/**
* Constructor to optionally pass in session default options
*
*/
function __construct(array $p_aOptions = array())
{
$this->_defaults = $p_aOptions + $this->_defaults;
$this->_defaults['sessionNamespace'] = $this->_defaults['frameworkSessionNamespace'] . '_' . $this->_defaults['sessionNamespace'];
if (self::$_started === false) {
self::$_started = true;
session_name($this->_defaults['sessionNamespace']);
session_start();
}
if (!array_key_exists($this->_defaults['sessionNamespace'], $_SESSION)) {
$_SESSION[$this->_defaults['sessionNamespace']] = array();
}
}
/**
* This function returns the role number of the user
* @todo Do a lookup for the guest user ID instead of defaulting to 1
* @return integer
*/
function getRoleID()
{
$aUserInfo = PPI_Session::getInstance()->getAuthData();
return $aUserInfo !== false && count($aUserInfo) > 0 ? $aUserInfo['role_id'] : 1;
}
/**
* This function cannot be called directly, it must be extended by a child class and then called.
*
* @return void
*/
protected function recover()
{
// Take in the username field, which could be the username or the email.
// Ship out an email to the user's email address with the activationcode
$oUser = new UserModel();
$oForm = new PPI_Model_Form();
$sTemplate = 'user/recover_step1';
$sFormName = 'user_recover_step1';
$oForm->init('user_recover_step1');
$oForm->setFormStructure($oUser->getRecoverFormStructure());
// We have submitted the email value, now lets dispatch an email to the relevant place.
if ($oForm->isSubmitted() && $oForm->isValidated()) {
// Get form values
$aValues = $oForm->getSubmitValues();
// Which form are we submitting from? Is it the step1, or step2 ?
// We are in step 2
if (PPI_Session::getInstance()->get('recover_user_id') !== null) {
// Lets grab userid from the session and take in the NEW password the user entered.
// Update the users record and fire them off to the login page.
$sPassword = $aValues['password'];
// We are in step 1
} else {
// If the email was valid, and the email was dispatched.
$aUser = $oUser->getRecord('email = ' . $oUser->quote($aValues['email']));
if (count($aUser) > 0) {
if ($oUser->sendRecoverEmail($aUser)) {
$successMessage = 'An email has been dispatched to ' . $aValues['email'] . '. Please remember to check your spam folder.';
$this->redirect('user/recover/successmsg/' . urlencode($successMessage));
// The email was errornous
} else {
$failureMessage = 'We tried to send out a recovery email to your address but there an error.';
$this->redirect('user/recover/failuremsg/' . urlencode($failureMessage));
}
// User record was not round
} else {
$failureMessage = 'That email address was not found in our database, please check your input and try again.';
$this->redirect('user/recover/failuremsg/' . urlencode($failureMessage));
}
}
// See if we have been sent a code
} else {
if ($this->oInput->get('recover') != '') {
// Lookup the user with this code
$aUser = $oUser->getRecord('recover_code = ' . $oUser->quote($this->oInput->get('recover')));
if (count($aUser) > 0) {
$sPrimaryKey = $oUser->getPrimaryKey();
// Wipe the recovery_code
$oUser->putRecord(array('recover_code' => '', $sPrimaryKey => $aUser[$sPrimaryKey]));
// Set the looked up userID in the session so when they submit the "new password" form, we know who they are and can update their password.
PPI_Session::getInstance()->set('recover_user_id', $aUser['id']);
// Show them the enter new password screen
$sTemplate = 'user/recover_step2';
$sFormName = 'user_recover_step2';
}
// Show the user the change password screen now that we know who they are.
// Show the form to get the user to enter their usernameField value
}
}
// Load our view
$this->load($sTemplate, array('failuremsg' => $this->oInput->get('failuremsg'), 'successmsg' => $this->oInput->get('successmsg'), 'formBuilder' => $oForm->getRenderInformation()));
}
