public function passwordProcessAction(Request $req) { if (!$this->app['sentry']->check()) { return $this->redirectTo('login'); } $user = $this->app['sentry']->getUser(); /** * Okay, the logic is kind of weird but we can use the SignupForm * validation code to make sure our password changes are good */ $formData = array('password' => $req->get('password'), 'password2' => $req->get('password_confirm')); $form = new SignupForm($formData, $this->app['purifier']); $form->sanitize(); if ($form->validatePasswords() === false) { $this->app['session']->set('flash', array('type' => 'error', 'short' => 'Error', 'ext' => implode("<br>", $form->getErrorMessages()))); return $this->redirectTo('password_edit'); } /** * Resetting passwords looks weird because we need to use Sentry's * own built-in password reset functionality to do it */ $sanitized_data = $form->getCleanData(); $reset_code = $user->getResetPasswordCode(); if (!$user->attemptResetPassword($reset_code, $sanitized_data['password'])) { $this->app['session']->set('flash', array('type' => 'error', 'short' => 'Error', 'ext' => "Unable to update your password in the database. Please try again.")); return $this->redirectTo('password_edit'); } $this->app['session']->set('flash', array('type' => 'success', 'short' => 'Success', 'ext' => "Changed your password.")); return $this->redirectTo('password_edit'); }
/** * Test that we get back some sanitized data * * @test * @param array $inputData * @param array $expectedData * @dataProvider sanitizationProvider */ public function dataGetsSanitizedCorrectly($inputData, $expectedData) { $form = new \OpenCFP\Http\Form\SignupForm($inputData, $this->purifier); $form->sanitize(); $sanitizedData = $form->getCleanData(); $this->assertEquals($expectedData, $sanitizedData, "Data was not sanitized properly"); }