public function confirm(User $user, $code)
{
if ($user && $user->emailCode == $code) {
$expired = substr($code, -10) + $this->config->email_code->exptime < time();
if (!$expired) {
$user->save(['active' => 'Y', 'emailCode' => '']);
$this->flash->success('Your account was activated');
return true;
}
}
$this->flash->error('The given link is either invalid or expired');
return false;
}
public function changePasswordAction()
{
$confirmCurrent = $this->dispatcher->wasForwarded() ? false : true;
$user = User::findFirst($this->session->get('id'));
if ($user) {
/* for this specific form we can pass boolean value as first parameter
to signify whether the user must confirm the current password */
$form = new \Adiachenko\Project\Form\changePasswordForm($user, ['confirmCurrent' => $confirmCurrent]);
if ($this->request->isPost()) {
if ($form->isValid($this->request->getPost())) {
if (password_verify($this->request->getPost('current-password'), $user->passwordHash)) {
if ($this->request->getPost('current-password') !== $this->request->getPost('password')) {
$user->passwordHash = password_hash($this->request->getPost('password'), PASSWORD_BCRYPT);
if ($user->save()) {
$this->flash->notice('Your password was changed.');
}
return $this->response->redirect('index');
} else {
$form->addModelError('password', 'New password must differ from the current one');
}
} else {
$form->addModelError('current-password', 'Failed to confirm your current password');
}
}
}
}
$this->view->form = $form;
}
public function signInUsingSessionHash($hash)
{
$session = UserSession::findFirstByHash($hash);
if ($session) {
$user = User::findFirst($session->userId);
$this->signIn($user, false, false);
}
}
public function restorePasswordAction()
{
$form = new RestorePasswordForm();
if ($this->request->isPost()) {
if ($form->isValid($this->request->getPost())) {
$recipient = $this->request->getPost('email');
$user = User::findFirstByEmail($recipient);
if ($user) {
$code = $this->getRandomToken(true);
$user->emailCode = $code;
if ($user->save()) {
$href = $this->url->getBaseUri() . 'new-password?id=' . $user->id . '&code=' . $code;
$subject = 'Restore Password';
$body = 'Use the following link to change your password:<br>';
$body .= \Phalcon\Tag::linkTo($href, $href);
$this->mail->send($recipient, $subject, $body);
}
}
$this->flash->notice('A link with instructions on how to change an email was send to specified adress');
return $this->response->redirect('index');
}
}
$this->view->form = $form;
}
public function indexAction()
{
$users = User::find(['order' => 'joined']);
$this->view->setVar('users', $users);
}
public function sendActivationLinkAction($id)
{
$user = User::findFirst($id);
$this->activation->request($user);
return $this->response->redirect('index');
}
