/** * Change the password of an user * * @view /views/scripts/user/changepassword.phtml * @access public */ public function changepasswordAction() { $userRow = new Admin_Model_DbRow_User($this->dbUser->find($this->checkUserIdParam())); $form = new Admin_Form_User_Changepassword($userRow); if ($this->getRequest()->isPost()) { if ($form->isValid($this->getRequest()->getParams()) && $this->getRequest()->getParam('pass1') === $this->getRequest()->getParam('pass2')) { $salt = Zend_Registry::get('password_salt'); $hashpass = md5($this->getRequest()->getParam('pass1') . $salt); // do the update $this->dbUser->updatePassword($hashpass, $userRow->get('id')); $this->_redirect('admin/user/index'); } else { $form->setDescription('Please fill both fields and ensure, that both passwords are equal'); } } $this->view->form = $form; }
/** * Change the Password for the selected user * * Password is a salted hash, salt is defined in app config * * @return array */ public function saveEditUserPwAction() { $userModel = new Admin_Model_DbTable_Users(); $userRow = new Admin_Model_DbRow_User($userModel->find($this->request->getParam('id'))); if ($this->request->getParam('password_input', 1) === $this->request->getParam('password_confirm', 2) && $userRow->get('id')) { // the if uses differnt default values for getParam() so that null or '' cannot be set, if fields are not present $validate = new Zend_Validate(); $validate->addValidator(new Zend_Validate_NotEmpty(), new Zend_Validate_StringLength(8)); if ($validate->isValid($this->request->getParam('password_input'))) { $userModel->updatePassword(md5($this->request->getParam('password_input') . Zend_Registry::get('password_salt')), $userRow->get('id')); return $this->responseSuccess(); } else { $error = $validate->getMessages(); } } else { $error = array('Passwords are not the same or unkown user'); } return $this->responseFailure('Failed Saving informations', $error); }