/**
* Creates a form in order to change the password - if the authcode is valid
*
* @return string
*/
protected function actionPwdReset()
{
$strReturn = "";
if (!validateSystemid($this->getParam("systemid"))) {
return $this->getLang("login_change_error", "user");
}
$objUser = new class_module_user_user($this->getParam("systemid"));
if ($objUser->getStrAuthcode() != "" && $this->getParam("authcode") == $objUser->getStrAuthcode() && $objUser->getStrUsername() != "") {
if ($this->getParam("reset") == "") {
//Loading a small form to change the password
$strTemplateID = $this->objTemplate->readTemplate("/elements.tpl", "login_form");
$arrTemplate = array();
$strForm = "";
$strForm .= $this->objToolkit->getTextRow($this->getLang("login_password_form_intro", "user"));
$strForm .= $this->objToolkit->formHeader(class_link::getLinkAdminHref($this->getArrModule("modul"), "pwdReset"));
$strForm .= $this->objToolkit->formInputText("username", $this->getLang("login_loginUser", "user"), "", "inputTextShort");
$strForm .= $this->objToolkit->formInputPassword("password1", $this->getLang("login_loginPass", "user"), "", "inputTextShort");
$strForm .= $this->objToolkit->formInputPassword("password2", $this->getLang("login_loginPass2", "user"), "", "inputTextShort");
$strForm .= $this->objToolkit->formInputSubmit($this->getLang("login_changeButton", "user"), "", "", "inputSubmitShort");
$strForm .= $this->objToolkit->formInputHidden("reset", "reset");
$strForm .= $this->objToolkit->formInputHidden("authcode", $this->getParam("authcode"));
$strForm .= $this->objToolkit->formInputHidden("systemid", $this->getParam("systemid"));
$strForm .= $this->objToolkit->formClose();
$arrTemplate["form"] = $strForm;
$arrTemplate["loginTitle"] = $this->getLang("login_loginTitle", "user");
$arrTemplate["loginJsInfo"] = $this->getLang("login_loginJsInfo", "user");
$arrTemplate["loginCookiesInfo"] = $this->getLang("login_loginCookiesInfo", "user");
//An error occurred?
if ($this->getParam("loginerror") == 1) {
$arrTemplate["error"] = $this->getLang("login_loginError", "user");
}
$strReturn = $this->objTemplate->fillTemplate($arrTemplate, $strTemplateID);
} else {
//check the submitted passwords.
$strPass1 = trim($this->getParam("password1"));
$strPass2 = trim($this->getParam("password2"));
if ($strPass1 == $strPass2 && checkText($strPass1, 3, 200) && $objUser->getStrUsername() == $this->getParam("username")) {
if ($objUser->getObjSourceUser()->isPasswordResettable() && method_exists($objUser->getObjSourceUser(), "setStrPass")) {
$objUser->getObjSourceUser()->setStrPass($strPass1);
$objUser->getObjSourceUser()->updateObjectToDb();
}
$objUser->setStrAuthcode("");
$objUser->updateObjectToDb();
class_logger::getInstance()->addLogRow("changed password of user " . $objUser->getStrUsername(), class_logger::$levelInfo);
$strReturn .= $this->getLang("login_change_success", "user");
} else {
$strReturn .= $this->getLang("login_change_error", "user");
}
}
} else {
$strReturn .= $this->getLang("login_change_error", "user");
}
return $strReturn;
}
/**
* Completes the registration process of a new user by activating the account
*
* @return string
*/
private function completeRegistration()
{
$strReturn = "";
if ($this->getSystemid() != "") {
$objUser = new class_module_user_user($this->getParam("systemid"));
if ($objUser->getStrEmail() != "") {
if ($objUser->getIntActive() == 0 && $objUser->getIntLogins() == 0 && $objUser->getStrAuthcode() == $this->getParam("authcode") && $objUser->getStrAuthcode() != "") {
$objUser->setIntActive(1);
$objUser->setStrAuthcode("");
if ($objUser->updateObjectToDb()) {
$strReturn .= $this->getLang("pr_completionSuccess");
if ($this->arrElementData["portalregistration_success"] != "") {
$this->portalReload(class_link::getLinkPortalHref($this->arrElementData["portalregistration_success"]));
}
}
} else {
$strReturn .= $this->getLang("pr_completionErrorStatus");
}
} else {
$strReturn .= $this->getLang("pr_completionErrorStatus");
}
}
return $strReturn;
}
/**
* Creates a form to enter the new password of the account to reset.
*
* @return string
*/
private function newPwdForm()
{
$strReturn = "";
if ($this->getParam("reset") != "" && getPost("reset") != "") {
//try to load the user
$objUser = new class_module_user_user($this->getParam("systemid"));
if ($objUser->getStrAuthcode() != "" && $objUser->getStrAuthcode() == $this->getParam("authcode") && $objUser->getStrUsername() != "") {
//check the submitted passwords.
$strPass1 = trim($this->getParam("portallogin_password1"));
$strPass2 = trim($this->getParam("portallogin_password2"));
$objValidator = new class_text_validator();
if ($strPass1 == $strPass2 && $objValidator->validate($strPass1)) {
if ($objUser->getObjSourceUser()->isPasswordResettable() && method_exists($objUser->getObjSourceUser(), "setStrPass")) {
$objUser->getObjSourceUser()->setStrPass($strPass1);
$objUser->getObjSourceUser()->updateObjectToDb();
}
$objUser->setStrAuthcode("");
$objUser->updateObjectToDb();
class_logger::getInstance(class_logger::USERSOURCES)->addLogRow("changed password of user " . $objUser->getStrUsername(), class_logger::$levelInfo);
$strReturn .= $this->getLang("resetSuccess");
} else {
$strReturn .= $this->getLang("resetError");
}
} else {
$strReturn .= $this->getLang("resetError");
}
} else {
$strTemplateID = $this->objTemplate->readTemplate("/element_portallogin/" . $this->arrElementData["portallogin_template"], "portallogin_newpwdform");
$arrTemplate = array();
//check sysid & authcode
$objUser = new class_module_user_user($this->getParam("systemid"));
if ($objUser->getStrAuthcode() != "" && $objUser->getStrAuthcode() == $this->getParam("authcode")) {
$arrTemplate["portallogin_action"] = "portalResetPwd";
$arrTemplate["portallogin_systemid"] = $this->getParam("systemid");
$arrTemplate["portallogin_authcode"] = $this->getParam("authcode");
$arrTemplate["portallogin_resetHint"] = "portalLoginReset";
$arrTemplate["portallogin_elsystemid"] = $this->arrElementData["content_id"];
$arrTemplate["action"] = class_link::getLinkPortalHref($this->getPagename());
$strReturn .= $this->fillTemplate($arrTemplate, $strTemplateID);
} else {
$strReturn .= "Permission Error";
}
}
return $strReturn;
}
