/** * Change users current password */ public function actionChangePassword() { if (Yii::app()->user->authMode != User::AUTH_MODE_LOCAL) { throw new CHttpException(500, Yii::t('UserModule.controllers_AccountController', 'You cannot change your password here.')); } $userPassword = new UserPassword('changePassword'); if (isset($_POST['UserPassword'])) { $userPassword->attributes = $_POST['UserPassword']; if ($userPassword->validate()) { $userPassword->user_id = Yii::app()->user->id; $userPassword->setPassword($userPassword->newPassword); $userPassword->save(); return $this->render('changePassword_success'); } } $this->render('changePassword', array('model' => $userPassword)); }
/** * Resets users password based on given token */ public function actionResetPassword() { $user = User::model()->findByAttributes(array('guid' => Yii::app()->request->getQuery('guid'))); if ($user === null || !$this->checkPasswordResetToken($user, Yii::app()->request->getQuery('token'))) { throw new CHttpException('500', 'It looks like you clicked on an invalid password reset link. Please try again.'); } $model = new UserPassword('newPassword'); if (isset($_POST['UserPassword'])) { $model->attributes = $_POST['UserPassword']; if ($model->validate()) { // Clear password reset token $user->setSetting('passwordRecoveryToken', '', 'user'); $model->user_id = $user->id; $model->setPassword($model->newPassword); $model->save(); return $this->render('resetPassword_success'); } } $this->render('resetPassword', array('model' => $model)); }