'Invalid Access Code', 'msgCodeExpired' => 'Access Code Expired', 'msgPassActivated' => 'New password successfully activated', ); protected $_settingsPrefix = 'forgotPasswordEmail'; protected function _bindFormFields($form) { $form->addElement('text', 'email', array('label' => 'Enter your email address', 'required' => true)); $form->email->addValidator('EmailAddress', true); $validatorRecordExists = new Zend_Validate_Db_RecordExists( Qs_Db::getTableName('User'), 'email', null, Qs_Db::getInstance() ); $validatorRecordExists->setMessage( 'No user with email %value%', Zend_Validate_Db_RecordExists::ERROR_NO_RECORD_FOUND ); $form->email->addValidator($validatorRecordExists); return $this; } protected function _bindFormButtons(Qs_Form $form) { $form->addElement('submit', 'btnSubmit', array( 'label' => 'Submit', 'attribs' => array('class' => 'btn'), ) ); } protected function _doInsert() { $form = $this->_getNewForm(); if ($form->validate()) { $this->dataObj->setPrimaryKeyByEmail($form->getValue('email')); $data = $this->dataObj->getData(); $expirationTime = time() + 86400; // 24 hours $newPassword = Qs_Auth::generatePassword(); $newSalt = Qs_Auth::generatePassword(8); $recoverCode = md5('code' . rand(0, 100) . time()); $this->dataObj->setNewPassword( $newPassword, $newSalt, $recoverCode, date('Y-m-d H:i:s', $expirationTime) ); $data['newPassword'] = $newPassword; $data['expirationTime'] = $expirationTime; $data['recoverCode'] = $recoverCode; $this->_sendMail2User($data); $this->redirect($this->url() . '/sent.html'); } else { $this->_renderMainForm($form); } } protected function _sendMail2User($data) { $subject = App_Settings_Obj::get($this->_settingsPrefix . 'Subject'); $from = App_Settings_Obj::getEmailForm($this->_settingsPrefix . 'From'); $to = $data['email']; $body = App_Settings_Obj::get($this->_settingsPrefix . 'Body'); $mailData = array( 'firstName' => htmlspecialchars($data['firstName']), 'lastName' => htmlspecialchars($data['lastName']), 'email' => htmlspecialchars($data['email']), 'newPassword' => htmlspecialchars($data['newPassword']) ); $mailData['recoverCodeExpirationDate'] = date('m/d/Y g:i A', $data['expirationTime']); $mailData['link'] = BASE_URL . '/' . Qs_SiteMap::getAliasByItem('User_ForgotPassword_') . '?action=update&code=' . $data['recoverCode']; foreach ($mailData as $field => $value) { $body = str_replace('{' . $field . '}', $value, $body); } $this->_sendMail(compact('subject', 'from', 'to', 'body')); } protected function _doUpdate() { $this->_setBackUrl(BASE_URL_LANGUAGE . '/' . CURRENT_PAGE); $recoverCode = Qs_Request::getGetValue('code'); if (!$recoverCode) { $this->_setBackError(self::MSG_CODE_ERROR); $this->_doBack(); } $this->dataObj->setPrimaryKeyByRecoverCode($recoverCode); $data = $this->dataObj->getData(); if (empty($data)) { $this->_setBackError(self::MSG_CODE_ERROR); $this->_doBack(); } if (strtotime($data['recoverCodeExpirationDate']) < time()) { $this->_setBackError(self::MSG_CODE_EXPIRED); $this->_doBack(); } $this->dataObj->setPrimaryKey($data['id']); $this->dataObj->activatePassword(); $this->_setBackUrl(BASE_URL_LANGUAGE . '/' . Qs_SiteMap::getAliasByItem('User_Login_')); $this->_setBackMessage(self::MSG_ACTIVATED); $this->_doBack(); } }