public function create() { if (isset($this->CURRENT_USER)) { $this->flashMessage('You don\'t need to register, you\'re already logged in!', array('alertType' => 'warning')); return $this->redirect('Dashboard::user'); } $user = Users::create(); if ($this->request->data) { // Extract password data $password = $this->request->data['password']; $confirm_password = $this->request->data['confirm_password']; unset($this->request->data['password']); unset($this->request->data['confirm_password']); // Check validity of user $user->set($this->request->data); $user->validates(); // Check validity of password: if (strlen($password) < 6) { $user->errors('password', 'Must be at least six characters long.'); } if ($password != $confirm_password) { $user->errors('confirm_password', 'Passwords do not match.'); } // Save the user and identity if (count($user->errors()) === 0 and $user->save(array('permission_groups' => 'user'))) { $identity = PasswordIdentities::create(); $identitySaveResult = $identity->save(array('user_id' => $user->_id, 'prv_uid' => $this->request->data['email_address'], 'password' => $password)); if (!$identitySaveResult) { $this->flashMessage('Your user account was created, but there was a problem saving your password. Please use the password reset functionality to fix it.', array('alertType' => 'error')); } else { $this->flashMessage('You have successfully registered!'); return $this->redirect('/'); } } else { $this->flashMessage('There was an error creating your account.', array('alertType' => 'error')); } } return compact('user'); }
public function edit() { $user = $this->CURRENT_USER; if ($this->request->data) { $user->set($this->request->data); if (isset($this->request->data['password']) and !empty($this->request->data['password'])) { $identity = $user->getIdentity('afdc.com', 'password'); if (!isset($identity)) { $identity = PasswordIdentities::create(); $identity->user_id = $user->_id; } else { $identity = PasswordIdentities::find((string) $identity->_id); } $identitySaveResult = $identity->save(array('password' => $this->request->data['password'], 'confirm_password' => $this->request->data['confirm_password'], 'prv_uid' => $this->request->data['email_address'])); } else { $identitySaveResult = true; } if (!$identitySaveResult) { $identityErrors = $identity->errors(); if (isset($identityErrors['password'])) { $user->errors('password', $identityErrors['password']); } if (isset($identityErrors['confirm_password'])) { $user->errors('confirm_password', $identityErrors['confirm_password']); } } else { unset($user->password); unset($user->confirm_password); if ($user->save()) { $this->flashMessage('Your profile has been updated!', array('alertType' => 'success')); return $this->redirect('Profile::index'); } } } return compact('user'); }
public function resetPassword() { $redirectUrl = '/'; $email = null; if (isset($this->request->data['email'])) { $email = $this->request->data['email']; } else { if (isset($this->request->args[0])) { $email = $this->request->args[0]; } } $user = Users::first(array('conditions' => array('email_address' => new MongoRegex('/' . $email . '/i')))); if (!$user) { $this->flashMessage('User not found for password reset!', array('alertType' => 'error')); return $this->redirect($redirectUrl); } else { if (!isset($user->email_address)) { $this->flashMessage('That user does not have an email address on file. Please email the webmaster for assistance.', array('alertType' => 'error')); return $this->redirect($redirectUrl); } } $identity = PasswordIdentities::first(array('conditions' => array('user_id' => $user->_id, 'type' => 'password', 'prv_name' => 'afdc.com'))); if (!$identity) { $identity = PasswordIdentities::create(); $identity->user_id = $user->_id; $identity->prv_uid = strtolower($user->email_address); } $newPassword = $identity->generatePassword(); if ($identity->save()) { if (Environment::is('production')) { // Todo: replace this with something that doesn't suck $to = $user->email_address; $subject = '[AFDC.com] Password Reset'; $message = 'Your password has been reset. It is now: ' . $newPassword; $headers = implode("\n", array('From: system@leagues.afdc.com', 'Reply-To: webmaster@afdc.com', 'X-Mailer: PHP/' . phpversion())); mail($to, $subject, $message, $headers); $this->flashMessage('An email message has been sent with the new password. Please be sure to check your spam folder.', array('alertType' => 'info')); } else { $this->flashMessage("A new password generated: {$user->email_address} / {$newPassword}. Due to environment limitations, no email was sent.", array('alertType' => 'info')); } return $this->redirect($redirectUrl); } else { $this->flashMessage('A new password could not be saved; please try again or email the webmaster for assistance.', array('alertType' => 'error')); return $this->redirect($redirectUrl); } return compact('user', 'identity', 'newPassword'); }