/** * Generate activation key */ public function generateActivationKey($hash) { $ProfilesMeta = new Application_Model_ProfilesMeta(); do { $generatedKey = sha1(mt_rand(10000, 99999) . time() . $hash); } while ($ProfilesMeta->getProfileId('activationkey', $generatedKey) || $ProfilesMeta->getProfileId('password_reset', $generatedKey)); return $generatedKey; }
/** * Change password with recover key */ public function recoverpasswordAction() { $this->_helper->_layout->setLayout('layout_wide'); $request = $this->getRequest(); // Get password change key if any $key = $request->getParam('key', false); $Profiles = new Application_Model_Profiles(); $ProfilesMeta = new Application_Model_ProfilesMeta(); if ($key) { $form = new Application_Form_ChangeForgottenPassword(); $profile_id = $ProfilesMeta->getProfileId('password_reset', $key); if ($profile_id) { $profile = $Profiles->getProfileByField('id', $profile_id); } } // Redirect if bad or no user if (!$key || !isset($profile) || !$profile) { $this->redirect(''); } $this->view->form = $form; // Form Submitted... if ($request->isPost() && $form->isValid($_POST)) { Application_Plugin_Common::redirectOnDemoAccount(); $newpassword = $form->getValue('password2'); $hash = new Application_Plugin_Phpass(); $hashed_password = $hash->HashPassword($newpassword); // update password $Profiles->updateField($profile->name, 'password', $hashed_password); // remove password reset key $ProfilesMeta->deletePair('password_reset', $key); Application_Plugin_Alerts::success($this->view->translate('Password updated')); // prepare phtml email template $mail_template_path = APPLICATION_PATH . '/views/emails/'; $view = new Zend_View(); $view->setScriptPath($mail_template_path); $body = $view->render('passwordnotice.phtml'); // send email as a security measure $ret = Application_Plugin_Common::sendEmail($profile->email, $this->view->translate('Password updated'), $body, true); $this->redirect(''); } }