public function executePasswordReset(sfWebRequest $request) { $token = ''; if ($request->getParameter('t')) { $token = $request->getParameter('t'); } else { $param = $request->getParameter('passwordReset'); $token = $param['t']; } $token = trim($token); // if the user is authenticated, they shouldn't get here PcUtils::redirectLoggedInUser($this->getUser(), $this); // Check the token is valid $c = new Criteria(); $c->add(PcPasswordResetTokenPeer::TOKEN, $token, Criteria::EQUAL); $entry = PcPasswordResetTokenPeer::doSelectOne($c); if (!is_object($entry)) { // the token is not valid PcWatchdog::alert('Invalid Password Reset Token', 'This is the token ' . $token); $this->forward('customAuth', 'passwordResetInvalidToken'); } $this->form = new PasswordResetForm(array('t' => $token)); if ($request->isMethod('post')) { $this->form->bind($request->getParameter('passwordReset')); if ($this->form->isValid()) { $fields = $request->getParameter('passwordReset'); $user = CustomAuth::resetPassword($token, $fields['password1']); $this->redirect('/' . sfConfig::get('app_accountApp_frontController')); } } }