public function isPassHashKeyValid($hashKey) { // check if same as user's saved hash key if (base64_decode($hashKey) != base64_decode($this->getPasswordHashKey())) { throw new kUserException('', kUserException::NEW_PASSWORD_HASH_KEY_INVALID); } // decode $params = UserLoginDataPeer::decodePassHashKey($hashKey); if (!$params) { throw new kUserException('', kUserException::NEW_PASSWORD_HASH_KEY_INVALID); } // check if user_login_data id is right if ($params[0] != $this->getId()) { throw new kUserException('', kUserException::NEW_PASSWORD_HASH_KEY_INVALID); } // check if not expired if ($params[1] < time()) { throw new kUserException('', kUserException::NEW_PASSWORD_HASH_KEY_EXPIRED); } return true; }