public function render()
{
$page = 'login';
$app = Config::get('app');
$policy = new Policy_LoggedOut($this->app);
$logged_in = $policy->getData();
$app->menu_items = Helper_Menu::processMenuItems($app->menu_items, $page, $logged_in);
return array('app' => $app, 'breadcrumb' => 'Log in', 'error' => Helper_Message::getError(), 'username' => Helper_Message::getField('username'));
}
public function POST()
{
$policy = new Policy_LoggedOut($this->app);
$policy->ensure();
$request = $this->app->request();
$username = trim($request->post('username'));
$password = trim($request->post('password'));
$email = trim($request->post('email'));
if ($username == "" || $password == "" || $email == "") {
$this->error("All fields are required.");
}
if (strlen($username) < 5 || strlen($username) > 15) {
$this->error("User name must be between 5 and 15 characters.");
}
if (strlen($password) < 5 || strlen($password) > 15) {
$this->error("Password must be between 5 and 15 characters.");
}
if (!ctype_alnum($username)) {
$this->error("Invalid user name. Only letters and numbers are allowed.");
}
$firstChar = substr($username, 0, 1);
if (!ctype_alpha($firstChar)) {
$this->error("User name must start with a letter.");
}
if (!ctype_alnum($password)) {
$this->error("Invalid password. Only letters and numbers are allowed.");
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$this->error("Invalid email format.");
}
$user_mapper = new Mapper_User();
$possibleUser = $user_mapper->getUserByUsername($username);
if ($possibleUser) {
$this->error("That user name already exists.");
}
$possibleUser2 = $user_mapper->getUserByEmail($email);
if ($possibleUser2) {
$this->error("A user with that email address already exists.");
}
$user_mapper->createUser($username, $password, $email);
$user = $user_mapper->getUserByUsername($username);
$this->success($user['id']);
}
public function POST()
{
$policy = new Policy_LoggedOut($this->app);
$policy->ensure();
$app = Config::get('app');
$request = $this->app->request();
$email = trim($request->post('email'));
if (!$email) {
$this->error("Email address is a required field.");
}
$user_mapper = new Mapper_User();
$user = $user_mapper->getUserByEmail($email);
if (!$user) {
$this->error("No user with that email address exists.");
}
$newPass = substr(md5(mt_rand() . microtime(true)), 0, 10);
$subject = "Your {$app->name} password has been reset";
$body = "Hey {$user['username']},<br /><br />" . "Your password has successfuly been reset.<br />" . 'It is now: "' . $newPass . '".' . "<br />" . 'You should <a href="http://www.trackly.me/account">log in</a>, and change it.' . "<br /><br />" . "Thanks,<br />" . "{$app->name}";
$this->email($email, $subject, $body);
$user_mapper->updatePasswordForUser($user['id'], $newPass);
$this->success();
}
public function POST()
{
$policy = new Policy_LoggedOut($this->app);
$policy->ensure();
$request = $this->app->request();
$username = trim($request->post('username'));
$password = trim($request->post('password'));
if ($username == "" || $password == "") {
$this->error("Both fields are required.");
}
$user_mapper = new Mapper_User();
$user = $user_mapper->getUserByUsername($username);
if (!$user) {
$user = $user_mapper->getUserByEmail($username);
if (!$user) {
$this->error("Invalid user name or password.");
}
}
$hash = Mapper_User::generateHash($password);
if ($user['password_hash'] !== $hash) {
$this->error("Invalid user name or password.");
}
$this->success($user['id']);
}