public function POST()
{
$policy = new Policy_LoggedIn($this->app);
$policy->ensure();
$userid = $policy->getData();
$mapper = new Mapper_User();
$user = $mapper->getUserById($userid);
$app = Config::get('app');
$request = $this->app->request();
$email = trim($request->post('email'));
if (!$email) {
$this->error("Email is a required field.");
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$this->error("Invalid email format.");
}
$possibleUser = $mapper->getUserByEmail($email);
if ($possibleUser && $possibleUser['id'] != $userid) {
$this->error("A user with that email address already exists.");
}
$oldPassword = trim($request->post('old_password'));
$newPassword = trim($request->post('new_password'));
if ($oldPassword && !$newPassword || !$oldPassword && $newPassword) {
$this->error("You must enter both your old and your new passwords.");
} else {
if ($oldPassword && $newPassword) {
if ($user['password_hash'] != Mapper_User::generateHash($oldPassword)) {
$this->error("Old password is incorrect.");
}
if (strlen($newPassword) < 5 || strlen($newPassword) > 15) {
$this->error("New password must be between 5 and 15 characters.");
}
if (!ctype_alnum($newPassword)) {
$this->error("Invalid password. Only letters and numbers are allowed.");
}
$mapper->updatePasswordForUser($userid, $newPassword);
}
}
$mapper->updateEmailForUser($userid, $email);
$this->success();
}
public function POST()
{
$policy = new Policy_LoggedIn($this->app);
$policy->ensure();
$userid = $policy->getData();
$request = $this->app->request();
$tempPassword = $request->post('password');
$user_mapper = new Mapper_User();
$user = $user_mapper->getUserById($userid);
if ($user['password_hash'] != Mapper_User::generateHash($tempPassword)) {
$this->error("The password you entered was invalid.");
} else {
// Delete settings
$settings_mapper = new Mapper_Settings();
$settings_mapper->deleteAllSettingsForUser($userid);
// Delete weights
$weight_mapper = new Mapper_Weight();
$weight_mapper->deleteAllWeightsForUser($userid);
// Delete user last
$user_mapper->deleteUserById($userid);
$this->success();
}
}
public function POST()
{
$policy = new Policy_LoggedOut($this->app);
$policy->ensure();
$request = $this->app->request();
$username = trim($request->post('username'));
$password = trim($request->post('password'));
if ($username == "" || $password == "") {
$this->error("Both fields are required.");
}
$user_mapper = new Mapper_User();
$user = $user_mapper->getUserByUsername($username);
if (!$user) {
$user = $user_mapper->getUserByEmail($username);
if (!$user) {
$this->error("Invalid user name or password.");
}
}
$hash = Mapper_User::generateHash($password);
if ($user['password_hash'] !== $hash) {
$this->error("Invalid user name or password.");
}
$this->success($user['id']);
}
