/** * Форма ввода нового пароля * * Пользователь может ввести новый пароль после перехода по ссылке, которая * приходи ему на почту * @return void */ public function recoverPasswordAction() { Auth::getInstance()->clearIdentity(); $form = new Form_User_RecoverPassword(); try { $userId = $this->_getParam('id', false); if ($userId === false) { throw new Exception('No user id!'); } $code = $this->_getParam('code', false); if ($code === false) { throw new Exception('No check code!'); } $users = new Users(); $user = $users->getObjectById($userId); if ($user === false) { throw new Exception('User not found!'); } $chkCode = md5('recover' . $user->getPassword() . 'password'); if ($chkCode !== $code) { throw new Exception('Wrong check code!'); } } catch (Exception $e) { return $this->render('recover-password-failed'); } if ($this->getRequest()->isPost()) { try { if ($form->isValid($_POST) === false) { throw new Exception('[LS_VALIDATTION_FORM_FAILED]'); } // save new password: $encryptedPassword = Auth_Adapter::getEncodedPassword($user->getEmail(), $form->password->getValue()); $user->setPassword($encryptedPassword); $user->save(); return $this->render('recover-password-success'); } catch (Exception $e) { $form->addErrorMessage($this->view->translate($e->getMessage())); } } $this->view->form = $form; }
public function testValidRecover() { $_SESSION = array("Zend_Form_Captcha_6c8fbaf4ac101368309023f8c3556bc9" => array("word" => "86r7mu"), "Zend_Form_Element_Hash_unique_csrf" => array("hash" => "2ec8e2568c6b762ef7c96541f3e6c19a")); $this->getRequest()->setMethod('post')->setPost(array('password' => 'qwerty', 'csrf' => '2ec8e2568c6b762ef7c96541f3e6c19a', 'captcha' => array('id' => '6c8fbaf4ac101368309023f8c3556bc9', 'input' => '86r7mu'))); $this->dispatch('/user/recover-password/id/2/code/' . md5('recover1618fe490d041584a583457fd3f7627fpassword')); $this->assertController('user'); $this->assertAction('recover-password'); $this->assertQueryCount('div.error', 0); $this->assertQueryCount('div.message', 1); $db = Zend_Db_Table_Abstract::getDefaultAdapter(); $this->assertEquals(Auth_Adapter::getEncodedPassword('*****@*****.**', 'qwerty'), $db->fetchOne("SELECT password FROM users WHERE id = 2")); }