/** * Creates a form in order to change the password - if the authcode is valid * * @return string */ protected function actionPwdReset() { $strReturn = ""; if (!validateSystemid($this->getParam("systemid"))) { return $this->getLang("login_change_error", "user"); } $objUser = new class_module_user_user($this->getParam("systemid")); if ($objUser->getStrAuthcode() != "" && $this->getParam("authcode") == $objUser->getStrAuthcode() && $objUser->getStrUsername() != "") { if ($this->getParam("reset") == "") { //Loading a small form to change the password $strTemplateID = $this->objTemplate->readTemplate("/elements.tpl", "login_form"); $arrTemplate = array(); $strForm = ""; $strForm .= $this->objToolkit->getTextRow($this->getLang("login_password_form_intro", "user")); $strForm .= $this->objToolkit->formHeader(class_link::getLinkAdminHref($this->getArrModule("modul"), "pwdReset")); $strForm .= $this->objToolkit->formInputText("username", $this->getLang("login_loginUser", "user"), "", "inputTextShort"); $strForm .= $this->objToolkit->formInputPassword("password1", $this->getLang("login_loginPass", "user"), "", "inputTextShort"); $strForm .= $this->objToolkit->formInputPassword("password2", $this->getLang("login_loginPass2", "user"), "", "inputTextShort"); $strForm .= $this->objToolkit->formInputSubmit($this->getLang("login_changeButton", "user"), "", "", "inputSubmitShort"); $strForm .= $this->objToolkit->formInputHidden("reset", "reset"); $strForm .= $this->objToolkit->formInputHidden("authcode", $this->getParam("authcode")); $strForm .= $this->objToolkit->formInputHidden("systemid", $this->getParam("systemid")); $strForm .= $this->objToolkit->formClose(); $arrTemplate["form"] = $strForm; $arrTemplate["loginTitle"] = $this->getLang("login_loginTitle", "user"); $arrTemplate["loginJsInfo"] = $this->getLang("login_loginJsInfo", "user"); $arrTemplate["loginCookiesInfo"] = $this->getLang("login_loginCookiesInfo", "user"); //An error occurred? if ($this->getParam("loginerror") == 1) { $arrTemplate["error"] = $this->getLang("login_loginError", "user"); } $strReturn = $this->objTemplate->fillTemplate($arrTemplate, $strTemplateID); } else { //check the submitted passwords. $strPass1 = trim($this->getParam("password1")); $strPass2 = trim($this->getParam("password2")); if ($strPass1 == $strPass2 && checkText($strPass1, 3, 200) && $objUser->getStrUsername() == $this->getParam("username")) { if ($objUser->getObjSourceUser()->isPasswordResettable() && method_exists($objUser->getObjSourceUser(), "setStrPass")) { $objUser->getObjSourceUser()->setStrPass($strPass1); $objUser->getObjSourceUser()->updateObjectToDb(); } $objUser->setStrAuthcode(""); $objUser->updateObjectToDb(); class_logger::getInstance()->addLogRow("changed password of user " . $objUser->getStrUsername(), class_logger::$levelInfo); $strReturn .= $this->getLang("login_change_success", "user"); } else { $strReturn .= $this->getLang("login_change_error", "user"); } } } else { $strReturn .= $this->getLang("login_change_error", "user"); } return $strReturn; }
/** * Completes the registration process of a new user by activating the account * * @return string */ private function completeRegistration() { $strReturn = ""; if ($this->getSystemid() != "") { $objUser = new class_module_user_user($this->getParam("systemid")); if ($objUser->getStrEmail() != "") { if ($objUser->getIntActive() == 0 && $objUser->getIntLogins() == 0 && $objUser->getStrAuthcode() == $this->getParam("authcode") && $objUser->getStrAuthcode() != "") { $objUser->setIntActive(1); $objUser->setStrAuthcode(""); if ($objUser->updateObjectToDb()) { $strReturn .= $this->getLang("pr_completionSuccess"); if ($this->arrElementData["portalregistration_success"] != "") { $this->portalReload(class_link::getLinkPortalHref($this->arrElementData["portalregistration_success"])); } } } else { $strReturn .= $this->getLang("pr_completionErrorStatus"); } } else { $strReturn .= $this->getLang("pr_completionErrorStatus"); } } return $strReturn; }
/** * Creates a form to enter the new password of the account to reset. * * @return string */ private function newPwdForm() { $strReturn = ""; if ($this->getParam("reset") != "" && getPost("reset") != "") { //try to load the user $objUser = new class_module_user_user($this->getParam("systemid")); if ($objUser->getStrAuthcode() != "" && $objUser->getStrAuthcode() == $this->getParam("authcode") && $objUser->getStrUsername() != "") { //check the submitted passwords. $strPass1 = trim($this->getParam("portallogin_password1")); $strPass2 = trim($this->getParam("portallogin_password2")); $objValidator = new class_text_validator(); if ($strPass1 == $strPass2 && $objValidator->validate($strPass1)) { if ($objUser->getObjSourceUser()->isPasswordResettable() && method_exists($objUser->getObjSourceUser(), "setStrPass")) { $objUser->getObjSourceUser()->setStrPass($strPass1); $objUser->getObjSourceUser()->updateObjectToDb(); } $objUser->setStrAuthcode(""); $objUser->updateObjectToDb(); class_logger::getInstance(class_logger::USERSOURCES)->addLogRow("changed password of user " . $objUser->getStrUsername(), class_logger::$levelInfo); $strReturn .= $this->getLang("resetSuccess"); } else { $strReturn .= $this->getLang("resetError"); } } else { $strReturn .= $this->getLang("resetError"); } } else { $strTemplateID = $this->objTemplate->readTemplate("/element_portallogin/" . $this->arrElementData["portallogin_template"], "portallogin_newpwdform"); $arrTemplate = array(); //check sysid & authcode $objUser = new class_module_user_user($this->getParam("systemid")); if ($objUser->getStrAuthcode() != "" && $objUser->getStrAuthcode() == $this->getParam("authcode")) { $arrTemplate["portallogin_action"] = "portalResetPwd"; $arrTemplate["portallogin_systemid"] = $this->getParam("systemid"); $arrTemplate["portallogin_authcode"] = $this->getParam("authcode"); $arrTemplate["portallogin_resetHint"] = "portalLoginReset"; $arrTemplate["portallogin_elsystemid"] = $this->arrElementData["content_id"]; $arrTemplate["action"] = class_link::getLinkPortalHref($this->getPagename()); $strReturn .= $this->fillTemplate($arrTemplate, $strTemplateID); } else { $strReturn .= "Permission Error"; } } return $strReturn; }