public function advertiser_signupAction() { if ($this->request->isPost()) { $error = 0; // if($this->security->checkToken() == false){ // $error = 1; // $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Invalid CSRF Token'); // return $this->response->redirect('signup'); // } $firstName = $this->request->getPost('first_name'); $lastName = $this->request->getPost('last_name'); $email = $this->request->getPost('email'); $password = $this->request->getPost('password'); $confirmPassword = $this->request->getPost('confirm_password'); if (empty($firstName) || empty($lastName) || empty($email) || empty($password) || empty($confirmPassword)) { $this->flash->warning('<button type="button" class="close" data-dismiss="alert">×</button>All fields required'); return $this->response->redirect(); } if ($password != $confirmPassword) { $errorMsg = "Confirm password does not match"; $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>' . $errorMsg); return $this->response->redirect(); } if (!empty($email) && Members::findFirstByEmail($email)) { $errorMsg = "Email is already in use. Please try again."; $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>' . $errorMsg); return $this->response->redirect(); } $member = new Members(); $member->created = date('Y-m-d H:i:s'); $member->modified = date('Y-m-d H:i:s'); $member->first_name = $firstName; $member->last_name = $lastName; $member->email = $email; $member->type = 'Advertiser'; $member->password = $this->security->hash($password); if ($member->create()) { $activationToken = substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'), 0, 50); $emailConfimation = new EmailConfirmations(); $emailConfimation->created = date('Y-m-d H:i:s'); $emailConfimation->modified = date('Y-m-d H:i:s'); $emailConfimation->user_id = $member->id; $emailConfimation->email = $email; $emailConfimation->token = $activationToken; $emailConfimation->confirmed = 'N'; if ($emailConfimation->save()) { $this->getDI()->getMail()->send(array($email => $firstName . ' ' . $lastName), 'Please confirm your email', 'confirmation', array('confirmUrl' => 'advertiser/emailConfimation/' . $member->id . '/' . $email . '/' . $activationToken)); } $this->flash->success('<button type="button" class="close" data-dismiss="alert">×</button>You\'ve successfully created a MyBarangay account. We sent a confirmation email to ' . $email . '.'); } else { //print_r($user->getMessages()); $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Registration failed. Please try again.'); } return $this->response->redirect(); } }
/** * Login user * @return \Phalcon\Http\ResponseInterface */ public function loginAction() { if ($this->request->isPost()) { // if($this->security->checkToken() == false){ // $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Invalid CSRF Token'); // return $this->response->redirect('login'); // } $this->view->disable(); $email = $this->request->getPost('email'); // $_POST $password = $this->request->getPost('password'); if (empty($email) || empty($password)) { $this->flash->warning('<button type="button" class="close" data-dismiss="alert">×</button>All fields required'); return $this->response->redirect(''); } $member = Members::findFirstByEmail($email); if ($member == true && $this->security->checkHash($password, $member->password)) { $emaiConfirmed = EmailConfirmations::findFirst(array('columns' => '*', 'conditions' => 'user_id = ?1 AND email=?2 AND confirmed = ?3', 'bind' => array(1 => $member->id, 2 => $email, 3 => 'Y'))); if (!$emaiConfirmed) { $this->flash->warning('<button type="button" class="close" data-dismiss="alert">×</button>You\'re email is not yet confirmed.'); return $this->response->redirect(''); } $userSession = get_object_vars($member); //$userSession['type'] = 'Member'; $profilePic = MemberPhotos::findFirst(array('member_id="' . $userSession['id'] . '"', 'primary_pic="Yes"')); $userSession['primary_pic'] = $profilePic->file_path . $profilePic->filename; $this->session->set('userSession', $userSession); //member id $cookie_name = "mid"; $cookie_value = $userSession['id']; $date_of_expiry = time() + 60 * 60 * 24 * 90; setcookie($cookie_name, $this->encrypt($cookie_value), $date_of_expiry, "/"); //email $cookie_name = "e"; $cookie_value = $userSession['email']; setcookie($cookie_name, $this->encrypt($cookie_value), $date_of_expiry, "/"); //cookie token $cookie_name = "token"; $cookie_token = substr(md5(uniqid(rand(), true)), 0, 20); setcookie($cookie_name, $this->encrypt($cookie_token), $date_of_expiry, "/"); $member->modified = date('Y-m-d H:i:s'); $member->cookie_token = $this->security->hash($cookie_token); if ($member->update()) { $this->flash->success('<button type="button" class="close" data-dismiss="alert">×</button>You are now logged in.'); $this->response->redirect('biz/page/' . $userSession['id']); } } else { $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Incorrect username or password.'); $this->response->redirect(''); } } }
public function forgotPasswordAction() { if ($this->request->isPost()) { if ($member = Members::findFirstByEmail($this->request->getPost('email'))) { $activationToken = substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'), 0, 50); $resetPassword = ResetPasswords::findFirstByEmail($this->request->getPost('email')); if (!$resetPassword) { $resetPassword = new ResetPasswords(); $resetPassword->created = date('Y-m-d H:i:s'); $resetPassword->user_id = $member->id; $resetPassword->email = $member->email; } $resetPassword->modified = date('Y-m-d H:i:s'); $resetPassword->token = $activationToken; $resetPassword->used = 'N'; if ($resetPassword->save()) { $this->getDI()->getMail()->send(array($member->email => $member->first_name . ' ' . $member->last_name), 'MyBarangay password assistance', 'reset_password', array('resetUrl' => 'member/resetPassword/' . $member->id . '/' . $member->email . '/' . $activationToken)); $this->flash->notice('<button type="button" class="close" data-dismiss="alert">×</button>We send a special reset password link to your inbox.'); } } else { $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Email is not registered. Please try again.'); } } return $this->response->redirect(); }