public function loginAction()
{
$form = new Application_Form_Authentication_Login();
$request = $this->getRequest();
// If form was submitted
if ($request->isPost()) {
// If form is valid
if ($form->isValid($request->getPost())) {
// jsFlashMessage and redirect to home page (authentication success)
if ($this->_validLogin($form->getValues())) {
$usersMapper = new Application_Model_Mapper_Users_UsersMapper();
$user = $usersMapper->findByUsername($this->_auth->getIdentity()->username);
$user->lastLogin = date('Y-m-d H:i:s');
$usersMapper->save($user);
$this->addScript('top.location.reload()');
} else {
$this->_helper->flashMessenger(array('error' => 'Incorrect username / password'));
}
} else {
$this->_helper->flashMessenger(array('error' => 'There were problems with your submission, please make sure javascript is enabled, and try again'));
}
}
$this->view->loginForm = $form;
}
public function resetpasswordAction()
{
// IF a form was submitted
if ($this->_request->isPost()) {
// ELSE IF a new password form was subbmitted
if ($this->_request->getParam('password')) {
// get the reset from the database
$reset = new Application_Model_Users_PasswordReset();
$resetMapper = new $reset->_mapperClass();
$email = $this->_request->getParam('email');
$uniqueID = $this->_request->getParam('resetUniqueID');
$options = array('include' => array('userEmail', 'expiration'));
$reset = $resetMapper->findByEmailAndUniqueID($email, $uniqueID, $options);
// check the reset to make sure it exists
if ($reset == null) {
$this->errorAndRedirect('Could not verify your email address, please make sure it is entered correctly', 'resetpassword', null, array('resetUniqueID' => $this->_request->getParam('resetUniqueID')));
}
// check timestamp
if (strtotime($reset->expiration) < time()) {
$this->errorAndRedirect('That password reset has already expired. Please enter your email address to receive a new reset link', 'resetpassword');
}
// get the user from the database
$usersMapper = new Application_Model_Mapper_Users_UsersMapper();
$user = $usersMapper->findByEmail($this->_request->getParam('email'));
if ($user == null) {
throw new Exception('Trying to reset a password for a user that doesn\'t exist');
}
// set the password and save the user
$user->password = $this->_request->getParam('password');
$usersMapper->save($user);
// erase the reset from the database
$resetMapper->delete($reset->resetID);
// send a confirmation email
$mail = new Zend_Mail();
$mail->setBodyHtml('<p>Your password has been changed.</p><p>If you did not authorize this change, please contact us.</p>');
$mail->setFrom('*****@*****.**', 'Dance Rialto');
$mail->addTo($user->email);
$mail->setSubject('Dance Rialto - Password Reset Notice');
$mail->send();
// set the view
$this->view->newPasswordSet = true;
} else {
if ($this->_request->getParam('email')) {
// make sure a user exists with that email
$usersMapper = new Application_Model_Mapper_Users_UsersMapper();
$user = $usersMapper->findByEmail($this->_request->getParam('email'));
if ($user == null) {
$this->errorAndRedirect('We can\' find a user with that email, please make sure you\'ve entered it correctly', 'resetpassword');
}
// create a new entry in the resetPasswordTable
$reset = new Application_Model_Users_PasswordReset();
$reset->userEmail = $this->_request->getParam('email');
$resetMapper = new $reset->_mapperClass();
$resetID = $resetMapper->save($reset);
// get reset password link
$reset = $resetMapper->find($resetID);
$resetLink = SITE_URL . SITE_ROOT . '/register/resetpassword?resetUniqueID=' . $reset->resetUniqueID;
// send an email with the link to reset password
$mail = new Zend_Mail();
$mail->setBodyHtml('<p>please click the link below to reset your password:</p><p>' . $resetLink . '</p>');
$mail->setFrom('*****@*****.**', 'Dance Rialto');
$mail->addTo($this->_request->getParam('email'));
$mail->setSubject('Dance Rialto - Reset Password Request');
$mail->send();
// set the view
$this->view->resetEmail = $this->_request->getParam('email');
$this->view->resetEmailSent = true;
}
}
} else {
if ($this->_request->getParam('resetUniqueID')) {
// get the reset info
$reset = new Application_Model_Users_PasswordReset();
$resetMapper = new $reset->_mapperClass();
$reset = $resetMapper->findByUniqueID($this->_request->getParam('resetUniqueID'));
// make sure the reset exists and is not old
if ($reset == null) {
$this->errorAndRedirect('This password reset has expired. Please enter your email address to receive a new reset link', 'resetpassword');
}
if (strtotime($reset->expiration) < time()) {
$this->errorAndRedirect('That password reset has already expired. Please enter your email address to receive a new reset link', 'resetpassword');
}
// send the reset to the view
$this->view->reset = $reset;
// set the view
$this->view->resetLinkClicked = true;
}
}
}
