public function updateUser(User $user, $name, $emailAddress, $password = null, $isAdmin = null) { $user->setName($name); $user->setEmail($emailAddress); if (!empty($password)) { $user->setHash(password_hash($password, PASSWORD_DEFAULT)); } if (!is_null($isAdmin)) { $user->setIsAdmin($isAdmin ? 1 : 0); } return $this->store->save($user); }
/** * Edit a user - handles both form and processing. */ public function edit($userId) { if (!$_SESSION['user']->getIsAdmin()) { throw new ForbiddenException('You do not have permission to do that.'); } $method = $this->request->getMethod(); $user = $this->userStore->getById($userId); if (empty($user)) { throw new NotFoundException('User with ID: ' . $userId . ' does not exist.'); } $values = array_merge($user->getDataArray(), $this->getParams()); $form = $this->userForm($values, 'edit/' . $userId); if ($method != 'POST' || $method == 'POST' && !$form->validate()) { $view = new b8\View('UserForm'); $view->type = 'edit'; $view->user = $user; $view->form = $form; return $view->render(); } if (!empty($values['password'])) { $values['hash'] = password_hash($values['password'], PASSWORD_DEFAULT); } $user->setValues($values); $isAdmin = $this->getParam('is_admin'); if (empty($isAdmin)) { $user->setIsAdmin(0); } $this->userStore->save($user); header('Location: ' . PHPCI_URL . 'user'); die; }
public function resetPassword($userId, $key) { $user = $this->userStore->getById($userId); $userKey = md5(date('Y-m-d') . $user->getHash()); if (empty($user) || $key != $userKey) { $this->view->error = 'Invalid password reset request.'; return $this->view->render(); } if ($this->request->getMethod() == 'POST') { $hash = password_hash($this->getParam('password'), PASSWORD_DEFAULT); $user->setHash($hash); $_SESSION['user'] = $this->userStore->save($user); $_SESSION['user_id'] = $user->getId(); header('Location: ' . PHPCI_URL); die; } $this->view->id = $userId; $this->view->key = $key; return $this->view->render(); }
/** * Allows the user to change their password after a password reset email. * @param $userId * @param $key * @return string */ public function resetPassword($userId, $key) { $user = $this->userStore->getById($userId); $userKey = md5(date('Y-m-d') . $user->getHash()); if (empty($user) || $key != $userKey) { $this->view->error = Lang::get('reset_invalid'); return $this->view->render(); } if ($this->request->getMethod() == 'POST') { $hash = password_hash($this->getParam('password'), PASSWORD_DEFAULT); $user->setHash($hash); $_SESSION['phpci_user'] = $this->userStore->save($user); $_SESSION['phpci_user_id'] = $user->getId(); $response = new b8\Http\Response\RedirectResponse(); $response->setHeader('Location', PHPCI_URL); return $response; } $this->view->id = $userId; $this->view->key = $key; return $this->view->render(); }