'Invalid Access Code', 'msgCodeExpired' => 'Access Code Expired', 'msgPassActivated' => 'New password has been set', ); protected $_settingsPrefix = 'forgotPasswordEmail'; public function exec() { if (App_User_Auth::getInstance()->hasIdentity()) { Qs_Http::redirect(BASE_URL . '/' . Qs_SiteMap::getAliasByItem('User_')); } parent::exec(); } protected function _doInsert() { $form = $this->_getNewForm(); if ($form->validate()) { $this->_getDataObj()->setPrimaryKeyByEmail($form->getValue('email')); $data = $this->_getDataObj()->getData(); $expirationTime = time() + 86400; // 24 hours $recoverCode = md5('code' . rand(0, 100) . time()); $this->_getDataObj()->setRecoverCode($recoverCode, date('Y-m-d H:i:s', $expirationTime)); $data['expirationTime'] = $expirationTime; $data['recoverCode'] = $recoverCode; $this->_sendMail2User($data); $this->redirect($this->url() . '/sent.html'); } else { $this->_addFormItem($form); } return $this; } protected function _sendMail2User($data) { $subject = App_Settings_Obj::get($this->_settingsPrefix . 'Subject'); $from = App_Settings_Obj::getEmailForm($this->_settingsPrefix . 'From'); $to = $data['email']; $body = App_Settings_Obj::get($this->_settingsPrefix . 'Body'); $mailData = array( 'firstName' => htmlspecialchars($data['firstName']), 'lastName' => htmlspecialchars($data['lastName']), 'email' => htmlspecialchars($data['email']) ); $mailData['recoverCodeExpirationDate'] = date('m/d/Y g:i A', $data['expirationTime']); $mailData['link'] = BASE_URL . '/' . Qs_SiteMap::getAliasByItem('User_ForgotPassword_') . '?action=edit&code=' . rawurlencode($data['recoverCode']); foreach ($mailData as $field => $value) { $body = str_replace('{' . $field . '}', $value, $body); } $this->_sendMail(compact('subject', 'from', 'to', 'body')); return $this; } /** * Verify recover code * * @return App_User_ForgotPassword_View */ protected function _validateRecoverCode($recoverCode = null) { $errors = array(); if (null === $recoverCode) { $recoverCode = Qs_Request::getRequestValue('code'); } if (!$recoverCode) { $errors[] = $this->_createMessage(self::MSG_CODE_ERROR); } else { $this->_getDataObj()->setPrimaryKeyByRecoverCode($recoverCode); if (null === ($data = $this->_getDataObj()->getData())) { $errors[] = $this->_createMessage(self::MSG_CODE_ERROR); } else if (strtotime($data['recoverCodeExpirationDate']) < time()) { $errors[] = $this->_createMessage(self::MSG_CODE_EXPIRED); } } return (empty($errors)) ? true : $errors; } protected function _doEdit() { $this->_doc->setHeader('Enter new password'); $this->_setBackUrl(BASE_URL_LANGUAGE . '/' . CURRENT_PAGE); $recoverCode = Qs_Request::getGetValue('code'); if (true !== ($errors = $this->_validateRecoverCode($recoverCode))) { $this->_setBackErrors($errors); $this->_doBack(); } $form = $this->_getEditForm(array('defaults' => array('code' => $recoverCode))); $form->setDefaults(); $this->_addFormItem($form); $this->_postEdit(); return $this; } protected function _getFormOptions() { $options = parent::_getFormOptions(); $options['attribs']['id'] = strtolower($this->getApplicationName()) . '-forgot-form'; return $options; } protected function _doUpdateAjax() { if (true !== ($errors = $this->_validateRecoverCode())) { $data = array('isValid' => false, 'formErrors' => $errors); } else { $form = $this->_getEditForm(); $data = $form->validateAjax(); } $this->_displayJson($data); } protected function _doUpdate() { $this->_setBackUrl(BASE_URL_LANGUAGE . '/' . Qs_SiteMap::getAliasByItem('User_Login_')); if (true !== ($errors = $this->_validateRecoverCode())) { $this->_setBackErrors($errors); $this->_doBack(); } if (null === $this->_getDataObj()->getData()) { $this->_setBackError(static::MSG_DATA_UNAVAILABLE); $this->_doBack(); } $form = $this->_getEditForm(); if ($form->validate()) { $this->_initFromForm($form); if (false === $this->_getDataObj()->update()) { $this->_setBackErrors($this->_getDataObj()->getErrors()); } else { $this->_postUpdate(); $this->_setBackMessage(static::MSG_ACTIVATED); } $this->_doBack(); } else { $this->_addFormItem($form); } return $this; } protected function _initFromForm(Qs_Form $form) { $data = $form->getValues(); if ($this->_action == 'update') { $data['recoverCode'] = null; $data['recoverCodeExpirationDate'] = null; } $this->_getDataObj()->initFromForm($data); return $this; } }