/** * Event handler called before writing to the database. */ public function onBeforeWrite() { if ($this->SetPassword) { $this->Password = $this->SetPassword; } // If a member with the same "unique identifier" already exists with a different ID, don't allow merging. // Note: This does not a full replacement for safeguards in the controller layer (e.g. in a registration form), // but rather a last line of defense against data inconsistencies. $identifierField = Member::config()->unique_identifier_field; if ($this->{$identifierField}) { // Note: Same logic as Member_Validator class $idClause = $this->ID ? sprintf(" AND \"Member\".\"ID\" <> %d", (int) $this->ID) : ''; $existingRecord = DataObject::get_one('Member', sprintf("\"%s\" = '%s' %s", $identifierField, Convert::raw2sql($this->{$identifierField}), $idClause)); if ($existingRecord) { throw new ValidationException(new ValidationResult(false, _t('Member.ValidationIdentifierFailed', 'Can\'t overwrite existing member #{id} with identical identifier ({name} = {value}))', 'Values in brackets show "fieldname = value", usually denoting an existing email address', array('id' => $existingRecord->ID, 'name' => $identifierField, 'value' => $this->{$identifierField})))); } } // We don't send emails out on dev/tests sites to prevent accidentally spamming users. // However, if TestMailer is in use this isn't a risk. if ((Director::isLive() || Email::mailer() instanceof TestMailer) && $this->isChanged('Password') && $this->record['Password'] && $this->config()->notify_password_change) { $e = Member_ChangePasswordEmail::create(); $e->populateTemplate($this); $e->setTo($this->Email); $e->send(); } // The test on $this->ID is used for when records are initially created. // Note that this only works with cleartext passwords, as we can't rehash // existing passwords. if (!$this->ID && $this->Password || $this->isChanged('Password')) { // Password was changed: encrypt the password according the settings $encryption_details = Security::encrypt_password($this->Password, $this->Salt, $this->PasswordEncryption ? $this->PasswordEncryption : Security::config()->password_encryption_algorithm, $this); // Overwrite the Password property with the hashed value $this->Password = $encryption_details['password']; $this->Salt = $encryption_details['salt']; $this->PasswordEncryption = $encryption_details['algorithm']; // If we haven't manually set a password expiry if (!$this->isChanged('PasswordExpiry')) { // then set it for us if (self::config()->password_expiry_days) { $this->PasswordExpiry = date('Y-m-d', time() + 86400 * self::config()->password_expiry_days); } else { $this->PasswordExpiry = null; } } } // save locale if (!$this->Locale) { $this->Locale = i18n::get_locale(); } parent::onBeforeWrite(); }
/** * Send signup, change password or forgot password informations to an user * * @param string $type Information type to send ("signup", "changePassword" or "forgotPassword") * @param array $data Additional data to pass to the email (can be used in the template) */ function sendInfo($type = 'signup', $data = null) { switch($type) { case "signup": $e = Member_SignupEmail::create(); break; case "changePassword": $e = Member_ChangePasswordEmail::create(); break; case "forgotPassword": $e = Member_ForgotPasswordEmail::create(); break; } if(is_array($data)) { foreach($data as $key => $value) $e->$key = $value; } $e->populateTemplate($this); $e->setTo($this->Email); $e->send(); }