public function action_index() { // load language \Lang::load('account'); if (\Input::method() == 'POST') { // store data for model $data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email'))); // validate form. $validate = \Validation::forge(); $validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email')); if (!\Extension\NoCsrf::check(null, null, null, null, false)) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); } elseif (!$validate->run()) { // validate failed $output['form_status'] = 'error'; $output['form_status_message'] = $validate->show_errors(); } else { // check registered emails with not confirm $query = \Model_Accounts::query()->select('account_id', 'account_username', 'account_email')->where('account_email', $data['account_email'])->where('account_last_login', null)->where('account_status', '0')->where('account_confirm_code', '!=', 'NULL'); if ($query->count() <= 0) { $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('account_didnot_found_entered_email'); } else { $row = $query->get_one(); // generate confirm code $data['account_confirm_code'] = \Str::random('alnum', 6); $data['account_username'] = $row->account_username; $options['not_notify_admin'] = true; // send email to let user confirm registration $result = \Model_Accounts::forge()->sendRegisterEmail($data, $options); if ($result === true) { $account = \Model_Accounts::find($row->account_id); $account->account_confirm_code = $data['account_confirm_code']; $account->save(); $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_registration_completed_need_confirm'); } else { $output['form_status'] = 'error'; $output['form_status_message'] = $result; } } } // re-populate form $output['account_email'] = trim(\Input::post('account_email')); } // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_resend_confirm_registration_email')); // <head> output ---------------------------------------------------------------------------------------------- return $this->generatePage('front/templates/account/resendactivate_v', $output, false); }
public function action_index() { // load language \Lang::load('account'); // is user logged in? if (\Model_Accounts::isMemberLogin() == false) { \Response::redirect(\Uri::create('account/login') . '?rdr=' . urlencode(\Uri::main())); } // load config from db. $cfg_values = array('allow_avatar', 'avatar_size', 'avatar_allowed_types'); $config = \Model_Config::getvalues($cfg_values); $output['config'] = $config; // set config data to display in view file. $output['allow_avatar'] = $config['allow_avatar']['value']; $output['avatar_size'] = $config['avatar_size']['value']; $output['avatar_allowed_types'] = $config['avatar_allowed_types']['value']; unset($cfg_values); // read flash message for display errors. this is REQUIRED if you coding the check login with simultaneous login detection on. $form_status = \Session::get_flash('form_status'); if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) { $output['form_status'] = $form_status['form_status']; $output['form_status_message'] = $form_status['form_status_message']; } unset($form_status); // get account id $cookie_account = \Model_Accounts::forge()->getAccountCookie(); // get account data $query = \Model_Accounts::query()->where('account_id', $cookie_account['account_id'])->where('account_username', $cookie_account['account_username'])->where('account_email', $cookie_account['account_email']); if ($query->count() > 0) { // found $row = $query->get_one(); $output['row'] = $row; // loop set data for display in form. foreach ($row as $key => $field) { $output[$key] = $field; } // get account_fields data of current user and send to views form // to access data from view, use $account_field['field_name']. for example: the field_name is phone, just use $account_field['phone']; $account_fields = \Model_AccountFields::getData($cookie_account['account_id']); if ($account_fields->count() > 0) { foreach ($account_fields as $af) { $output['account_field'][$af->field_name] = \Extension\Str::isJsonFormat($af->field_value) ? json_decode($af->field_value, true) : $af->field_value; } } unset($account_fields, $af); // get timezone list to display. \Config::load('timezone', 'timezone'); $output['timezone_list'] = \Config::get('timezone.timezone', array()); unset($query); } else { // not found account. unset($cookie_account, $query); \Model_Accounts::logout(); \Response::redirect(\Uri::create('account/login') . '?rdr=' . urlencode(\Uri::main())); } // if form submitted if (\Input::method() == 'POST') { // store data for save to db. $data['account_id'] = $cookie_account['account_id']; $data['account_username'] = $cookie_account['account_username']; //trim(\Input::post('account_username'));//no, do not edit username. $data['account_old_email'] = $cookie_account['account_email']; $data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email'))); $data['account_password'] = trim(\Input::post('account_password')); $data['account_new_password'] = trim(\Input::post('account_new_password')); $data['account_display_name'] = \Security::htmlentities(\Input::post('account_display_name')); $data['account_firstname'] = \Security::htmlentities(trim(\Input::post('account_firstname', null))); if ($data['account_firstname'] == null) { $data['account_firstname'] = null; } $data['account_middlename'] = \Security::htmlentities(trim(\Input::post('account_middlename', null))); if ($data['account_middlename'] == null) { $data['account_middlename'] = null; } $data['account_lastname'] = \Security::htmlentities(trim(\Input::post('account_lastname', null))); if ($data['account_lastname'] == null) { $data['account_lastname'] = null; } $data['account_birthdate'] = \Security::strip_tags(trim(\Input::post('account_birthdate', null))); if ($data['account_birthdate'] == null) { $data['account_birthdate'] = null; } $data['account_signature'] = \Security::htmlentities(trim(\Input::post('account_signature', null))); if ($data['account_signature'] == null) { $data['account_signature'] = null; } $data['account_timezone'] = \Security::strip_tags(trim(\Input::post('account_timezone'))); $data['account_language'] = \Security::strip_tags(trim(\Input::post('account_language', null))); if ($data['account_language'] == null) { $data['account_language'] = null; } // store data for account_fields $data_field = array(); if (is_array(\Input::post('account_field'))) { foreach (\Input::post('account_field') as $field_name => $field_value) { if (is_string($field_name)) { if (is_array($field_value)) { $field_value = json_encode($field_value); } $data_field[$field_name] = $field_value; } } } unset($field_name, $field_value); // validate form. $validate = \Validation::forge(); $validate->add_callable(new \Extension\FsValidate()); //$validate->add('account_username', \Lang::get('account_username'), array(), array('required', 'noSpaceBetweenText'));//no, do not edit username. $validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email')); $validate->add('account_display_name', \Lang::get('account_display_name'), array(), array('required')); $validate->add('account_birthdate', \Lang::get('account_birthdate'))->add_rule('valid_date', 'Y-m-d'); $validate->add('account_timezone', \Lang::get('account_timezone'), array(), array('required')); if (!\Extension\NoCsrf::check()) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); } elseif (!$validate->run()) { // validate failed $output['form_status'] = 'error'; $output['form_status_message'] = $validate->show_errors(); } else { // save $result = \Model_accounts::memberEditProfile($data, $data_field); if ($result === true) { if (\Session::get_flash('form_status', null, false) == null) { \Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('account_saved'))); } \Response::redirect(\Uri::main()); } else { $output['form_status'] = 'error'; $output['form_status_message'] = $result; } } // re-populate form //$output['account_username'] = trim(\Input::post('account_username'));//no, do not edit username. $output['account_email'] = trim(\Input::post('account_email')); $output['account_display_name'] = trim(\Input::post('account_display_name')); $output['account_firstname'] = trim(\Input::post('account_firstname')); $output['account_middlename'] = trim(\Input::post('account_middlename')); $output['account_lastname'] = trim(\Input::post('account_lastname')); $output['account_birthdate'] = trim(\Input::post('account_birthdate')); $output['account_signature'] = trim(\Input::post('account_signature')); $output['account_timezone'] = trim(\Input::post('account_timezone')); $output['account_language'] = trim(\Input::post('account_language')); // re-populate form for account fields if (is_array(\Input::post('account_field'))) { foreach (\Input::post('account_field') as $field_name => $field_value) { if (is_string($field_name)) { $output['account_field'][$field_name] = $field_value; } } } unset($field_name, $field_value); } // clear variables unset($cookie_account, $data, $result); // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_edit')); // <head> output ---------------------------------------------------------------------------------------------- return $this->generatePage('front/templates/account/edit_v', $output, false); }
public function action_index($account_id = '', $confirm_code = '', $action = '') { // load language \Lang::load('account'); // get config $cfg_values = array('member_confirm_wait_time'); $config = Model_Config::getvalues($cfg_values); $output['config'] = $config; unset($cfg_values); $output['reset_action'] = $action; // check account id and confirm code. $query = \Model_Accounts::query()->where('account_id', $account_id)->where('account_confirm_code', $confirm_code); if ($query->count() <= 0) { $output['hide_form'] = true; $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('account_invalid_reset_password_request_code'); } // if cancel reset password if ($action == 'cancel' && $query->count() > 0) { // cancel no need to use form, hide it. $output['hide_form'] = true; // empty confirm code. $row = $query->get_one(); $row->account_confirm_code = null; $row->account_confirm_code_since = null; $row->save(); $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_your_reset_password_request_was_cancelled'); } // form submitted if (\Input::method() == 'POST' && $action == 'reset') { $data['account_password'] = trim(\Input::post('account_password')); // validate form. $validate = \Validation::forge(); $validate->add('account_password', \Lang::get('account_password'), array(), array('required')); $validate->add('account_confirm_password', \Lang::get('account_confirm_password'), array(), array('required'))->add_rule('match_field', 'account_password'); if (!\Extension\NoCsrf::check()) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); } elseif (!$validate->run()) { // validate failed $output['form_status'] = 'error'; $output['form_status_message'] = $validate->show_errors(); } else { $row = $query->get_one(); $cfg_member_confirm_wait_time = $config['member_confirm_wait_time']['value'] * 60; if (time() - $row->account_confirm_code_since > $cfg_member_confirm_wait_time) { // confirm wait time is too long than limit. $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('account_reset_password_time_expired'); // empty confirm code. $row->account_confirm_code = null; $row->account_confirm_code_since = null; $row->save(); } else { // empty confirm code and update password $row->account_password = \Model_Accounts::forge()->hashPassword($data['account_password']); $row->account_confirm_code = null; $row->account_confirm_code_since = null; $row->save(); $output['hide_form'] = true; $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_reset_password_successfully'); } } unset($cfg_member_confirm_wait_time, $data, $validate); } unset($config, $query, $row); // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_reset_password')); // <head> output ---------------------------------------------------------------------------------------------- return $this->generatePage('front/templates/account/resetpw_v', $output, false); }