Index: branches/RC/core/units/users/users_tag_processor.php
===================================================================
diff -u -r8929 -r9037
--- branches/RC/core/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 8929)
+++ branches/RC/core/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 9037)
@@ -27,49 +27,54 @@
function ConfirmPasswordLink($params)
{
- //global $m_var_list_update, $var_list_update, $objSession, $objConfig;
+ $code = $this->getCachedCode();
- $template = "forgotpw_reset_result";
+ $fields_hash = Array (
+ 'PwResetConfirm' => $code,
+ 'PwRequestTime' => adodb_mktime(),
+ );
- $tmp_user_id = $this->Application->RecallVar("tmp_user_id");
+ $user_id = $this->Application->RecallVar('tmp_user_id');
+ $this->Conn->doUpdate($fields_hash, TABLE_PREFIX.'PortalUser', 'PortalUserId = '.$user_id);
- $saved_denerated_code = $this->Application->GetVar('saved_denerated_code');
- if ($saved_denerated_code){
- $code = $saved_denerated_code;
- }
- else {
- $code = md5($this->GenerateCode());
- $this->Application->SetVar('saved_denerated_code', $code);
- }
+ $params['user_key'] = $code;
+ if (!$this->SelectParam($params, 'template,t')) {
+ $params['template'] = $this->Application->GetVar('reset_confirm_template');
+ }
+ return $this->Application->ProcessParsedTag('m', 'Link', $params);
+ }
+ /**
+ * Generates & caches code for password confirmation link
+ *
+ * @return string
+ */
+ function getCachedCode()
+ {
+ static $code = null;
- $sql = 'UPDATE '.TABLE_PREFIX.'PortalUser SET PwResetConfirm="'.$code.'", PwRequestTime='.adodb_mktime().' WHERE PortalUserId='.$tmp_user_id;
+ if (!isset($code)) {
+ $code = md5($this->GenerateCode());
+ }
- $this->Conn->Query($sql);
-
- $params = array_merge($params, array('pass'=>'m', 'user_key'=>$code));
-
- $main_processor =& $this->Application->recallObject('m_TagProcessor');
-
- return $main_processor->T($params);
-
+ return $code;
}
function GenerateCode()
{
- list($usec, $sec) = explode(" ",microtime());
+ list($usec, $sec) = explode(" ",microtime());
- $id_part_1 = substr($usec, 4, 4);
- $id_part_2 = mt_rand(1,9);
- $id_part_3 = substr($sec, 6, 4);
- $digit_one = substr($id_part_1, 0, 1);
- if ($digit_one == 0) {
- $digit_one = mt_rand(1,9);
- $id_part_1 = ereg_replace("^0","",$id_part_1);
- $id_part_1=$digit_one.$id_part_1;
- }
- return $id_part_1.$id_part_2.$id_part_3;
+ $id_part_1 = substr($usec, 4, 4);
+ $id_part_2 = mt_rand(1,9);
+ $id_part_3 = substr($sec, 6, 4);
+ $digit_one = substr($id_part_1, 0, 1);
+ if ($digit_one == 0) {
+ $digit_one = mt_rand(1,9);
+ $id_part_1 = ereg_replace("^0","",$id_part_1);
+ $id_part_1=$digit_one.$id_part_1;
+ }
+ return $id_part_1.$id_part_2.$id_part_3;
}
function ForgottenPassword($params)
@@ -79,38 +84,37 @@
function TestCodeIsValid($params)
{
- $passed_key = $this->Application->GetVar('user_key');
+ $passed_key = trim($this->Application->GetVar('user_key'));
- $user_object = &$this->Application->recallObject('u.forgot');
-
// used for error reporting only -> rewrite code + theme (by Alex)
$user_current_object = &$this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too
/* @var $user_current_object UsersItem */
- if (strlen(trim($passed_key)) == 0) {
+ if (!$passed_key) {
$user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid');
return false;
}
+ $user_object =& $this->Application->recallObject('u.forgot', null, Array('skip_autoload' => true));
+ /* @var $user_object UsersItems */
- if ($user_object->Load(array('PwResetConfirm'=>$passed_key))) {
- $exp_time = $user_object->GetDBField('PwRequestTime') + 3600;
- if ($exp_time > adodb_mktime())
- {
+ $user_object->Load($passed_key, 'PwResetConfirm');
-
+ if ($user_object->isLoaded()) {
+ $expiration_time = $user_object->GetDBField('PwRequestTime') + 3600;
+ if ($expiration_time > adodb_mktime()) {
+ return true;
} else {
$user_current_object->SetError('PwResetConfirm', 'code_expired', 'lu_code_expired');
return false;
-
}
}
else {
$user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid');
return false;
}
- return true;
+ return true;
}
/**
Fisheye: Tag 9037 refers to a dead (removed) revision in file `branches/RC/themes/default2007/platform/login/forgotpass.tpl'.
