/** * Method for allowing a user to reset their password * @param {stdClass} $data Data passed from ActionScript * @return {array} Returns a standard response array */ public function lostPassword($data) { $response = CodeBank_ClientAPI::responseBase(); $response['login'] = true; $SQL_email = Convert::raw2sql($data->user); $member = Member::get_one('Member', "\"Email\"='{$SQL_email}'"); // Allow vetoing forgot password requests $sng = new MemberLoginForm(Controller::has_curr() ? Controller::curr() : singleton('Controller'), 'LoginForm'); $results = $sng->extend('forgotPassword', $member); if ($results && is_array($results) && in_array(false, $results, true)) { $response['status'] = 'HELO'; $response['message'] = _t('CodeBankAPI.PASSWORD_SENT_TEXT', "A reset link has been sent to '{email}', provided an account exists for this email address.", array('email' => $data['Email'])); } if ($member) { $token = $member->generateAutologinTokenAndStoreHash(); $e = Member_ForgotPasswordEmail::create(); $e->populateTemplate($member); $e->populateTemplate(array('PasswordResetLink' => Security::getPasswordResetLink($member, $token))); $e->setTo($member->Email); $e->send(); $response['status'] = 'HELO'; $response['message'] = _t('CodeBankAPI.PASSWORD_SENT_TEXT', "A reset link has been sent to '{email}', provided an account exists for this email address.", array('email' => $data->user)); } else { if (!empty($data->user)) { $response['status'] = 'HELO'; $response['message'] = _t('CodeBankAPI.PASSWORD_SENT_TEXT', "A reset link has been sent to '{email}', provided an account exists for this email address.", array('email' => $data->user)); } else { $response['status'] = 'EROR'; $response['message'] = _t('Member.ENTEREMAIL', 'Please enter an email address to get a password reset link.'); } } return $response; }
function testMemberLogging() { // Grab any user to fake being logged in as, and ensure that after a session is written it has // that user as the submitter. $userId = Member::get_one("Member")->ID; $this->session()->inst_set('loggedInAs', $userId); $session = $this->form->session; $session->write(); $this->assertEquals($userId, $session->SubmitterID); }
/** * Change the password. * * @param string $username * The username to find. * @param string $password * The new password, plain text. */ public function changePassword($username = null, $password = null) { // Validate the input. if (!$username || !$password) { return 'Unable to change password. Invalid username or password'; } // Find the user. $member = Member::get_one('Member', sprintf('"%s" = \'%s\'', Member::get_unique_identifier_field(), Convert::raw2sql($username))); if (!$member) { return "Unable to find user '{$username}'."; } // Modify the user. $member->Password = $password; $member->write(); }
public function go($request) { // Only accept if it's an ajax request if ($this->request->isAjax()) { $mobilenumber = Convert::raw2sql($_POST['mobilenumber']); $errors = array(); // DO some checking if (empty($mobilenumber)) { $errors[] = "Please enter a mobile number"; } // check to see if there is already a member with this mobile number $member = Member::get_one("Member", "MobileNumber = {$mobilenumber}"); if ($member && empty($member->MobileConfirm) && !empty($mobilenumber)) { $errors[] = "A user already exists with that mobile number."; } if ($errors) { $returnArray = array(); $returnArray["success"] = false; $returnArray["errorstring"] = "<div class=\"alert alert-info\">" . implode(", ", $errors) . "</div>"; return json_encode($returnArray); } else { // Create the member if (!$member) { $member = new Member(); } $member->MobileNumber = $mobilenumber; $member->MobileConfirm = mt_rand(100000, 999999); $memberID = $member->write(); // Now send a text message to confirm the account if ($memberID) { $config = Config::inst()->get('TelstraAPI', 'Keys'); $sms = new TelstraSMS($config['consumer'], $config['secret'], $mobilenumber, "Your NextHit verification code is: " . $member->MobileConfirm); $sms->send(); // register a session with the mobile number Session::set("RegisterNumber", $mobilenumber); Session::set("RegisterMemberID", $memberID); $returnArray = array(); $returnArray["success"] = true; $returnArray["nextstep"] = "step2"; return json_encode($returnArray); } } } else { $this->redirect($this->Link(), 404); } }
function loginWithFacebook() { if (!Facebook::signup_code_created()) { Facebook::redirect_to_login_prompt('/signup/loginWithFacebook'); } if (Facebook::csrf_checks_passed()) { $access_token = Facebook::get_access_token('/signup/loginWithFacebook'); $user = Facebook::get_users_info($access_token); $member = Member::get_one("Member", "Email='{$user->email}'"); if ($member) { $member->addFacebookCredentials($access_token); $member->login(); } else { $this->setMessage("Could not find your account, are you sure you have already signed up?", "bad"); return Director::redirectBack(); } return Director::redirect('/'); } }
function SaveNewProfile($data, $form) { $groupIds = array(); $member = new Member(); //Check for another member with the same email address if ($existingMember = Member::get_one("Member", "Email = '" . Convert::raw2sql($data['Email']) . "'")) { $form->sessionMessage('Die Emailadresse ist schon in Verwendung.', 'bad'); return $this->redirectBack(); } else { $form->saveInto($member); } $member->NeedsValidation = true; try { $member->write(); } catch (ValidationException $e) { $form->sessionMessage($e->getResult()->message(), 'bad'); return; } foreach ($this->Groups()->column('ID') as $mustId) { $groupIds[] = $mustId; } $member->Groups()->setByIDList($groupIds); $member->write(); $email = new MemberConfirmationEmail($this, $member); $email->send(); if ($this->PostRegistrationTargetID) { $this->redirect($this->PostRegistrationTarget()->Link()); return; } die("no success page set"); }