protected function _setActive($item = null)
{
if (empty($item)) {
$item = $this->getItem();
}
$uri = new Digitalus_Uri();
$uriString = strtolower($uri->toString());
if (strtolower(Digitalus_Toolbox_Page::getCurrentPageName()) == strtolower($item->name) || empty($uriString) && strtolower(Digitalus_Toolbox_Page::getHomePageName($item)) == strtolower(Digitalus_Toolbox_Page::getUrl($item))) {
$active = true;
} else {
$active = false;
}
$this->setActive($active);
}
/**
* Creates a challenge Url
*
* @return string Challenge Url
*/
protected function _createChallengeUrl($action = 'challenge')
{
if (empty($this->_challengeUrl) || '' == $this->_challengeUrl) {
$this->_challengeUrl = urlencode('http://' . $_SERVER['HTTP_HOST'] . $this->view->getBaseUrl() . '/' . Digitalus_Toolbox_Page::getCurrentPageName() . '/p' . '/a/' . strtolower($action) . '/u/' . $this->_userName . '/c/' . $this->getChallengeId());
}
return $this->_challengeUrl;
}
/**
* The public challenge action for getting a new password
*
* @return void
*/
public function changepasswordAction()
{
$uri = new Digitalus_Uri();
$uriParams = $uri->getParams();
if (!isset($uriParams['u']) || !isset($uriParams['c'])) {
$this->_error;
} else {
$userName = $uriParams['u'];
$challengeId = $uriParams['c'];
$mdlChallenge = new Login_Challenge();
if (!$mdlChallenge->isValid($challengeId, $userName)) {
$this->_error = $this->view->getTranslation('Error: No valid challenge was found. Please try again!');
} else {
$changePasswordForm = new User_Form();
$uri = $this->baseUrl . '/' . Digitalus_Toolbox_Page::getCurrentPageName() . '/p/a/changepassword/u/' . $userName . '/c/' . $challengeId;
$changePasswordForm->setAction($uri);
$changePasswordForm->getElement('name')->addValidators(array(array('UsernameExists', true)));
$changePasswordForm->onlyChangepasswordActionElements(array('legend' => 'Change Password'));
if ($this->_request->isPost() && $changePasswordForm->isValid($_POST)) {
$password = Digitalus_Filter_Post::get('password');
$passwordConfirm = Digitalus_Filter_Post::get('password_confirm');
$mdlUser = new Model_User();
if (!$mdlUser->updatePassword($userName, $password, true, $passwordConfirm)) {
$this->_error = $this->view->getTranslation("Error: Your password hasn't been updated!");
} else {
$mdlChallenge->invalidate($challengeId);
$this->_message = $this->view->getTranslation('Your password has been updated successfully!');
}
} else {
$this->_message = $this->view->getTranslation('Please type in Your user name and Your new password.');
$this->view->form = $changePasswordForm;
}
}
}
$this->view->error = $this->_error;
$this->view->message = $this->_message;
}
/**
* validate the current user's request
*
* @param Zend_Controller_Request_Abstract $request
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$this->_identity = Digitalus_Auth::getIdentity();
$this->_acl = new Digitalus_Acl();
$role = Model_Group::GUEST_ROLE;
if (!empty($this->_identity)) {
$role = $this->_identity->role;
}
$module = $request->module;
$controller = $request->controller;
$action = $request->action;
if ($module != 'public' && $controller != 'public') {
//go from more specific to less specific
$moduleLevel = $module;
$controllerLevel = $moduleLevel . '_' . $controller;
$actionLevel = $controllerLevel . '_' . $action;
if ($this->_acl->has($actionLevel)) {
$resource = $actionLevel;
} else {
if ($this->_acl->has($controllerLevel)) {
$resource = $controllerLevel;
} else {
$resource = $moduleLevel;
}
}
if ($this->_acl->has($resource) && !$this->_acl->isAllowed($role, $resource)) {
if (!$this->_identity || Model_Group::GUEST_ROLE == $role) {
$request->setModuleName($this->_noAuth['admin']['module']);
$request->setControllerName($this->_noAuth['admin']['controller']);
$request->setActionName($this->_noAuth['admin']['action']);
$request->setParam('authPage', 'login');
} else {
$request->setModuleName($this->_noAcl['admin']['module']);
$request->setControllerName($this->_noAcl['admin']['controller']);
$request->setActionName($this->_noAcl['admin']['action']);
$request->setParam('authPage', 'noauth');
}
}
} else {
$resource = Digitalus_Toolbox_Page::getCurrentPageName();
// write pageName to registry when coming from a page
if ('index' == $controller && 'index' == $action) {
Zend_Registry::set('Digitalus_Page_Name', $resource);
}
$resource = strtolower(Digitalus_Toolbox_String::replaceUnderscore($resource));
// only check Acl if page is NOT homepage
if (!empty($resource) && '' != $resource && Digitalus_Toolbox_Page::getHomePageName() != $resource) {
if ($this->_acl->has($resource) && !$this->_acl->isAllowed($role, $resource)) {
if (!$this->_identity || Model_Group::GUEST_ROLE != $role) {
$request->setModuleName($this->_noAcl['public']['module']);
$request->setControllerName($this->_noAcl['public']['controller']);
$request->setActionName($this->_noAcl['public']['action']);
$request->setParam('authPage', 'login');
} else {
$request->setModuleName($this->_noAcl['public']['module']);
$request->setControllerName($this->_noAcl['public']['controller']);
$request->setActionName($this->_noAcl['public']['action']);
$request->setParam('authPage', 'noauth');
}
}
}
}
}
