public function resetPassword($password, $token)
{
# Get a new Query Builder
$Query = \Kanso\Kanso::getInstance()->Database->Builder();
# Validate the user exists
$user = $Query->SELECT('*')->FROM('users')->WHERE('kanso_password_key', '=', $token)->ROW();
if (!$user) {
return false;
}
# Change the users password and remove the key from the database
$row = [];
$row['hashed_pass'] = utf8_encode(\Kanso\Security\Encrypt::hash($password));
$row['kanso_password_key'] = null;
$update = $Query->UPDATE('users')->SET($row)->WHERE('id', '=', $user['id'])->QUERY();
if (!$update) {
return false;
}
# Remove the password key from the session
\Kanso\Kanso::getInstance()->Session->remove('session_kanso_password_key');
# Reset the user's session
\Kanso\Kanso::getInstance()->Session->freshSession();
# Create array of data for email template
$website = \Kanso\Kanso::getInstance()->Environment['KANSO_WEBSITE_NAME'];
$emailData = ['name' => $user['name'], 'username' => $user['username'], 'website' => $website];
# Get the email template
$msg = \Kanso\Templates\Templater::getTemplate($emailData, 'EmailResetPassword');
# Send the email
\Kanso\Utility\Mailer::sendHTMLEmail($user['email'], $website, 'no-reply@' . $website, 'Your password was reset at ' . $website, $msg);
return true;
}
<?php /** * Kanso Default Settings * * When Kanso is first installed or restored to factory settings, * the settings in this file are used to setup the default * tables in the database as well as populate them with a few * examples. */ # Default admin security keys for new user $keys = ['KANSO_PUBLIC_KEY' => 'jce6sLiexsaWfKrDl8iV3dF4jLzNncCr08Dcm7CoipvlupmK3qrFmNarnKzC8KLe3rOJlZC-4GGUqp2iuZ2MjKKcsqekjeC6lqG1mJbcmsKpmaa-psa_sYbhorWizreEtWd6qJSQsLKnyZ3Cnp6GmpimreG_gp5_1p282r2XxreW73mEu9q_ibmBwXqkhMV76MGdvbmGi32dvNF-eIGEvayfy4_DoLSjpYq_sMzQ3JSpnHXmndfZvoG_sppl5nyyqb23rKdpnpyUudSXsaSp3Jq7jsS9t3a1zZ-SvsOlmM2zgt6kqrppm8PfgZjPoLRl37nLsL7xtdfQloR9sZHAYYmMpry8haei2p7bwcJ9yLer3re5g7t9yKDZu3RnynaRocxyncfItbexf5uYnL_YpIyRibumlYWZzsmN1696hLG5favxzb6ryKrmeni6yJak0JXUmeiZrZTnv7vi6bSBZqilvZ6vfaXhec-agqy1m6Oor92WzdXqlIK5meC8vOazhZKQqoa6eZ_UwpeZjIGKg3_E19WIiru3nLxxhdiYt9SoksSOxJqKp6610Ll8zmWn3d6Ujd6fuZ7gksSW6Mu63KyTZ4V8ks15loeswpGHuGvbnJWnwI7mtd7Aqnuf2aXAu9S6rGOdn5qp0IGwooe9hJmheX19vLuqeY6ixMCrhZmqyZ6vuYiMjMyjns_dtfG7jd9ij-q-wniYsOun4622esXapKKxtH5nmJKsmZZ5lOGYl8Cm2peTsaSFqMi71biVx-CGs67bupBpp3h2pbyns9immpKIfaF8sdDJypOuitu9n2m_2559rdGSkKDFk7GtxajOk5LjmnbJ3bl_17mpgd15t5bG5M3j76eon7WY7J6LparcjrvMe6ya0dHYuqKUqc_qv8ugZKTC1OOLaK54lZ-olXzYoJhyvmaRhcC618exiqLIg5VtxMnLfNTLkqyV2KGZ66LE7JfCvKZ7xr67m76p2GXGrcqkxr3M3cmMb2V9qPCVuGamnYrCuq3Li6_YvHbemNK-xa7K3HjdkLDjqXyyuKqP45aOusqydHiJmoOfn9rPu8mZpp2vsKuYrKm3sXd8oKeajMK1nMWdk62rjMKag6HZkueZn3K7d6PuqMramQ==', "KANSO_PUBLIC_SALT" => 'XdbAYUnLG8ReREhX0KHu2IwkNxQHw2BugM4fHr0nASBrxTpxD72GPy1D6RkDUW7aJbpqDqOdjqFQj4nXcpD1YEF5w0IqWQBF206F']; # Hashed default admin password $hashed = \Kanso\Security\Encrypt::hash($this->config['KANSO_OWNER_PASSWORD']); # Default articles table $KANSO_DEFAULTS_POSTS_TABLE = ['id' => 'INTEGER | UNSIGNED | PRIMARY KEY | UNIQUE | AUTO INCREMENT', 'created' => 'INTEGER | UNSIGNED', 'modified' => 'INTEGER | UNSIGNED', 'status' => 'VARCHAR(255)', 'type' => 'VARCHAR(255)', 'slug' => 'VARCHAR(255)', 'title' => 'VARCHAR(255)', 'excerpt' => 'TEXT', 'author_id' => 'INTEGER | UNSIGNED', 'category_id' => 'INTEGER | UNSIGNED', 'thumbnail' => 'VARCHAR(255)', 'comments_enabled' => 'BOOLEAN DEFAULT FALSE']; # Default tags table $KANSO_DEFAULTS_TAGS_TABLE = ['id' => 'INTEGER | UNSIGNED | PRIMARY KEY | UNIQUE | AUTO INCREMENT', 'name' => 'VARCHAR(255)', 'slug' => 'VARCHAR(255)']; # Default categories table $KANSO_DEFAULTS_CATEGORIES_TABLE = ['id' => 'INTEGER | UNSIGNED | PRIMARY KEY | UNIQUE | AUTO INCREMENT', 'name' => 'VARCHAR(255)', 'slug' => 'VARCHAR(255)']; # Default authors table $KANSO_DEFAULTS_USERS_TABLE = ['id' => 'INTEGER | UNSIGNED | PRIMARY KEY | UNIQUE | AUTO INCREMENT', 'username' => 'VARCHAR(255)', 'email' => 'VARCHAR(255)', 'hashed_pass' => 'VARCHAR(255)', 'name' => 'VARCHAR(255)', 'slug' => 'VARCHAR(255)', 'facebook' => 'VARCHAR(255)', 'twitter' => 'VARCHAR(255)', 'gplus' => 'VARCHAR(255)', 'thumbnail' => 'VARCHAR(255)', 'role' => 'VARCHAR(255)', 'description' => 'VARCHAR(255)', 'status' => 'VARCHAR(255)', 'email_notifications' => 'BOOLEAN | DEFAULT TRUE', 'KANSO_REGISTER_KEY' => 'VARCHAR(255)', 'KANSO_PASSWORD_KEY' => 'VARCHAR(255)', 'KANSO_PUBLIC_KEY' => 'VARCHAR(255)', 'KANSO_PUBLIC_SALT' => 'VARCHAR(255)', 'KANSO_KEYS_TIME' => 'INTEGER | UNSIGNED']; # Default comments table $KANSO_DEFAULTS_COMMENTS_TABLE = ['id' => 'INTEGER | UNSIGNED | PRIMARY KEY | UNIQUE | AUTO INCREMENT', 'parent' => 'INTEGER | UNSIGNED', 'post_id' => 'INTEGER | UNSIGNED', 'date' => 'INTEGER | UNSIGNED', 'type' => 'VARCHAR(255)', 'status' => 'VARCHAR(255)', 'name' => 'VARCHAR(255)', 'email' => 'VARCHAR(255)', 'content' => 'VARCHAR(255)', 'html_content' => 'VARCHAR(255)', 'ip_address' => 'VARCHAR(255)', 'email_reply' => 'BOOLEAN', 'email_thread' => 'BOOLEAN', 'rating' => 'INTEGER | UNSIGNED']; # Default tags to posts table $KANSO_DEFAULTS_TAGS_TO_POSTS_TABLE = ['id' => 'INTEGER | UNSIGNED | PRIMARY KEY | UNIQUE | AUTO INCREMENT', 'tag_id' => 'INTEGER | UNSIGNED', 'post_id' => 'INTEGER | UNSIGNED']; # Default content to articles table # Note article content is stored seperately from the # article entry to improve database performance $KANSO_DEFAULTS_CONTENT_TO_POSTS_TABLE = ['id' => 'INTEGER | UNSIGNED | PRIMARY KEY | UNIQUE | AUTO INCREMENT', 'content' => 'TEXT', 'post_id' => 'INTEGER | UNSIGNED']; # The default user entry
/**
* Update administrator settings
*
* This function updates the user's administrator settings.
* i.e username, email and password.
*
* @param $username string
* @param $email string
* @param $password string
* @return string|boolean
*/
public function updateAccountDetails($username, $email, $password, $emailNotifications = true)
{
# Get a new Query Builder
$Query = \Kanso\Kanso::getInstance()->Database()->Builder();
# Grab the user's row from the session
$sessionRow = \Kanso\Kanso::getInstance()->Session->get('KANSO_ADMIN_DATA');
# Validate that the username/ email doesn't exist already
# only if the user has changed either value
if ($email !== $sessionRow['email']) {
$emailExists = $Query->SELECT('*')->FROM('users')->WHERE('email', '=', $email)->FIND();
if ($emailExists) {
return 'email_exists';
}
}
if ($username !== $sessionRow['username']) {
$usernameExists = $Query->SELECT('*')->FROM('users')->WHERE('username', '=', $username)->FIND();
if ($usernameExists) {
return 'username_exists';
}
}
# Grab the user's row from the database
$userRow = $Query->SELECT('*')->FROM('users')->WHERE('username', '=', $sessionRow['username'])->AND_WHERE('email', '=', $sessionRow['email'])->AND_WHERE('status', '=', 'confirmed')->FIND();
if (!$userRow || empty($userRow)) {
return false;
}
# Sanitize email notifications
if ($emailNotifications === 'true' || $emailNotifications === 1 || $emailNotifications === true) {
$emailNotifications = true;
} else {
$emailNotifications = false;
}
# Update the username and email
$row = ['username' => $username, 'email' => $email, 'email_notifications' => $emailNotifications];
# If they changed their password lets update it
if ($password !== '' && !empty($password)) {
$row['hashed_pass'] = utf8_encode(\Kanso\Security\Encrypt::hash($password));
}
# Save to the databse and refresh the client's session
$update = $Query->UPDATE('users')->SET($row)->WHERE('id', '=', $userRow['id'])->QUERY();
# If updated
if ($update) {
# Relog the client in
\Kanso\Kanso::getInstance()->Session->refresh();
return "valid";
}
return false;
}