public static function changePassword($arguments)
{
$hardCode = array("old_password", "new_password");
$parts = GenericInput::stripInput($arguments[0], $hardCode);
$email = $parts[0];
$ProfileDB = ProfilesDB::getProfileBy('email', $parts[0]);
if (!is_null($ProfileDB)) {
if ($ProfileDB->getTimeOfTemp() == 0) {
// print_r($parts[0]."<br>".$parts[1]."<br>".$parts[2]."<br>");
if (strcmp($ProfileDB->getPassword(), $parts[1]) == 0) {
$ProfileDB->setPassword($parts[2]);
ProfilesDB::editProfile($ProfileDB);
self::outputMessage(self::CODE_SUCCESS, 'Password Set', 'Password is Set');
} else {
self::outputMessage(self::CODE_BAD_REQUEST, 'Incorrect email/password', 'Passwrod or Email was incorrect. ');
}
} else {
if ($ProfileDB->getTimeOfTemp() > time()) {
//print_r(time().'***'.$ProfileDB->getTimeOfTemp());
if (strcmp($ProfileDB->getTemp(), $parts[1]) == 0) {
$old = new Profile($ProfileDB->getParameters());
$ProfileDB->setPassword($parts[2]);
$ProfileDB->setTimeOfTemp(0);
//print_r($ProfileDB->__toString());
ProfilesDB::editProfile($ProfileDB);
self::outputMessage(self::CODE_SUCCESS, 'Password Set', 'Password is Set');
} else {
self::outputMessage(self::CODE_BAD_REQUEST, 'Incorrect email/password', 'Passwrod or Email was Incorrect. ');
}
} else {
// print_r(time().'***'.$ProfileDB->getTimeOfTemp());
AccountsDB::deleteAccountsBy('profileID', $ProfileDB->getProfileID());
ProfilesDB::deleteProfileBy('email', $parts[0]);
self::outputMessage(self::CAUSE_TIME_OUT, 'Password timed out', "Account Exceeded Temporary Password Time. Please Create the Account again.");
}
}
} else {
self::outputMessage(self::CAUSE_INVALID_ACTION, 'Account not found', 'Invalid Account, Account Not Found');
}
}
private static function changePassword($arguments)
{
//check input make sure correct
if (!array_key_exists(0, $arguments) || !isset($_GET['old_password']) || !isset($_GET['new_password'])) {
self::outputMessage(self::CODE_BAD_REQUEST, 'Missing arguments', 'email,old_password, new_password');
return;
}
$email = $arguments[0];
//grab the profile by email given --First Argument--
$matchingProfile = ProfilesDB::getProfileBy('email', $email);
if (empty($matchingProfile)) {
self::outputMessage(self::CODE_BAD_REQUEST, 'Member not found', 'A member with the specified email does not exist.');
return;
}
//Change the password
if ($matchingProfile->getPassword() == $_GET['old_password']) {
//put the new password in
$matchingProfile->setPassword($_GET['new_password']);
//This is for changing the temporary password
if (!$matchingProfile->getPasswordChanged()) {
if (time() < strtotime($matchingProfile->getDateCreated()) + 900000) {
$matchingProfile->setPasswordChanged(true);
} else {
//The 15 minute expired
self::outputMessage(self::CODE_BAD_REQUEST, 'Profile Expired', 'The Profile already exceeded the 15 minute window to change temporary password.');
ProfilesDB::deleteProfileBy('email', $email);
return;
}
}
//success
Email::sendEmail($email, 3);
ProfilesDB::editProfile($matchingProfile);
self::outputMessage(self::CODE_SUCCESS, 'Password Changed', 'Your password was changed correctly', $matchingProfile);
} else {
self::outputMessage(self::CODE_BAD_REQUEST, 'Authorization failed.', 'Incorrect email or password.');
return;
}
}
