Exemplo n.º 1
0
 private function validate($aUserData, $oUser)
 {
     $oFlash = Flash::getFlash();
     $oFlash->setArrayToCheck($aUserData);
     $oFlash->checkForValue('username', 'username_required');
     $oFlash->checkForValue('first_name', 'first_name_required');
     $oFlash->checkForValue('last_name', 'last_name_required');
     $oFlash->checkForEmail('email', 'valid_email');
     if ($oUser->isNew() || $aUserData['username'] !== $oUser->getUsername()) {
         $oCheckedUser = UserQuery::create()->filterByUsername($aUserData['username'])->findOne();
         if ($oCheckedUser !== null && $oCheckedUser->getId() !== $oUser->getId()) {
             $oFlash->addMessage('username_exists');
         }
     }
     if ($aUserData['force_password_reset']) {
         // Nothing to validate, pass
     } else {
         if ($aUserData['password'] !== '') {
             if ($oUser->isSessionUser() && $oUser->getPassword() != null) {
                 if ($aUserData['old_password'] == '') {
                     $oFlash->addMessage('old_password_required');
                 } else {
                     if (!PasswordHash::comparePassword($aUserData['old_password'], $oUser->getPassword())) {
                         $oFlash->addMessage('old_password_invalid');
                     }
                 }
             }
             if ($aUserData['password'] !== $aUserData['password_confirm']) {
                 $oFlash->addMessage('password_confirm');
             }
             PasswordHash::checkPasswordValidity($aUserData['password'], $oFlash);
         } else {
             if ($oUser->isNew()) {
                 $oFlash->addMessage('password_new');
             }
         }
     }
     $oFlash->finishReporting();
 }
Exemplo n.º 2
0
 public static function loginNewPassword($sReferrer = '')
 {
     $oFlash = Flash::getFlash();
     $oUser = UserQuery::create()->filterByUsername(trim($_REQUEST['recover_username']))->isActive()->findOne();
     if ($oUser === null || md5($oUser->getPasswordRecoverHint()) !== $_REQUEST['recover_hint']) {
         $oFlash->addMessage('login.recovery.invalid');
         return 'login';
     }
     if ($_POST['new_password'] === '') {
         $oFlash->addMessage('login.empty_fields');
     }
     PasswordHash::checkPasswordValidity($_POST['new_password'], $oFlash);
     if ($_POST['new_password'] !== $_POST['new_password_retype']) {
         $oFlash->addMessage('password_confirm');
     }
     $oFlash->finishReporting();
     if (!Flash::noErrors()) {
         return 'password_reset';
     }
     //No errors – set new password, login and redirect
     UserPeer::ignoreRights(true);
     $oUser->setPassword($_POST['new_password']);
     $oUser->setPasswordRecoverHint(null);
     $oUser->save();
     self::login($_POST['recover_username'], $_POST['new_password'], $sReferrer);
     return 'login';
 }