<?php

class App_Application_User_ForgotPassword_View extends Qs_ViewController
{
    const MSG_CODE_ERROR = 'msgCodeError';
    const MSG_CODE_EXPIRED = 'msgCodeExpired';
    const MSG_ACTIVATED = 'msgPassActivated';

    protected $_actions = array('new', 'insert', 'update');
    protected $_messageTemplates = array(
        'msgCodeError'     => 'Invalid Access Code',
        'msgCodeExpired'   => 'Access Code Expired',
        'msgPassActivated' => 'New password successfully activated',
    );
    protected $_settingsPrefix = 'appUserForgotPasswordEmail';

    protected function _bindFormFields($form)
    {
        $form->addElement('text', 'email', array('label' => 'Enter your email address', 'required' => true));
        $form->email->addValidator('EmailAddress', true);
        $validatorRecordExists = new Zend_Validate_Db_RecordExists(
            Qs_Db::getTableName('ApplicationUser'),
            'email',
            null,
            Qs_Db::getInstance()
        );
        $validatorRecordExists->setMessage(
            'There is no user with email %value% found in the system.',
            Zend_Validate_Db_RecordExists::ERROR_NO_RECORD_FOUND
        );
        $form->email->addValidator($validatorRecordExists);
        return $this;
    }

    protected function _bindFormButtons($form)
    {
        $form->addElement('submit', 'btnSubmit',
            array(
                'label'      => 'Submit',
                'attribs'    => array('class' => 'btn'),
            )
        );
    }

    protected function _doInsert()
    {
        $form = $this->_getNewForm();
        if ($form->validate()) {
            $this->dataObj->setPrimaryKeyByEmail($form->getValue('email'));
            $data = $this->dataObj->getData();
            $expirationTime = time() + 86400; // 24 hours
            $newPassword = Qs_Auth::generatePassword();
            $newSalt = Qs_Auth::generatePassword(8);
            $recoverCode = md5('code' . rand(0, 100) . time());
            $this->dataObj->setNewPassword(
                $newPassword,
                $newSalt,
                $recoverCode,
                date('Y-m-d H:i:s', $expirationTime)
            );
            $data['newPassword'] = $newPassword;
            $data['expirationTime'] = $expirationTime;
            $data['recoverCode'] = $recoverCode;
            $this->_sendMail2User($data);

            $this->redirect($this->url() . '/sent.html');
        } else {
            $this->_renderMainForm($form);
        }
    }

    protected function _sendMail2User($data)
    {
        $subject = App_Settings_Obj::get($this->_settingsPrefix . 'Subject');
        $from = App_Settings_Obj::getEmailForm($this->_settingsPrefix . 'From');
        $to = $data['email'];
        $body = App_Settings_Obj::get($this->_settingsPrefix . 'Body');
        $mailData = array(
            'name'        => htmlspecialchars($data['name']),
            'email'       => htmlspecialchars($data['email']),
            'newPassword' => htmlspecialchars($data['newPassword'])
        );
        $mailData['recoverCodeExpirationDate'] = date('m/d/Y g:i A', $data['expirationTime']);
        $mailData['link'] = BASE_URL . '/' . Qs_SiteMap::getAliasByItem('Application_User_ForgotPassword_')
                          . '?action=update&code=' . $data['recoverCode'];
        foreach ($mailData as $field => $value) {
            $body = str_replace('{' . $field . '}', $value, $body);
        }
        $this->_sendMail(compact('subject', 'from', 'to', 'body'));
    }

    protected function _doUpdate()
    {
        $this->_setBackUrl(BASE_URL_LANGUAGE . '/' . CURRENT_PAGE);
        $recoverCode = Qs_Request::getGetValue('code');
        if (!$recoverCode) {
            $this->_setBackError(self::MSG_CODE_ERROR);
            $this->_doBack();
        }
        $this->dataObj->setPrimaryKeyByRecoverCode($recoverCode);
        $data = $this->dataObj->getData();
        if (empty($data)) {
            $this->_setBackError(self::MSG_CODE_ERROR);
            $this->_doBack();
        }
        if (strtotime($data['recoverCodeExpirationDate']) < time()) {
            $this->_setBackError(self::MSG_CODE_EXPIRED);
            $this->_doBack();
        }
        $this->dataObj->setPrimaryKey($data['id']);
        $this->dataObj->activatePassword();

        $this->_setBackUrl(BASE_URL_LANGUAGE . '/' . Qs_SiteMap::getAliasByItem('Application_User_Login_'));
        $this->_setBackMessage(self::MSG_ACTIVATED);

        $this->_doBack();
    }
}