protected function lostPasswordFormValidated($loginMail, $urlToRedirect)
{
Piwik::setUserIsSuperUser();
$user = null;
$isSuperUser = false;
if ($loginMail == Zend_Registry::get('config')->superuser->email || $loginMail == Zend_Registry::get('config')->superuser->login) {
$isSuperUser = true;
$user = array('login' => Zend_Registry::get('config')->superuser->login, 'email' => Zend_Registry::get('config')->superuser->email);
} else {
if (Piwik_UsersManager_API::userExists($loginMail)) {
$user = Piwik_UsersManager_API::getUser($loginMail);
} else {
if (Piwik_UsersManager_API::userEmailExists($loginMail)) {
$user = Piwik_UsersManager_API::getUserByEmail($loginMail);
}
}
}
if ($user === null) {
$messageNoAccess = Piwik_Translate('Login_InvalidUsernameEmail');
} else {
$view = new Piwik_View('Login/templates/passwordsent.tpl');
$login = $user['login'];
$email = $user['email'];
$randomPassword = Piwik_Common::getRandomString(8);
if ($isSuperUser) {
$user['password'] = md5($randomPassword);
Zend_Registry::get('config')->superuser = $user;
} else {
Piwik_UsersManager_API::updateUser($login, $randomPassword);
}
// send email with new password
try {
$mail = new Piwik_Mail();
$mail->addTo($email, $login);
$mail->setSubject(Piwik_Translate('Login_MailTopicPasswordRecovery'));
$mail->setBodyText(str_replace('\\n', "\n", sprintf(Piwik_Translate('Login_MailPasswordRecoveryBody'), $login, $randomPassword, Piwik_Url::getCurrentUrlWithoutQueryString())));
$piwikHost = $_SERVER['HTTP_HOST'];
if (strlen($piwikHost) == 0) {
$piwikHost = 'piwik.org';
}
$fromEmailName = Zend_Registry::get('config')->General->login_password_recovery_email_name;
$fromEmailAddress = Zend_Registry::get('config')->General->login_password_recovery_email_address;
$fromEmailAddress = str_replace('{DOMAIN}', $piwikHost, $fromEmailAddress);
$mail->setFrom($fromEmailAddress, $fromEmailName);
@$mail->send();
} catch (Exception $e) {
$view->ErrorString = $e->getMessage();
}
$view->linkTitle = Piwik::getRandomTitle();
$view->urlToRedirect = $urlToRedirect;
echo $view->render();
}
}
/**
* normal case, reused in other tests
*/
function test_updateUser()
{
$login = "******";
$user = array('login' => $login, 'password' => "geqgeagae", 'email' => "*****@*****.**", 'alias' => "alias");
Piwik_UsersManager_API::addUser($user['login'], $user['password'], $user['email'], $user['alias']);
Piwik_UsersManager_API::updateUser($login, "passowordOK", "*****@*****.**", "NEW ALIAS");
$this->_checkUserHasNotChanged($user, "passowordOK", "*****@*****.**", "NEW ALIAS");
}
/**
* Validate password reset request. If successful, set new password and redirect.
*
* @param string $loginMail (user name or email address)
* @param string $token (password reset token)
* @param array of string $newPassword (new password)
* @param string $urlToRedirect (URL to redirect to, if successfully validated)
* @return string (failure message)
*/
protected function resetPasswordFormValidated($loginMail, $token, $password, $urlToRedirect)
{
$user = self::getUserInformation($loginMail);
if ($user === null) {
return Piwik_Translate('Login_InvalidUsernameEmail');
}
if (!self::isValidToken($token, $user)) {
return Piwik_Translate('Login_InvalidOrExpiredToken');
}
try {
if ($user['email'] == Zend_Registry::get('config')->superuser->email) {
$user['password'] = md5($password);
Zend_Registry::get('config')->superuser = $user;
} else {
Piwik_UsersManager_API::updateUser($login, $password);
}
} catch (Exception $e) {
$view->ErrorString = $e->getMessage();
}
$view = Piwik_View::factory('passwordchanged');
$view->linkTitle = Piwik::getRandomTitle();
$view->urlToRedirect = $urlToRedirect;
echo $view->render();
exit;
}
