function __construct()
{
$this->rules = array();
$this->id = auth::generate_random_string(16, 16);
$this->js = Kohana::config('xform.js');
// Singleton instance
self::$instance = $this;
}
/**
* send forgotten email
*
* @return void
* @author Andy Bennett
*/
public static function forgotten_credential_email()
{
$email = Event::$data->post('form_email');
$user = ORM::factory('user')->where(array('email' => $email, 'activated' => 1))->find();
if (!$user->loaded) {
throw new Exception("auth.no_matching_user");
}
// generates the activation code
$user->forgotten_credential_code = auth::generate_random_string(10, 10);
$user->save();
$email_data = array('user' => $user);
$data = array('data' => $email_data, 'view' => Kohana::config('steamauth.steamauth')->forgotten_credential_email, 'subject' => 'forgotten_credential_email_subject', 'to' => $user->email);
self::send_email($data);
}
/**
* Save an uploaded file to a new location.
*
* @param mixed name of $_FILE input or array of upload data
* @param string new filename
* @param string new directory
* @param integer chmod mask
* @return string full path to new file
*/
public static function save($file, $filename = NULL, $directory = NULL, $chmod = 0644)
{
// Load file data from FILES if not passed as array
$file = is_array($file) ? $file : $_FILES[$file];
if ($filename === NULL) {
// Use the default filename, with a timestamp pre-pended
$filename = time() . auth::generate_random_string(8, 8) . '-' . $file['name'];
}
if (Kohana::config('upload.remove_spaces') === TRUE) {
// Remove spaces from the filename
$filename = preg_replace('/\\s+/', '_', $filename);
}
if ($directory === NULL) {
// Use the pre-configured upload directory
$directory = Kohana::config('upload.directory', TRUE);
}
// Make sure the directory ends with a slash
$directory = rtrim($directory, '/') . '/';
if (!is_dir($directory) and Kohana::config('upload.create_directories') === TRUE) {
// Create the upload directory
mkdir($directory, 0777, TRUE);
}
if (!is_writable($directory)) {
throw new Kohana_Exception('upload.not_writable', $directory);
}
if (is_uploaded_file($file['tmp_name']) and move_uploaded_file($file['tmp_name'], $filename = $directory . $filename)) {
if ($chmod !== FALSE) {
// Set permissions on filename
chmod($filename, $chmod);
}
// Return new file path
return $filename;
} else {
$valid_dir = strpos(realpath($file['tmp_name']), DATAPATH . 'tmp') === 0;
if ($valid_dir and rename($file['tmp_name'], $filename = $directory . $filename)) {
if ($chmod !== FALSE) {
// Set permissions on filename
chmod($filename, $chmod);
}
// Return new file path
return $filename;
}
}
return FALSE;
}
/**
* reset user's password
*
* @return void
* @author Andy Bennett
*/
public function forgotten_credential_reset()
{
try {
$segs = array_reverse(URI::instance()->segment_array());
$code = $segs[0];
$id = $segs[1];
// check the passed values
if (!is_numeric($id) or $id <= 0) {
throw new Exception("auth.invalid_user_id");
}
if (!strlen($code) or !preg_match('/[a-zA-Z0-9]+/', $code)) {
throw new Exception('auth.invalid_forgotten_code');
}
$user = ORM::factory('user')->where(array('id' => $id, 'activated' => 1, 'forgotten_credential_code' => $code))->find();
if (!$user->loaded) {
throw new Exception("auth.invalid_user");
}
// if they do, generate a new credential
$conf = Kohana::config('steamauth.steamauth');
$credential = auth::generate_random_string($conf->user_credential_min, $conf->user_credential_max);
//encrypts the random credential using the md5 encryption
$user->credential = auth::encode($credential);
$user->save();
// inform the user of their new credential
$email_data = array('user' => $user, 'credential' => $credential);
Event::run('steamauth.forgotten_credential_reset', $email_data);
} catch (Exception $e) {
Event::run('steamauth.forgotten_credential_reset_error', $error = $e->getMessage());
}
}
