public function resetpasswordAction($unique) { if ($this->request->isPost()) { $this->logger->log("Is Post"); $uniq = $this->request->getPost("uniq"); $url = Tmprecoverpassword::findFirst(array('conditions' => 'idTmprecoverpassword = ?1', 'bind' => array(1 => $unique))); $time = strtotime("-30 minutes"); if ($url && $url->date >= $time) { $pass = $this->request->getPost("pass"); $pass2 = $this->request->getPost("pass2"); $pass = trim($pass); $pass2 = trim($pass2); if (empty($pass) || empty($pass2)) { $this->flashSession->error("Ha enviado campos vacíos, por favor verifique la información"); return $this->response->redirect("session/resetpassword/{$uniq}"); } else { if (strlen($pass) < 8 || strlen($pass) > 40) { $this->flashSession->error("La contraseña es muy corta o muy larga, esta debe tener mínimo 8 y máximo 40 caracteres, por favor verifique la información"); return $this->response->redirect("session/resetpassword/{$uniq}"); } else { if ($pass != $pass2) { $this->flashSession->error("Las contraseñas no coinciden, por favor verifique la información"); return $this->response->redirect("session/resetpassword/{$uniq}"); } else { $idUser = $this->session->get('idUser'); $user = User::findFirst(array('conditions' => 'idUser = ?1', 'bind' => array(1 => $idUser))); if ($user) { $user->password = $this->hash->hash($pass); if (!$user->save()) { $this->flashSession->notice('Ha ocurrido un error, contacte con el administrador'); foreach ($user->getMessages() as $msg) { $this->logger->log("Error while recovering user password {$msg}"); $this->logger->log("User {$user->idUser}/{$user->username}"); $this->flashSession->error('Ha ocurrido un error contacte al administrador'); } } else { $idUser = $this->session->remove('idUser'); $url->delete(); $this->flashSession->success('Se ha restaurado la contraseña exitosamente'); return $this->response->redirect('session/login'); } } else { return $this->response->redirect('error/link'); } } } } } else { return $this->response->redirect('error/link'); } } $url = Tmprecoverpassword::findFirst(array('conditions' => 'idTmprecoverpassword = ?1', 'bind' => array(1 => $unique))); $time = strtotime("-30 minutes"); if ($url && ($url->date <= $time || $url->date >= $time)) { $this->session->set('idUser', $url->idUser); $this->view->setVar('uniq', $unique); } else { // $this->traceFail("Reset pass failed because the link is invalid, do not exists or is expired id: {$unique}"); return $this->response->redirect('error/link'); } }
public function setnewpasswordAction() { if ($this->request->isPost()) { $uniq = $this->request->getPost("uniq"); $url = Tmprecoverpassword::findFirst(array('conditions' => 'idTmprecoverpassword = ?1', 'bind' => array(1 => $uniq))); $time = strtotime("-30 minutes"); if (!$url && $url->date <= $time) { $this->flashSession->success('El tiempo para recuperar su contraseña, ha caducado, por favor haga el proceso desde cero'); return $this->response->redirect('session/login'); } $password1 = $this->request->getPost("password1"); $password2 = $this->request->getPost("password2"); if (empty($password1) || empty($password2)) { $this->flashSession->error("No has enviado las contraseñas"); return $this->response->redirect('session/resetpassword/' . $uniq); } if (strlen($password1) < 8 || strlen($password2) > 40) { $this->flashSession->error("La contraseña es muy corta o muy larga, esta debe tener mínimo 8 y máximo 40 caracteres, por favor verifique la información"); return $this->response->redirect('session/resetpassword/' . $uniq); } if ($password1 !== $password2) { $this->flashSession->error("Las contraseñas no coinciden, por favor verifique la información"); return $this->response->redirect('session/resetpassword/' . $uniq); } $idUser = $this->session->get('idUser'); $credential = Credential::findFirst(array('conditions' => 'idUser = ?1', 'bind' => array(1 => $idUser))); if (!$credential) { $this->flashSession->error("No existe el usuario, por favor valida la información"); return $this->response->redirect('session/login'); } $credential->password = $this->hash->hash($password1); if (!$credential->save()) { $this->flashSession->notice('Ha ocurrido un error, contacte con el administrador'); foreach ($user->getMessages() as $msg) { $this->logger->log('Error while recovering user password' . $msg); } } $this->flashSession->notice('Se ha actualizado el usuario exitosamente'); return $this->response->redirect('session/login'); } }