/**
* Method for allowing a user to reset their password
* @param {stdClass} $data Data passed from ActionScript
* @return {array} Returns a standard response array
*/
public function lostPassword($data)
{
$response = CodeBank_ClientAPI::responseBase();
$response['login'] = true;
$SQL_email = Convert::raw2sql($data->user);
$member = Member::get_one('Member', "\"Email\"='{$SQL_email}'");
// Allow vetoing forgot password requests
$sng = new MemberLoginForm(Controller::has_curr() ? Controller::curr() : singleton('Controller'), 'LoginForm');
$results = $sng->extend('forgotPassword', $member);
if ($results && is_array($results) && in_array(false, $results, true)) {
$response['status'] = 'HELO';
$response['message'] = _t('CodeBankAPI.PASSWORD_SENT_TEXT', "A reset link has been sent to '{email}', provided an account exists for this email address.", array('email' => $data['Email']));
}
if ($member) {
$token = $member->generateAutologinTokenAndStoreHash();
$e = Member_ForgotPasswordEmail::create();
$e->populateTemplate($member);
$e->populateTemplate(array('PasswordResetLink' => Security::getPasswordResetLink($member, $token)));
$e->setTo($member->Email);
$e->send();
$response['status'] = 'HELO';
$response['message'] = _t('CodeBankAPI.PASSWORD_SENT_TEXT', "A reset link has been sent to '{email}', provided an account exists for this email address.", array('email' => $data->user));
} else {
if (!empty($data->user)) {
$response['status'] = 'HELO';
$response['message'] = _t('CodeBankAPI.PASSWORD_SENT_TEXT', "A reset link has been sent to '{email}', provided an account exists for this email address.", array('email' => $data->user));
} else {
$response['status'] = 'EROR';
$response['message'] = _t('Member.ENTEREMAIL', 'Please enter an email address to get a password reset link.');
}
}
return $response;
}
function testMemberLogging()
{
// Grab any user to fake being logged in as, and ensure that after a session is written it has
// that user as the submitter.
$userId = Member::get_one("Member")->ID;
$this->session()->inst_set('loggedInAs', $userId);
$session = $this->form->session;
$session->write();
$this->assertEquals($userId, $session->SubmitterID);
}
/**
* Change the password.
*
* @param string $username
* The username to find.
* @param string $password
* The new password, plain text.
*/
public function changePassword($username = null, $password = null)
{
// Validate the input.
if (!$username || !$password) {
return 'Unable to change password. Invalid username or password';
}
// Find the user.
$member = Member::get_one('Member', sprintf('"%s" = \'%s\'', Member::get_unique_identifier_field(), Convert::raw2sql($username)));
if (!$member) {
return "Unable to find user '{$username}'.";
}
// Modify the user.
$member->Password = $password;
$member->write();
}
public function go($request)
{
// Only accept if it's an ajax request
if ($this->request->isAjax()) {
$mobilenumber = Convert::raw2sql($_POST['mobilenumber']);
$errors = array();
// DO some checking
if (empty($mobilenumber)) {
$errors[] = "Please enter a mobile number";
}
// check to see if there is already a member with this mobile number
$member = Member::get_one("Member", "MobileNumber = {$mobilenumber}");
if ($member && empty($member->MobileConfirm) && !empty($mobilenumber)) {
$errors[] = "A user already exists with that mobile number.";
}
if ($errors) {
$returnArray = array();
$returnArray["success"] = false;
$returnArray["errorstring"] = "<div class=\"alert alert-info\">" . implode(", ", $errors) . "</div>";
return json_encode($returnArray);
} else {
// Create the member
if (!$member) {
$member = new Member();
}
$member->MobileNumber = $mobilenumber;
$member->MobileConfirm = mt_rand(100000, 999999);
$memberID = $member->write();
// Now send a text message to confirm the account
if ($memberID) {
$config = Config::inst()->get('TelstraAPI', 'Keys');
$sms = new TelstraSMS($config['consumer'], $config['secret'], $mobilenumber, "Your NextHit verification code is: " . $member->MobileConfirm);
$sms->send();
// register a session with the mobile number
Session::set("RegisterNumber", $mobilenumber);
Session::set("RegisterMemberID", $memberID);
$returnArray = array();
$returnArray["success"] = true;
$returnArray["nextstep"] = "step2";
return json_encode($returnArray);
}
}
} else {
$this->redirect($this->Link(), 404);
}
}
function loginWithFacebook()
{
if (!Facebook::signup_code_created()) {
Facebook::redirect_to_login_prompt('/signup/loginWithFacebook');
}
if (Facebook::csrf_checks_passed()) {
$access_token = Facebook::get_access_token('/signup/loginWithFacebook');
$user = Facebook::get_users_info($access_token);
$member = Member::get_one("Member", "Email='{$user->email}'");
if ($member) {
$member->addFacebookCredentials($access_token);
$member->login();
} else {
$this->setMessage("Could not find your account, are you sure you have already signed up?", "bad");
return Director::redirectBack();
}
return Director::redirect('/');
}
}
function SaveNewProfile($data, $form)
{
$groupIds = array();
$member = new Member();
//Check for another member with the same email address
if ($existingMember = Member::get_one("Member", "Email = '" . Convert::raw2sql($data['Email']) . "'")) {
$form->sessionMessage('Die Emailadresse ist schon in Verwendung.', 'bad');
return $this->redirectBack();
} else {
$form->saveInto($member);
}
$member->NeedsValidation = true;
try {
$member->write();
} catch (ValidationException $e) {
$form->sessionMessage($e->getResult()->message(), 'bad');
return;
}
foreach ($this->Groups()->column('ID') as $mustId) {
$groupIds[] = $mustId;
}
$member->Groups()->setByIDList($groupIds);
$member->write();
$email = new MemberConfirmationEmail($this, $member);
$email->send();
if ($this->PostRegistrationTargetID) {
$this->redirect($this->PostRegistrationTarget()->Link());
return;
}
die("no success page set");
}
