/**
* @return ViewModel
* @throws \Exception
*/
public function forgotPasswordAction()
{
$form = new Form\ForgotPasswordForm('forgot-password', ['serviceLocator' => $this->getServiceLocator()]);
if ($this->getRequest()->isPost()) {
$form->setData($this->getRequest()->getPost());
if ($form->isValid()) {
$userService = new Service\User($this->getServiceLocator());
try {
$userService->forgotPassword($form);
$this->flashMessenger()->addSuccessMessage('The confirmation email to reset your password is sent. Please check your email.');
return $this->redirect()->toRoute('home');
} catch (\Exception $exception) {
throw $exception;
}
}
}
return new ViewModel(['form' => $form]);
}
public function forgotPasswordAction()
{
$auth = new AuthenticationService();
if ($auth->hasIdentity()) {
return $this->redirect()->toRoute('home');
}
// process the form
$form = new ForgotPasswordForm();
$request = $this->getRequest();
if ($this->getRequest()->isPost()) {
$form->setData($request->getPost());
if ($form->isValid()) {
$data = $form->getData();
// check if the user exists
$sm = $this->getServiceLocator();
$user_mapper = $sm->get('User\\Model\\UserMapper');
$params = array('where' => 'email = "' . $data['email'] . '"');
$users = $user_mapper->select($params);
if ($users) {
$user = $users[0];
/**
* Generate a random reset key unique to the account. Insert
* it into a link, and email it to the user. If the user
* opens the link within 24 hours, the user can reset the
* password
*/
$password_reset_mapper = $sm->get('User\\Model\\PasswordResetMapper');
$password_reset = new PasswordReset();
$password_reset_key = '';
$duplicate_password_reset_key = true;
while ($duplicate_password_reset_key) {
$random = mcrypt_create_iv(64);
$password_reset_key = hash('sha256', $random . $user->getPassword_salt() . $user->getUsername() . $user->getPassword_hash());
$params = array('where' => 'password_reset_key = "' . $password_reset_key . '"');
$duplicate_password_reset_key = $password_reset_mapper->select($params);
}
$password_reset->setUser_id($user->getId())->setPassword_reset_key($password_reset_key)->setCreated(date('Y-m-d H:i:s'));
$password_reset_mapper->save($password_reset, true);
$to = $user->getEmail();
$subject = 'Password Reset';
$txt = "You have requested to have your password reset.\n <br/>\n <br/>\n To reset your password, follow this <a href='zf1.local/auth/reset-password/password_reset_key/{$password_reset_key}'>link</a>.\n <br/>\n <br/>\n This link will expire after 24 hours.";
$headers = '';
// mail($to, $subject, $txt, $headers);
mail($to, $subject, $txt);
print "An email has been sent to the user. Instructions to reset the user's password are enclosed in the email.";
} else {
print "Invalid email";
}
}
}
return new ViewModel(array('form' => $form));
}