = TRUE) { $this->load->helper(array('uuid', 'random')); $this->load->model('pending_email_model'); // Don't send one if already verified $user = $this->user_model->getUserById($_SESSION['user_id']); if (!$_SESSION['email_verified']) { $this->pending_email_model->deleteVerificationByUserId($_SESSION['user_id']); $this->pending_email_model->createVerification(generateUUIDv4(), $_SESSION['user_id'], generateRandomHexString(8), time()); $this->session->set_flashdata('verification_sent', TRUE); } if ($redirect) { redirect('/settings', 200); } }
public function index() { $this->load->library('form_validation'); if (!empty($_POST)) { $this->form_validation->set_rules($this->SIGN_UP_RULES); if ($this->form_validation->run()) { // Check if IP address is currently banned $ban_record = $this->user_ban_model->getActiveByIpAddress($this->input->ip_address()); if ($ban_record !== FALSE) { $this->data['banned'] = TRUE; $this->data['ban'] = array('title' => 'Registration Failed', 'message' => "Account registrations are disabled for this machine", 'reason' => $ban_record->reason); } else { $data = array('first_name' => $this->input->post('signup_first_name'), 'last_name' => $this->input->post('signup_last_name'), 'username' => $this->input->post('signup_username'), 'email' => $this->input->post('signup_email'), 'password' => password_hash($this->input->post('signup_password'), PASSWORD_DEFAULT), 'created' => time(), 'updated' => time()); $this->db->trans_start(); $user_id = $this->user_model->createUser($data); // Add to User role $this->load->model('role_model'); $role = $this->role_model->getByKeyName(ROLE_USER); $this->user_role_assoc_model->addUserToRole($user_id, $role->id); // Pending e-mail $this->load->model('pending_email_model'); $this->load->helper('uuid'); $this->load->helper('random'); $id = generateUUIDv4(); $code = generateRandomHexString(8); $this->pending_email_model->createVerification($id, $user_id, $code, time()); $this->db->trans_complete(); if ($this->db->trans_status()) { $this->data['title'] = 'Asynctive | Registration Complete'; $this->data['registration_successful'] = TRUE; $this->data['email'] = $data['email']; $this->load->library('email'); $this->email->from($this->config->item('verify_email_sender')); $this->email->to($data['email']); $this->email->subject('Verify Your Account'); $message = '<html><body><a href="' . $this->config->item('site_address') . '/verify/' . $id . '/' . $code . '">Click here</a> to verify your Asynctive account</body></html>'; $this->email->message($message); $this->email->send(); } } // IP ban check } // Form validation } // Post data $this->_render('pages/sign_up.php'); }
public function index($id = null, $code = null) { // Don't access this page if logged in if (array_key_exists('user_id', $_SESSION)) { redirect('/admin/main', 200); } // Request form if ($id === null || $code === null) { // Send request if (!empty($_POST)) { $username = trim($this->input->post('pwreset_username')); $record = $this->user_model->getUserByUsername($username); // Record exists if ($record !== FALSE) { $this->_getUserRoles($record->id); // Has permission if ($this->roles->hasPermission($this->userRoles, PERMISSION_VIEW_ADMIN_PANEL)) { $this->load->model('password_reset_model'); $this->load->helper('uuid'); $this->load->helper('random'); $data = array('id' => generateUUIDv4(), 'user_id' => $record->id, 'code' => generateRandomHexString(8), 'remote_ip' => $this->input->ip_address(), 'created' => time(), 'expires' => time() + $this->config->item('password_reset_expire_time')); $this->db->trans_start(); $this->password_reset_model->deactivateResetsByUserId($record->id); $this->password_reset_model->createReset($data); $this->db->trans_complete(); if ($this->db->trans_status()) { $this->data['reset_sent'] = TRUE; $this->data['reset_username'] = $username; $this->_sendResetEmail($data, $record); } } else { $this->data['reset_error'] = 'That user does not have access to the admin panel'; } } else { $this->data['reset_error'] = 'Sorry but a valid user was not found'; } } } else { $this->load->model('password_reset_model'); $record = $this->password_reset_model->getActiveResetByIdAndCode($id, $code); // Reset found if ($record !