protected function installUserStatus()
{
try {
$status = new UsersStatus();
$status->name = Auth::STATUS_ACTIVE;
$status->save();
$status = new UsersStatus();
$status->name = Auth::STATUS_LOCKED;
$status->save();
$status = new UsersStatus();
$status->name = Auth::STATUS_BANNED;
$status->save();
$status = new UsersStatus();
$status->name = Auth::STATUS_SUSPENDED;
$status->save();
$status = new UsersStatus();
$status->name = Auth::STATUS_HACKED;
$status->save();
} catch (\Exception $e) {
$this->flash->error($e->getMessage());
}
}
public function registerAction()
{
if ($this->request->isPost()) {
if ($this->token->check()) {
$email = $this->filter->sanitize($this->request->getPost('email'), 'email');
$user = Users::findFirstByEmail($email);
if ($user) {
$this->flash->error(_('Esiste già un utente registrato con questa email'));
return $this->forward('users', 'add');
}
$password = $this->request->getPost('password');
$name = $this->request->getPost('name');
$role = $this->request->getPost('role');
$code = $this->request->getPost('code');
$surname = $this->request->getPost('surname');
$address = $this->request->getPost('address');
$phone = $this->request->getPost('phone');
//
$user = new Users();
$user->email = $email;
$user->password = $this->security->hash($this->auth->passwordHash($password));
$user->users_status_id = UsersStatus::findFirstByName('active')->id;
$user->acl_roles_name = $role;
$user->details = new UsersDetails();
$user->details->name = $name;
$user->details->surname = $surname;
$user->details->address = $address;
$user->details->phone = $phone;
$user->details->code = $code;
if ($user->save() == false) {
foreach ($user->getMessages() as $message) {
$this->flash->error($message);
}
} else {
$this->flash->success(_('Utente aggiunto !'));
}
return $this->forward('users', 'add');
}
} else {
$this->flash->warning(_('Usa il form per registrare un nuovo utente'));
return $this->forward('users', 'add');
}
}
public function resetPassword($publicKey, $token, $newPassword)
{
$forgot = UsersForgotPassword::findFirstByToken(rawurldecode($token));
if ($forgot == false) {
throw new Auth\Exception(null, 400);
}
$privateKey = Crypto::decrypt(rawurldecode($token), rawurldecode($publicKey));
if ($forgot->private_key != $privateKey) {
$this->userThrottling($forgot->user->id);
$hacked = UsersStatus::findFirstByName(self::STATUS_HACKED);
$forgot->user->status_id = $hacked->id;
$forgot->save();
$forgot->delete();
throw new Auth\Exception(null, 600);
}
$active = UsersStatus::findFirstByName(self::STATUS_ACTIVE);
$forgot->user->status_id = $active->id;
$forgot->user->password = $this->security->hash($this->passwordHash($newPassword));
if ($forgot->save() != false && $forgot->delete() != false) {
$this->flash->success('The new password is stored !');
} else {
foreach ($forgot->getMessages() as $message) {
$this->flash->error($message);
}
}
}