コード例 #1
0
 protected function __trigger()
 {
     self::__init();
     $db = ASDCLoader::instance();
     $success = false;
     $Members = $this->_Parent->ExtensionManager->create('members');
     $Members->initialiseCookie();
     if ($Members->isLoggedIn() !== true) {
         redirect(URL . '/forbidden/');
     }
     $Members->initialiseMemberObject();
     // Make sure we dont accidently use an expired token
     extension_Members::purgeCodes();
     $activation_row = $db->query(sprintf("SELECT * FROM `tbl_members_codes` WHERE `token` = '%s' AND `member_id` = %d LIMIT 1", $db->escape($_POST['fields']['code']), (int) $Members->Member->get('id')))->current();
     // No code, you are a spy!
     if ($activation_row === false) {
         redirect(URL . '/members/activate/failed/');
     }
     // Got this far, all is well.
     $db->query(sprintf("UPDATE `tbl_entries_data_%d` SET `role_id` = %d WHERE `entry_id` = %d LIMIT 1", $Members->roleField(), 3, (int) $Members->Member->get('id')));
     extension_Members::purgeTokens((int) $Members->Member->get('id'));
     $em = new EntryManager($this->_Parent);
     $entry = end($em->fetch((int) $Members->Member->get('id')));
     $email = $entry->getData(self::findFieldID('email-address', 'members'));
     $name = $entry->getData(self::findFieldID('name', 'members'));
     $Members->emailNewMember(array('section' => $Members->memberSectionHandle(), 'entry' => $entry, 'fields' => array('username-and-password' => $entry->getData(self::findFieldID('username-and-password', 'members')), 'name' => $name['value'], 'email-address' => $email['value'])));
     redirect(URL . '/members/activate/success/');
 }
 protected function __trigger()
 {
     self::__init();
     $db = ASDCLoader::instance();
     $success = false;
     $Members = $this->_Parent->ExtensionManager->create('members');
     $Members->initialiseCookie();
     if ($Members->isLoggedIn() !== true) {
         redirect(URL . '/forbidden/');
     }
     $Members->initialiseMemberObject();
     // Make sure we dont accidently use an expired token
     extension_Members::purgeTokens();
     $em = new EntryManager($this->_Parent);
     $entry = end($em->fetch((int) $Members->Member->get('id')));
     $email = $entry->getData(self::findFieldID('email-address', 'members'));
     $name = $entry->getData(self::findFieldID('name', 'members'));
     $Members->emailNewMember(array('section' => $Members->memberSectionHandle(), 'entry' => $entry, 'fields' => array('username-and-password' => $entry->getData(self::findFieldID('username-and-password', 'members')), 'name' => $name['value'], 'email-address' => $email['value'])));
     redirect(URL . '/members/activate/sent/');
 }
コード例 #3
0
    protected function __trigger()
    {
        $success = true;
        $result = new XMLElement('forgot-password');
        $Members = $this->_Parent->ExtensionManager->create('members');
        $username = $email = $code = NULL;
        if (isset($_POST['fields']['code']) && strlen(trim($_POST['fields']['code'])) > 0) {
            $code = $_POST['fields']['code'];
            $new_password = General::generatePassword();
            self::__init();
            $db = ASDCLoader::instance();
            // Make sure we dont accidently use an expired token
            extension_Members::purgeTokens();
            $token_row = $db->query(sprintf("SELECT * FROM `tbl_members_login_tokens` WHERE `token` = '%s' LIMIT 1", $db->escape($code)))->current();
            // No code, you are a spy!
            if ($token_row === false) {
                redirect(URL . '/members/reset-pass/failed/');
            }
            // Attempt to update the password
            $db->query(sprintf("UPDATE `tbl_entries_data_%d` SET `password` = '%s' WHERE `entry_id` = %d LIMIT 1", $Members->usernameAndPasswordField(), md5($new_password), $token_row->member_id));
            extension_Members::purgeTokens($token_row->member_id);
            // SEND THE EMAIL!!
            $entry = $Members->initialiseMemberObject($token_row->member_id);
            $email_address = $entry->getData(self::findFieldID('email-address', 'members'));
            $name = $entry->getData(self::findFieldID('name', 'members'));
            $subject = 'Your new password';
            $body = 'Dear {$name},

Just now, you have asked the Symphony brain trust to bestow you with a new password.

Well, here it is: {$new-password}

There\'s a good chance that you won\'t like this new password and want to change it - don\'t worry, we\'re not offended.

You can do that once you\'ve logged in by going here: {$root}/members/change-pass/

If you have any trouble, please email us at support@symphony-cms.com and we\'ll do our best to help.

Regards,

Symphony Team';
            $body = str_replace(array('{$name}', '{$root}', '{$new-password}'), array($name['value'], URL, $new_password), $body);
            $sender_email = 'noreply@' . parse_url(URL, PHP_URL_HOST);
            $sender_name = Symphony::Configuration()->get('sitename', 'general');
            General::sendEmail($email_address['value'], $sender_email, $sender_name, $subject, $body);
            redirect(URL . '/members/reset-pass/success/');
        }
        // Username take precedence
        if (isset($_POST['fields']['member-username']) && strlen(trim($_POST['fields']['member-username'])) > 0) {
            $username = $_POST['fields']['member-username'];
        }
        if (isset($_POST['fields']['member-email-address']) && strlen(trim($_POST['fields']['member-email-address'])) > 0) {
            $email = $_POST['fields']['member-email-address'];
        }
        if (is_null($username) && is_null($email)) {
            $success = false;
            $result->appendChild(new XMLElement('member-username', NULL, array('type' => 'missing')));
            $result->appendChild(new XMLElement('member-email-address', NULL, array('type' => 'missing')));
        } else {
            $members = array();
            if (!is_null($email)) {
                $members = $Members->findMemberIDFromEmail($email);
            }
            if (!is_null($username)) {
                $members[] = $Members->findMemberIDFromUsername($username);
            }
            // remove duplicates
            $members = array_unique($members);
            try {
                if (is_array($members) && !empty($members)) {
                    foreach ($members as $member_id) {
                        $Members->sendForgotPasswordEmail($member_id);
                    }
                    redirect(URL . '/members/reset-pass/code/');
                }
            } catch (Exception $e) {
                // Shouldn't get here, but will catch an invalid member ID if it does
            }
            $success = false;
        }
        $result->setAttribute('status', $success === true ? 'success' : 'error');
        return $result;
    }