示例#1
0
 /**
  * Validate the key.
  */
 public function clean_key()
 {
     $this->cleaned_data['key'] = trim($this->cleaned_data['key']);
     $error = __('We are sorry but this validation key is not valid. Maybe you should directly copy/paste it from your validation email.');
     if (false === ($cres = IDF_Form_PasswordInputKey::checkKeyHash($this->cleaned_data['key']))) {
         throw new Pluf_Form_Invalid($error);
     }
     $guser = new Pluf_User();
     $sql = new Pluf_SQL('email=%s AND id=%s', array($cres[0], $cres[1]));
     if ($guser->getCount(array('filter' => $sql->gen())) != 1) {
         throw new Pluf_Form_Invalid($error);
     }
     if (time() - $cres[2] > 86400) {
         throw new Pluf_Form_Invalid(__('Sorry, but this verification key has expired, please restart the password recovery sequence. For security reasons, the verification key is only valid 24h.'));
     }
     return $this->cleaned_data['key'];
 }
示例#2
0
文件: Views.php 项目: Br3nda/indefero 
 /**
  * If the key is valid, provide a nice form to reset the password
  * and automatically login the user. 
  *
  * This is also firing the password change event for the plugins.
  */
 public function passwordRecovery($request, $match)
 {
     $title = __('Password Recovery');
     $key = $match[1];
     // first "check", full check is done in the form.
     $email_id = IDF_Form_PasswordInputKey::checkKeyHash($key);
     if (false == $email_id) {
         $url = Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecoveryInputKey');
         return new Pluf_HTTP_Response_Redirect($url);
     }
     $user = new Pluf_User($email_id[1]);
     $extra = array('key' => $key, 'user' => $user);
     if ($request->method == 'POST') {
         $form = new IDF_Form_PasswordReset($request->POST, $extra);
         if ($form->isValid()) {
             $user = $form->save();
             $request->user = $user;
             $request->session->clear();
             $request->session->setData('login_time', gmdate('Y-m-d H:i:s'));
             $user->last_login = gmdate('Y-m-d H:i:s');
             $user->update();
             $request->user->setMessage(__('Welcome back! Next time, you can use your broswer options to remember the password.'));
             $url = Pluf_HTTP_URL_urlForView('IDF_Views::index');
             return new Pluf_HTTP_Response_Redirect($url);
         }
     } else {
         $form = new IDF_Form_PasswordReset(null, $extra);
     }
     return Pluf_Shortcuts_RenderToResponse('idf/user/passrecovery.html', array('page_title' => $title, 'new_user' => $user, 'form' => $form), $request);
 }