protected function __trigger()
{
self::__init();
$db = ASDCLoader::instance();
$success = false;
$Members = $this->_Parent->ExtensionManager->create('members');
$Members->initialiseCookie();
if ($Members->isLoggedIn() !== true) {
redirect(URL . '/forbidden/');
}
$Members->initialiseMemberObject();
// Make sure we dont accidently use an expired token
extension_Members::purgeCodes();
$activation_row = $db->query(sprintf("SELECT * FROM `tbl_members_codes` WHERE `token` = '%s' AND `member_id` = %d LIMIT 1", $db->escape($_POST['fields']['code']), (int) $Members->Member->get('id')))->current();
// No code, you are a spy!
if ($activation_row === false) {
redirect(URL . '/members/activate/failed/');
}
// Got this far, all is well.
$db->query(sprintf("UPDATE `tbl_entries_data_%d` SET `role_id` = %d WHERE `entry_id` = %d LIMIT 1", $Members->roleField(), 3, (int) $Members->Member->get('id')));
extension_Members::purgeTokens((int) $Members->Member->get('id'));
$em = new EntryManager($this->_Parent);
$entry = end($em->fetch((int) $Members->Member->get('id')));
$email = $entry->getData(self::findFieldID('email-address', 'members'));
$name = $entry->getData(self::findFieldID('name', 'members'));
$Members->emailNewMember(array('section' => $Members->memberSectionHandle(), 'entry' => $entry, 'fields' => array('username-and-password' => $entry->getData(self::findFieldID('username-and-password', 'members')), 'name' => $name['value'], 'email-address' => $email['value'])));
redirect(URL . '/members/activate/success/');
}
protected function __trigger()
{
self::__init();
$db = ASDCLoader::instance();
$success = false;
$Members = $this->_Parent->ExtensionManager->create('members');
$Members->initialiseCookie();
if ($Members->isLoggedIn() !== true) {
redirect(URL . '/forbidden/');
}
$Members->initialiseMemberObject();
// Make sure we dont accidently use an expired token
extension_Members::purgeTokens();
$em = new EntryManager($this->_Parent);
$entry = end($em->fetch((int) $Members->Member->get('id')));
$email = $entry->getData(self::findFieldID('email-address', 'members'));
$name = $entry->getData(self::findFieldID('name', 'members'));
$Members->emailNewMember(array('section' => $Members->memberSectionHandle(), 'entry' => $entry, 'fields' => array('username-and-password' => $entry->getData(self::findFieldID('username-and-password', 'members')), 'name' => $name['value'], 'email-address' => $email['value'])));
redirect(URL . '/members/activate/sent/');
}
protected function __trigger()
{
$success = true;
$result = new XMLElement('forgot-password');
$Members = $this->_Parent->ExtensionManager->create('members');
$username = $email = $code = NULL;
if (isset($_POST['fields']['code']) && strlen(trim($_POST['fields']['code'])) > 0) {
$code = $_POST['fields']['code'];
$new_password = General::generatePassword();
self::__init();
$db = ASDCLoader::instance();
// Make sure we dont accidently use an expired token
extension_Members::purgeTokens();
$token_row = $db->query(sprintf("SELECT * FROM `tbl_members_login_tokens` WHERE `token` = '%s' LIMIT 1", $db->escape($code)))->current();
// No code, you are a spy!
if ($token_row === false) {
redirect(URL . '/members/reset-pass/failed/');
}
// Attempt to update the password
$db->query(sprintf("UPDATE `tbl_entries_data_%d` SET `password` = '%s' WHERE `entry_id` = %d LIMIT 1", $Members->usernameAndPasswordField(), md5($new_password), $token_row->member_id));
extension_Members::purgeTokens($token_row->member_id);
// SEND THE EMAIL!!
$entry = $Members->initialiseMemberObject($token_row->member_id);
$email_address = $entry->getData(self::findFieldID('email-address', 'members'));
$name = $entry->getData(self::findFieldID('name', 'members'));
$subject = 'Your new password';
$body = 'Dear {$name},
Just now, you have asked the Symphony brain trust to bestow you with a new password.
Well, here it is: {$new-password}
There\'s a good chance that you won\'t like this new password and want to change it - don\'t worry, we\'re not offended.
You can do that once you\'ve logged in by going here: {$root}/members/change-pass/
If you have any trouble, please email us at support@symphony-cms.com and we\'ll do our best to help.
Regards,
Symphony Team';
$body = str_replace(array('{$name}', '{$root}', '{$new-password}'), array($name['value'], URL, $new_password), $body);
$sender_email = 'noreply@' . parse_url(URL, PHP_URL_HOST);
$sender_name = Symphony::Configuration()->get('sitename', 'general');
General::sendEmail($email_address['value'], $sender_email, $sender_name, $subject, $body);
redirect(URL . '/members/reset-pass/success/');
}
// Username take precedence
if (isset($_POST['fields']['member-username']) && strlen(trim($_POST['fields']['member-username'])) > 0) {
$username = $_POST['fields']['member-username'];
}
if (isset($_POST['fields']['member-email-address']) && strlen(trim($_POST['fields']['member-email-address'])) > 0) {
$email = $_POST['fields']['member-email-address'];
}
if (is_null($username) && is_null($email)) {
$success = false;
$result->appendChild(new XMLElement('member-username', NULL, array('type' => 'missing')));
$result->appendChild(new XMLElement('member-email-address', NULL, array('type' => 'missing')));
} else {
$members = array();
if (!is_null($email)) {
$members = $Members->findMemberIDFromEmail($email);
}
if (!is_null($username)) {
$members[] = $Members->findMemberIDFromUsername($username);
}
// remove duplicates
$members = array_unique($members);
try {
if (is_array($members) && !empty($members)) {
foreach ($members as $member_id) {
$Members->sendForgotPasswordEmail($member_id);
}
redirect(URL . '/members/reset-pass/code/');
}
} catch (Exception $e) {
// Shouldn't get here, but will catch an invalid member ID if it does
}
$success = false;
}
$result->setAttribute('status', $success === true ? 'success' : 'error');
return $result;
}
