public static function changePassword($arguments) { $hardCode = array("old_password", "new_password"); $parts = GenericInput::stripInput($arguments[0], $hardCode); $email = $parts[0]; $ProfileDB = ProfilesDB::getProfileBy('email', $parts[0]); if (!is_null($ProfileDB)) { if ($ProfileDB->getTimeOfTemp() == 0) { // print_r($parts[0]."<br>".$parts[1]."<br>".$parts[2]."<br>"); if (strcmp($ProfileDB->getPassword(), $parts[1]) == 0) { $ProfileDB->setPassword($parts[2]); ProfilesDB::editProfile($ProfileDB); self::outputMessage(self::CODE_SUCCESS, 'Password Set', 'Password is Set'); } else { self::outputMessage(self::CODE_BAD_REQUEST, 'Incorrect email/password', 'Passwrod or Email was incorrect. '); } } else { if ($ProfileDB->getTimeOfTemp() > time()) { //print_r(time().'***'.$ProfileDB->getTimeOfTemp()); if (strcmp($ProfileDB->getTemp(), $parts[1]) == 0) { $old = new Profile($ProfileDB->getParameters()); $ProfileDB->setPassword($parts[2]); $ProfileDB->setTimeOfTemp(0); //print_r($ProfileDB->__toString()); ProfilesDB::editProfile($ProfileDB); self::outputMessage(self::CODE_SUCCESS, 'Password Set', 'Password is Set'); } else { self::outputMessage(self::CODE_BAD_REQUEST, 'Incorrect email/password', 'Passwrod or Email was Incorrect. '); } } else { // print_r(time().'***'.$ProfileDB->getTimeOfTemp()); AccountsDB::deleteAccountsBy('profileID', $ProfileDB->getProfileID()); ProfilesDB::deleteProfileBy('email', $parts[0]); self::outputMessage(self::CAUSE_TIME_OUT, 'Password timed out', "Account Exceeded Temporary Password Time. Please Create the Account again."); } } } else { self::outputMessage(self::CAUSE_INVALID_ACTION, 'Account not found', 'Invalid Account, Account Not Found'); } }
private static function changePassword($arguments) { //check input make sure correct if (!array_key_exists(0, $arguments) || !isset($_GET['old_password']) || !isset($_GET['new_password'])) { self::outputMessage(self::CODE_BAD_REQUEST, 'Missing arguments', 'email,old_password, new_password'); return; } $email = $arguments[0]; //grab the profile by email given --First Argument-- $matchingProfile = ProfilesDB::getProfileBy('email', $email); if (empty($matchingProfile)) { self::outputMessage(self::CODE_BAD_REQUEST, 'Member not found', 'A member with the specified email does not exist.'); return; } //Change the password if ($matchingProfile->getPassword() == $_GET['old_password']) { //put the new password in $matchingProfile->setPassword($_GET['new_password']); //This is for changing the temporary password if (!$matchingProfile->getPasswordChanged()) { if (time() < strtotime($matchingProfile->getDateCreated()) + 900000) { $matchingProfile->setPasswordChanged(true); } else { //The 15 minute expired self::outputMessage(self::CODE_BAD_REQUEST, 'Profile Expired', 'The Profile already exceeded the 15 minute window to change temporary password.'); ProfilesDB::deleteProfileBy('email', $email); return; } } //success Email::sendEmail($email, 3); ProfilesDB::editProfile($matchingProfile); self::outputMessage(self::CODE_SUCCESS, 'Password Changed', 'Your password was changed correctly', $matchingProfile); } else { self::outputMessage(self::CODE_BAD_REQUEST, 'Authorization failed.', 'Incorrect email or password.'); return; } }