== FALSE) { // Resetting $this->data['resetting'] = TRUE; $this->load->library('form_validation'); if (!empty($_POST)) { $this->form_validation->set_rules(array(array('field' => 'pwreset_new_password', 'label' => 'New Password', 'rules' => 'required|min_length[8]|callback__checkPassword'), array('field' => 'pwreset_confirm_password', 'label' => 'Confirm New Password', 'rules' => 'required|matches[pwreset_new_password]'))); if ($this->form_validation->run()) { $new_password = $this->input->post('pwreset_new_password'); $this->db->trans_start(); $this->password_reset_model->deactivateResetsByUserId($record->user_id); $this->user_model->updateUserById(array('password' => password_hash($new_password, PASSWORD_DEFAULT)), $record->user_id); $this->db->trans_complete(); if ($this->db->trans_status()) { $this->_sendStatusEmail($record->email); $this->data['reset_complete'] = TRUE; } } } } else { $this->data['reset_error'] = 'This password reset is invalid or no longer exists'; } } $this->_render('admin/pwreset.php'); }
public function index($id = null, $code = null) { // Check if logged in if (isset($_SESSION['user_id'])) { redirect('/', 200); } $this->load->library('form_validation'); // Request form if ($id == null) { if (empty($_POST)) { $this->_render('pages/pwreset.php'); } else { $username = trim($this->input->post('pwreset_username')); $email = trim($this->input->post('pwreset_email')); $user_record = FALSE; if ($username !== '') { $user_record = $this->user_model->getUserByUsername($username); } else { if ($email !== '') { $user_record = $this->user_model->getUserByEmail($email); } } if ($user_record === FALSE) { $this->data['reset_error'] = 'Sorry but a valid user was not found'; } else { $this->load->model('password_reset_model'); $this->load->helper('random'); $this->load->helper('uuid'); $data = array('id' => generateUUIDv4(), 'user_id' => $user_record->id, 'code' => generateRandomHexString(8), 'remote_ip' => $this->input->ip_address(), 'created' => time(), 'expires' => time() + $this->config->item('password_reset_expire_time')); $this->db->trans_start(); $this->password_reset_model->deactivateResetsByUserId($user_record->id); $this->password_reset_model->createReset($data); $this->db->trans_complete(); if ($this->db->trans_status() == TRUE) { $this->_sendResetEmail($data, $user_record); $this->data['reset_sent'] = TRUE; $this->data['reset_email'] = $user_record->email; } } } } else { $this->load->model('password_reset_model'); $record = $this->password_reset_model->getActiveResetByIdAndCode($id, $code); if ($record === FALSE) { $this->data['reset_error'] = 'This password reset is invalid or no longer exists'; } else { $this->data['resetting'] = TRUE; if (!empty($_POST)) { $new_password = $this->input->post('pwreset_new_password'); $this->form_validation->set_rules(array(array('field' => 'pwreset_new_password', 'label' => 'New Password', 'rules' => 'required|min_length[6]'), array('field' => 'pwreset_confirm_password', 'label' => 'Confirm New Password', 'rules' => 'required|matches[pwreset_new_password]'))); if ($this->form_validation->run()) { $this->db->trans_start(); $this->password_reset_model->deactivateResetById($id); $this->user_model->updateUserById(array('password' => password_hash($new_password, PASSWORD_DEFAULT)), $record->user_id); $this->db->trans_complete(); if ($this->db->trans_status() == TRUE) { $this->_sendStatusEmail($record->email); $this->data['reset_complete'] = TRUE; } } } } } $this->_render('pages/pwreset.php'); }