public function updateUser(User $user, $name, $emailAddress, $password = null, $isAdmin = null)
{
$user->setName($name);
$user->setEmail($emailAddress);
if (!empty($password)) {
$user->setHash(password_hash($password, PASSWORD_DEFAULT));
}
if (!is_null($isAdmin)) {
$user->setIsAdmin($isAdmin ? 1 : 0);
}
return $this->store->save($user);
}
/**
* Edit a user - handles both form and processing.
*/
public function edit($userId)
{
if (!$_SESSION['user']->getIsAdmin()) {
throw new ForbiddenException('You do not have permission to do that.');
}
$method = $this->request->getMethod();
$user = $this->userStore->getById($userId);
if (empty($user)) {
throw new NotFoundException('User with ID: ' . $userId . ' does not exist.');
}
$values = array_merge($user->getDataArray(), $this->getParams());
$form = $this->userForm($values, 'edit/' . $userId);
if ($method != 'POST' || $method == 'POST' && !$form->validate()) {
$view = new b8\View('UserForm');
$view->type = 'edit';
$view->user = $user;
$view->form = $form;
return $view->render();
}
if (!empty($values['password'])) {
$values['hash'] = password_hash($values['password'], PASSWORD_DEFAULT);
}
$user->setValues($values);
$isAdmin = $this->getParam('is_admin');
if (empty($isAdmin)) {
$user->setIsAdmin(0);
}
$this->userStore->save($user);
header('Location: ' . PHPCI_URL . 'user');
die;
}
public function resetPassword($userId, $key)
{
$user = $this->userStore->getById($userId);
$userKey = md5(date('Y-m-d') . $user->getHash());
if (empty($user) || $key != $userKey) {
$this->view->error = 'Invalid password reset request.';
return $this->view->render();
}
if ($this->request->getMethod() == 'POST') {
$hash = password_hash($this->getParam('password'), PASSWORD_DEFAULT);
$user->setHash($hash);
$_SESSION['user'] = $this->userStore->save($user);
$_SESSION['user_id'] = $user->getId();
header('Location: ' . PHPCI_URL);
die;
}
$this->view->id = $userId;
$this->view->key = $key;
return $this->view->render();
}
/**
* Allows the user to change their password after a password reset email.
* @param $userId
* @param $key
* @return string
*/
public function resetPassword($userId, $key)
{
$user = $this->userStore->getById($userId);
$userKey = md5(date('Y-m-d') . $user->getHash());
if (empty($user) || $key != $userKey) {
$this->view->error = Lang::get('reset_invalid');
return $this->view->render();
}
if ($this->request->getMethod() == 'POST') {
$hash = password_hash($this->getParam('password'), PASSWORD_DEFAULT);
$user->setHash($hash);
$_SESSION['phpci_user'] = $this->userStore->save($user);
$_SESSION['phpci_user_id'] = $user->getId();
$response = new b8\Http\Response\RedirectResponse();
$response->setHeader('Location', PHPCI_URL);
return $response;
}
$this->view->id = $userId;
$this->view->key = $key;
return $this->view->render();
}
