<?php
include 'sc-app.inc';
include APP_CLASS_LOADER;
use com\indigloo\sc\util\PseudoId;
if ($argc < 3) {
printf("Usage : {$php} change.php <pseudo_id> <password> \n");
exit;
}
$pseudoId = $argv[1];
$pseudoId = trim($pseudoId);
$password = $argv[2];
$loginId = PseudoId::decode($pseudoId);
//get email lookup on loginId
$userDao = new \com\indigloo\sc\dao\User();
$row = $userDao->getOnLoginId($loginId);
$email = $row["email"];
printf("change for login_id = %s, email = %s \n ", $loginId, $email);
$data = \com\indigloo\auth\User::changePassword("sc_user", $loginId, $email, $password);
$qUrl = base64_decode($fvalues['qUrl']);
if ($fhandler->hasErrors()) {
throw new UIException($fhandler->getErrors());
}
//form token
$session_token = $gWeb->find("change.password.token", true);
if ($fvalues['ftoken'] != $session_token) {
$message = "form token does not match the value stored in session";
throw new UIException(array($message));
}
//decrypt email
$email = $gWeb->find("change.password.email", true);
$email = Util::decrypt($email);
$userDao = new \com\indigloo\sc\dao\User();
//@test with email that can cause issues with encoding!
$userDBRow = $userDao->getOnEmail($email);
//send raw password
$email = strtolower(trim($email));
$password = trim($_POST['password']);
WebglooUser::changePassword('sc_user', $userDBRow['login_id'], $email, $password);
//success
$gWeb->store(Constants::FORM_MESSAGES, array("password changed successfully!"));
header("Location: " . $qUrl);
exit(1);
} catch (UIException $ex) {
$gWeb->store(Constants::STICKY_MAP, $fvalues);
$gWeb->store(Constants::FORM_ERRORS, $ex->getMessages());
header("Location: " . $fUrl);
exit(1);
}
}