Fisheye: No comparison available. Pass `N' to diff?
Fisheye: Tag 9037 refers to a dead (removed) revision in file `branches/RC/themes/default2007/platform/login/forgotpass_reset.tpl'.
Fisheye: No comparison available. Pass `N' to diff?
Index: branches/RC/core/units/users/users_event_handler.php
===================================================================
diff -u -r8929 -r9037
--- branches/RC/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 8929)
+++ branches/RC/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 9037)
@@ -859,8 +859,13 @@
if ($found && $allow_reset) {
$this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId"));
$this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email"));
- $this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
+ $confirm_template = $this->Application->GetVar('reset_confirm_template');
+ if (!$confirm_template) {
+ $this->Application->SetVar('reset_confirm_template', 'platform/login/forgotpass_reset');
+ }
+ $this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField('PortalUserId'));
+
$event->redirect = $this->Application->GetVar('template_success');
}
else {
@@ -916,64 +921,61 @@
function OnResetPasswordConfirmed(&$event)
{
- $passed_key = $this->Application->GetVar('user_key');
-
- $user_object = &$this->Application->recallObject('u.forgot');
-
// used for error reporting only -> rewrite code + theme (by Alex)
$user_current_object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true));// TODO: change theme too
/* @var $user_current_object UsersItem */
- if (strlen(trim($passed_key)) == 0) {
- $event->redirect_params = array('opener' => 's', 'pass' => 'all');
+ $passed_key = trim($this->Application->GetVar('user_key'));
+
+ if (!$passed_key) {
+ $event->redirect_params = Array('opener' => 's', 'pass' => 'all');
$event->redirect = false;
$user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid');
}
+ $user_object =& $this->Application->recallObject('u.forgot', null, Array('skip_autoload' => true));
+ /* @var $user_object UsersItem */
- if($user_object->Load(array('PwResetConfirm'=>$passed_key)))
- {
+ $user_object->Load($passed_key, 'PwResetConfirm');
+
+ if ($user_object->isLoaded()) {
$exp_time = $user_object->GetDBField('PwRequestTime') + 3600;
- $user_object->SetDBField("PwResetConfirm", '');
- $user_object->SetDBField("PwRequestTime", 0);
- if ( $exp_time > adodb_mktime() )
- {
- //$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
+ $user_object->SetDBField('PwResetConfirm', '');
+ $user_object->SetDBField('PwRequestTime', 0);
+
+ if ($exp_time > adodb_mktime()) {
$newpw = makepassword4();
$this->Application->StoreVar('password', $newpw);
- $user_object->SetDBField("Password",$newpw);
- $user_object->SetDBField("PassResetTime", adodb_mktime());
- $user_object->SetDBField("PwResetConfirm", '');
- $user_object->SetDBField("PwRequestTime", 0);
+ $user_object->SetDBField('Password', $newpw);
+ $user_object->SetDBField('PassResetTime', adodb_mktime());
+ $user_object->SetDBField('PwResetConfirm', '');
+ $user_object->SetDBField('PwRequestTime', 0);
$user_object->Update();
$this->Application->SetVar('ForgottenPassword', $newpw);
- $email_event_user = &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
- $email_event_admin = &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
+ $email_event_user =& $this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
+ $email_event_admin =& $this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
$this->Application->DeleteVar('ForgottenPassword');
- if ($email_event_user->status == erSUCCESS){
+ if ($email_event_user->status == erSUCCESS) {
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
- $user_object->SetDBField("Password",md5($newpw));
+ $user_object->SetDBField('Password', md5($newpw));
$user_object->Update();
-
} else {
$user_current_object->SetError('PwResetConfirm', 'code_expired', 'lu_code_expired');
$event->redirect = false;
-
}
} else {
$user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', 'lu_code_is_not_valid');
$event->redirect = false;
-
}
}
Index: branches/RC/themes/default2007/platform/login/forgot_password.tpl
===================================================================
diff -u
--- branches/RC/themes/default2007/platform/login/forgot_password.tpl (revision 0)
+++ branches/RC/themes/default2007/platform/login/forgot_password.tpl (revision 9037)
@@ -0,0 +1,83 @@
+
+
+
+
+
+
+
+
+
+ ">
@@ -40,15 +40,15 @@
img/s.gif" alt="" width="5" height="5" border="0" /> |