function __construct() { $this->rules = array(); $this->id = auth::generate_random_string(16, 16); $this->js = Kohana::config('xform.js'); // Singleton instance self::$instance = $this; }
/** * send forgotten email * * @return void * @author Andy Bennett */ public static function forgotten_credential_email() { $email = Event::$data->post('form_email'); $user = ORM::factory('user')->where(array('email' => $email, 'activated' => 1))->find(); if (!$user->loaded) { throw new Exception("auth.no_matching_user"); } // generates the activation code $user->forgotten_credential_code = auth::generate_random_string(10, 10); $user->save(); $email_data = array('user' => $user); $data = array('data' => $email_data, 'view' => Kohana::config('steamauth.steamauth')->forgotten_credential_email, 'subject' => 'forgotten_credential_email_subject', 'to' => $user->email); self::send_email($data); }
/** * Save an uploaded file to a new location. * * @param mixed name of $_FILE input or array of upload data * @param string new filename * @param string new directory * @param integer chmod mask * @return string full path to new file */ public static function save($file, $filename = NULL, $directory = NULL, $chmod = 0644) { // Load file data from FILES if not passed as array $file = is_array($file) ? $file : $_FILES[$file]; if ($filename === NULL) { // Use the default filename, with a timestamp pre-pended $filename = time() . auth::generate_random_string(8, 8) . '-' . $file['name']; } if (Kohana::config('upload.remove_spaces') === TRUE) { // Remove spaces from the filename $filename = preg_replace('/\\s+/', '_', $filename); } if ($directory === NULL) { // Use the pre-configured upload directory $directory = Kohana::config('upload.directory', TRUE); } // Make sure the directory ends with a slash $directory = rtrim($directory, '/') . '/'; if (!is_dir($directory) and Kohana::config('upload.create_directories') === TRUE) { // Create the upload directory mkdir($directory, 0777, TRUE); } if (!is_writable($directory)) { throw new Kohana_Exception('upload.not_writable', $directory); } if (is_uploaded_file($file['tmp_name']) and move_uploaded_file($file['tmp_name'], $filename = $directory . $filename)) { if ($chmod !== FALSE) { // Set permissions on filename chmod($filename, $chmod); } // Return new file path return $filename; } else { $valid_dir = strpos(realpath($file['tmp_name']), DATAPATH . 'tmp') === 0; if ($valid_dir and rename($file['tmp_name'], $filename = $directory . $filename)) { if ($chmod !== FALSE) { // Set permissions on filename chmod($filename, $chmod); } // Return new file path return $filename; } } return FALSE; }
/** * reset user's password * * @return void * @author Andy Bennett */ public function forgotten_credential_reset() { try { $segs = array_reverse(URI::instance()->segment_array()); $code = $segs[0]; $id = $segs[1]; // check the passed values if (!is_numeric($id) or $id <= 0) { throw new Exception("auth.invalid_user_id"); } if (!strlen($code) or !preg_match('/[a-zA-Z0-9]+/', $code)) { throw new Exception('auth.invalid_forgotten_code'); } $user = ORM::factory('user')->where(array('id' => $id, 'activated' => 1, 'forgotten_credential_code' => $code))->find(); if (!$user->loaded) { throw new Exception("auth.invalid_user"); } // if they do, generate a new credential $conf = Kohana::config('steamauth.steamauth'); $credential = auth::generate_random_string($conf->user_credential_min, $conf->user_credential_max); //encrypts the random credential using the md5 encryption $user->credential = auth::encode($credential); $user->save(); // inform the user of their new credential $email_data = array('user' => $user, 'credential' => $credential); Event::run('steamauth.forgotten_credential_reset', $email_data); } catch (Exception $e) { Event::run('steamauth.forgotten_credential_reset_error', $error = $e->getMessage()); } }