/** * Action: Password lost */ public function action_password() { $this->history = false; $email = $message = ''; // Handle request if ($_POST && ($email = trim(Arr::get($_POST, 'email', '')))) { $message = new View_Alert(__('We could not find any user or the user is missing email address, sorry.'), __('Uh oh,')); // Find the user, accept only strings $user = Valid::digit($email) ? false : Model_User::find_user(trim($email)); // Send email if ($user && Valid::email($user->email)) { $subject = __('Your new :site password', array(':site' => Kohana::$config->load('site.site_name'))); $mail = __("Forgot your password, :username?\n\nWe received a request to generate a new password for your :site account, please sign in and change your password. You should also delete this email.\n\nUsername: :username\nPassword: :password", array(':site' => Kohana::$config->load('site.site_name'), ':username' => Text::clean($user->username), ':password' => Visitor::generate_password($user->password))); if (Email::send($user->email, Kohana::$config->load('site.email_invitation'), $subject, $mail)) { $message = new View_Alert(__(':email should soon receive the generated password in their inbox.', array(':email' => $email)), __('Mission accomplished!'), View_Alert::SUCCESS); $email = ''; } } } // Build page $this->view = View_Page::factory(__('Misplaced your password?')); $this->view->add(View_Page::COLUMN_MAIN, $this->section_password($message, $email)); }
/** * Action: settings */ public function action_settings() { $this->history = false; $user = $this->_get_user(); Permission::required($user, Model_User::PERMISSION_UPDATE); // Handle post $errors = array(); if ($_POST && Security::csrf_valid()) { // Login information if ($user->username !== Arr::get($_POST, 'username') || $user->email !== UTF8::strtolower(Arr::get($_POST, 'email')) || Arr::get($_POST, 'password')) { $visitor = Visitor::instance(); $old_password = Arr::get($_POST, 'current_password'); $new_password = Arr::get($_POST, 'password'); $validation = Validation::factory(array('current_password' => $old_password)); $validation->rule('current_password', 'not_empty'); if (!$visitor->check_password($old_password) && Visitor::generate_password($user->password_kohana) !== $old_password) { $validation->rule('current_password', 'equals', array(':validation', __('current password'))); } else { if ($new_password) { // Change password only if correct old one given $user->password_kohana = $new_password; } } $user->username = Arr::get($_POST, 'username'); $user->email = Arr::get($_POST, 'email'); } $user->set_fields(Arr::intersect($_POST, Model_User::$editable_fields)); // Settings $name_visiblity = Arr::get($_POST, 'name_visibility'); if (in_array($name_visiblity, array(Model_User::NAME_HIDDEN, Model_User::NAME_VISIBLE))) { $user->setting('user.name', $name_visiblity); } $dob_visiblity = Arr::get($_POST, 'dob_visibility'); if (in_array($dob_visiblity, array(Model_User::DOB_DATEONLY, Model_User::DOB_HIDDEN, Model_User::DOB_VISIBLE))) { $user->setting('user.dob', $dob_visiblity); } // Clear default image id if Facebook image is set if (Arr::get($_POST, 'picture')) { $user->default_image_id = null; } $user->modified = time(); try { $user->save(isset($validation) ? $validation : null); $this->request->redirect(URL::user($user)); } catch (Validation_Exception $e) { $errors = $e->array->errors('validation'); } } // Build page $this->view = self::_set_page($user); $this->view->add(View_Page::COLUMN_TOP, $this->section_settings($user, $errors)); }