public function change_password($uHash = '')
{
$db = Loader::db();
$h = Loader::helper('validation/identifier');
$e = Loader::helper('validation/error');
$ui = UserInfo::getByValidationHash($uHash);
if (is_object($ui)) {
$hashCreated = $db->GetOne("select uDateGenerated FROM UserValidationHashes where uHash=?", array($uHash));
if ($hashCreated < time() - USER_CHANGE_PASSWORD_URL_LIFETIME) {
$h->deleteKey('UserValidationHashes', 'uHash', $uHash);
throw new Exception(t('Key Expired. Please visit the forgot password page again to have a new key generated.'));
} else {
if (strlen($_POST['uPassword'])) {
$userHelper = Loader::helper('concrete/user');
$userHelper->validNewPassword($_POST['uPassword'], $e);
if (strlen($_POST['uPassword']) && $_POST['uPasswordConfirm'] != $_POST['uPassword']) {
$e->add(t('The two passwords provided do not match.'));
}
if (!$e->has()) {
$ui->changePassword($_POST['uPassword']);
$h->deleteKey('UserValidationHashes', 'uHash', $uHash);
$this->set('passwordChanged', true);
$u = $ui->getUserObject();
if (USER_REGISTRATION_WITH_EMAIL_ADDRESS) {
$_POST['uName'] = $ui->getUserEmail();
} else {
$_POST['uName'] = $u->getUserName();
}
$this->do_login();
return;
} else {
$this->set('uHash', $uHash);
$this->set('changePasswordForm', true);
$this->set('errorMsg', join('<br>', $e->getList()));
}
} else {
$this->set('uHash', $uHash);
$this->set('changePasswordForm', true);
}
}
} else {
throw new Exception(t('Invalid Key. Please visit the forgot password page again to have a new key generated.'));
}
}
public function v($hash = '')
{
$ui = \UserInfo::getByValidationHash($hash);
if (is_object($ui)) {
$ui->markValidated();
$this->set('uEmail', $ui->getUserEmail());
$this->set('validated', true);
$this->redirect('/login/callback/concrete', 'email_validated');
exit;
}
$this->redirect('/login/callback/concrete', 'invalid_token');
}