protected function lostPasswordFormValidated($loginMail, $urlToRedirect) { Piwik::setUserIsSuperUser(); $user = null; $isSuperUser = false; if ($loginMail == Zend_Registry::get('config')->superuser->email || $loginMail == Zend_Registry::get('config')->superuser->login) { $isSuperUser = true; $user = array('login' => Zend_Registry::get('config')->superuser->login, 'email' => Zend_Registry::get('config')->superuser->email); } else { if (Piwik_UsersManager_API::userExists($loginMail)) { $user = Piwik_UsersManager_API::getUser($loginMail); } else { if (Piwik_UsersManager_API::userEmailExists($loginMail)) { $user = Piwik_UsersManager_API::getUserByEmail($loginMail); } } } if ($user === null) { $messageNoAccess = Piwik_Translate('Login_InvalidUsernameEmail'); } else { $view = new Piwik_View('Login/templates/passwordsent.tpl'); $login = $user['login']; $email = $user['email']; $randomPassword = Piwik_Common::getRandomString(8); if ($isSuperUser) { $user['password'] = md5($randomPassword); Zend_Registry::get('config')->superuser = $user; } else { Piwik_UsersManager_API::updateUser($login, $randomPassword); } // send email with new password try { $mail = new Piwik_Mail(); $mail->addTo($email, $login); $mail->setSubject(Piwik_Translate('Login_MailTopicPasswordRecovery')); $mail->setBodyText(str_replace('\\n', "\n", sprintf(Piwik_Translate('Login_MailPasswordRecoveryBody'), $login, $randomPassword, Piwik_Url::getCurrentUrlWithoutQueryString()))); $piwikHost = $_SERVER['HTTP_HOST']; if (strlen($piwikHost) == 0) { $piwikHost = 'piwik.org'; } $fromEmailName = Zend_Registry::get('config')->General->login_password_recovery_email_name; $fromEmailAddress = Zend_Registry::get('config')->General->login_password_recovery_email_address; $fromEmailAddress = str_replace('{DOMAIN}', $piwikHost, $fromEmailAddress); $mail->setFrom($fromEmailAddress, $fromEmailName); @$mail->send(); } catch (Exception $e) { $view->ErrorString = $e->getMessage(); } $view->linkTitle = Piwik::getRandomTitle(); $view->urlToRedirect = $urlToRedirect; echo $view->render(); } }
/** * normal case, reused in other tests */ function test_updateUser() { $login = "******"; $user = array('login' => $login, 'password' => "geqgeagae", 'email' => "*****@*****.**", 'alias' => "alias"); Piwik_UsersManager_API::addUser($user['login'], $user['password'], $user['email'], $user['alias']); Piwik_UsersManager_API::updateUser($login, "passowordOK", "*****@*****.**", "NEW ALIAS"); $this->_checkUserHasNotChanged($user, "passowordOK", "*****@*****.**", "NEW ALIAS"); }
/** * Validate password reset request. If successful, set new password and redirect. * * @param string $loginMail (user name or email address) * @param string $token (password reset token) * @param array of string $newPassword (new password) * @param string $urlToRedirect (URL to redirect to, if successfully validated) * @return string (failure message) */ protected function resetPasswordFormValidated($loginMail, $token, $password, $urlToRedirect) { $user = self::getUserInformation($loginMail); if ($user === null) { return Piwik_Translate('Login_InvalidUsernameEmail'); } if (!self::isValidToken($token, $user)) { return Piwik_Translate('Login_InvalidOrExpiredToken'); } try { if ($user['email'] == Zend_Registry::get('config')->superuser->email) { $user['password'] = md5($password); Zend_Registry::get('config')->superuser = $user; } else { Piwik_UsersManager_API::updateUser($login, $password); } } catch (Exception $e) { $view->ErrorString = $e->getMessage(); } $view = Piwik_View::factory('passwordchanged'); $view->linkTitle = Piwik::getRandomTitle(); $view->urlToRedirect = $urlToRedirect; echo $view->render(); exit; }