public function change_password($tmp_code = null)
{
$tmp_check = false;
if (!Auth::check()) {
$code_created = new Carbon($this->tmp_code_created);
$tmp_check = !empty($this->tmp_code) && $this->tmp_code == $tmp_code && $code_created->diff(new Carbon())->days <= 7;
if (!$tmp_check) {
FormMessage::add('tmp_code', 'The code was incorrect');
return false;
}
}
$details = Request::all();
$rules = array('new_password' => 'required|confirmed|min:4');
if (!($tmp_check || Auth::check() && Auth::action('user.edit') && Auth::user()->id != $this->id)) {
$rules['current_password'] = '******';
}
$v = Validator::make($details, $rules);
if ($v->passes()) {
// check password
if (!empty($rules['current_password']) && !Hash::check($details['current_password'], $this->password)) {
FormMessage::add('current_password', 'The current password was incorrect');
return false;
}
// if user can change his password then change it
if (Auth::action('account.password', ['user_id' => $this->id]) || Auth::check() && Auth::action('user.edit')) {
$this->password = Hash::make($details['new_password']);
$this->tmp_code = '';
$this->save();
return true;
}
} else {
FormMessage::set($v->messages());
}
return false;
}
public function forgottenPassword()
{
$view_data = array();
$rules = array('email' => 'required|email');
$validation = Validator::make(Request::all(), $rules);
if ($_POST && $validation->fails()) {
FormMessage::set($validation->messages());
} elseif ($_POST) {
$email_addr = Request::input('email');
$user = User::where('email', '=', $email_addr)->first();
if ($user !== null) {
if (!Auth::action('account.password', ['user_id' => $user->id])) {
FormMessage::add('email', 'You can\'t change the password for this account');
} else {
$code = urlencode(str_random(32) . microtime());
$user->tmp_code = $code;
$user->tmp_code_created = new Carbon();
$user->save();
Mail::send('coaster::emails.forgotten_password', array('code' => $code), function ($message) use($email_addr) {
$message->from(config('coaster::site.email'));
$message->to($email_addr);
$message->subject(config('coaster::site.name') . ': Forgotten Password');
});
$failures = Mail::failures();
if (empty($failures)) {
$view_data['success'] = 'We have sent an email to you with a link to change your password.';
} else {
FormMessage::add('email', 'There was an error sending mail, please contact <a href="mailto:support@web-feet.co.uk?Subject=' . config('coaster::site.name') . ': Forgotten Password">support</a>.');
}
}
} else {
FormMessage::add('email', 'We couldn\'t find your records.');
}
}
$this->layoutData['title'] = 'Forgotten Password';
$this->layoutData['content'] = View::make('coaster::pages.forgotten_password', $view_data);
}
/**
* Save form data and send email
* @param array $formData
* @return bool|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function submission($formData)
{
if ($form_settings = $this->_block->getContent(true)) {
$form_settings = $this->_defaultData($form_settings);
$form_rules = BlockFormRule::get_rules($form_settings->template);
$v = Validator::make($formData, $form_rules);
$captcha = Securimage::captchaCheck();
// check form rules
if ($v->passes() && !($form_settings->captcha == true && !$captcha)) {
// delete blank and system fields
unset($formData['captcha_code']);
// Save data function (override this function to save data differently)
$form_submission = $this->submissionSaveData($formData);
if (!$form_submission->id) {
FormMessage::add('submission_save_error', 'Unable to save the form.');
}
// Send email
if ($this->submissionSendEmail($formData, $form_settings)) {
$form_submission->sent = 1;
$form_submission->save();
}
Session::set('form_data', $form_submission);
return \redirect(PageBuilder::pageUrl($form_settings->page_to));
} else {
FormMessage::set($v->messages());
if (!$captcha) {
FormMessage::add('captcha_code', 'Invalid Captcha Code, try again.');
}
}
}
return false;
}
public function saveAdminUser()
{
$details = Request::all();
if (User::count() == 0 || $details['skip'] != 'Skip') {
$v = Validator::make($details, array('email' => 'required|email', 'password' => 'required|confirmed|min:4'));
if (!$v->passes()) {
FormMessage::set($v->messages());
return $this->setupAdminUser();
}
$date = new Carbon();
DB::table('users')->insert(array(array('active' => 1, 'password' => Hash::make($details['password']), 'email' => $details['email'], 'role_id' => '1', 'created_at' => $date, 'updated_at' => $date)));
}
Install::setInstallState('coaster.install.theme');
return \redirect()->route('coaster.install.theme');
}
/**
* Repeater form submission
* @param array $formData
* @return null|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function submission($formData)
{
$formRules = BlockFormRule::get_rules($this->_block->name . '-form');
$v = Validator::make($formData, $formRules);
if ($v->passes()) {
foreach ($formData as $blockName => $content) {
$fieldBlock = Block::preload($blockName);
if ($fieldBlock->exists) {
if ($fieldBlock->type == 'datetime' && empty($content)) {
$content = new Carbon();
}
$formData[$blockName] = $content;
}
}
$this->insertRow($formData);
Email::sendFromFormData([$this->_block->name . '-form'], $formData, config('coaster::site.name') . ': New Form Submission - ' . $this->_block->label);
return \redirect(Request::url());
} else {
FormMessage::set($v->messages());
}
return null;
}
public function postAdd()
{
$authUser = Auth::user();
$v = Validator::make(Request::all(), array('email' => 'required|email', 'role' => 'required|integer'));
$perm_issue = true;
$role = UserRole::find(Request::input('role'));
if (!empty($role) && $role->admin <= $authUser->role->admin) {
$perm_issue = false;
}
if ($v->passes() && !$perm_issue) {
$password = str_random(8);
$new_user = new User();
$new_user->email = Request::input('email');
$new_user->role_id = Request::input('role');
$new_user->password = Hash::make($password);
$new_user->save();
AdminLog::new_log('User \'' . $new_user->email . '\' added');
Mail::send('coaster::emails.new_account', array('email' => $new_user->email, 'password' => $password), function ($message) use($new_user) {
$message->from(config('coaster::site.email'));
$message->to($new_user->email);
$message->subject(config('coaster::site.name') . ': New Account Details');
});
$failures = Mail::failures();
if (empty($failures)) {
$email_message = 'An email has been sent to the new user with their login details.';
$email_status = 'success';
} else {
$email_message = 'There was an error sending the login details to the new user.';
$email_status = 'warning';
}
$this->layoutData['content'] = View::make('coaster::pages.users.add', array('success' => true, 'password' => $password, 'email_message' => $email_message, 'email_status' => $email_status));
} else {
FormMessage::set($v->messages());
if ($perm_issue) {
FormMessage::add('role', 'Don\'t have permission to create user with this role, or doesn\'t exist');
}
$this->getAdd();
}
}
