PasswordResetForm::save()   A
last analyzed

Complexity

Conditions 3
Paths 3

Size

Total Lines 19
Code Lines 9

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
dl 0
loc 19
rs 9.4285
c 0
b 0
f 0
cc 3
eloc 9
nc 3
nop 0
1
<?php
2
3
class PasswordResetForm extends CFormModel
0 ignored issues
show
Coding Style Compatibility introduced by
PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions.

You can fix this by adding a namespace to your class:

namespace YourVendor;

class YourClass { }

When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries.

Loading history...
4
{
5
	/**
6
	 * The user's new password
7
	 * @var string $password
8
	 */
9
	public $password;
10
11
	/**
12
	 * The user's new password repeated
13
	 * @var string $password_repeat
14
	 */
15
	public $password_repeat;
16
17
	/**
18
	 *
19
	 * @var string $reset_key
20
	 */
21
	public $reset_key;
22
23
	/**
24
	 * The user model
25
	 * @var Users $_user
26
	 */
27
	private $_user;
28
29
	/**
30
	 * The hash model
31
	 * @var UserMetadata $_hash
32
	 */
33
	private $_hash;
34
35
	/**
36
	 * The expires model
37
	 * @var UserMetadata $_expires
38
	 */
39
	private $_expires;
40
41
	/**
42
	 * Validation rules
43
	 * @return array
44
	 */
45
	public function rules()
46
	{
47
		return array(
48
			array('password, password_repeat, reset_key', 'required'),
49
			array('password', 'compare'),
50
			array('password', 'length', 'min'=>8),
51
			array('reset_key', 'validateResetKey')
52
		);
53
	}
54
55
	/**
56
	 * Attribute labels
57
	 * @return array
58
	 */
59
	public function attributeLabels()
60
	{
61
		return array(
62
			'password' 			=> Yii::t('ciims.models.PasswordResetForm', 'Your New Password'),
63
			'password_repeat' 	=> Yii::t('ciims.models.PasswordResetForm', 'Your New Password (again)'),
64
			'reset_key' 		=> Yii::t('ciims.models.PasswordResetForm', 'Your Password Reset Token'),
65
		);
66
	}
67
68
	/**
69
	 * Validates that the reset key is valid and that it belongs to a user
70
	 * @param array $attributes
71
	 * @param array $params
72
	 * @return boolean
73
	 */
74
	public function validateResetKey($attributes=array(), $params=array())
75
	{
76
		// Validate that we have a hash for this user
77
		$this->_hash = UserMetadata::model()->findByAttributes(array('key'=>'passwordResetCode', 'value'=>$this->reset_key));
78
		if ($this->_hash == NULL)
79
		{
80
			$this->addError('reset_key', Yii::t('ciims.models.PasswordResetForm', 'The activation key you provided is invalid'));
81
			return false;
82
		}
83
84
		// Validate that the expiration time has not passed
85
		$this->_expires = UserMetadata::model()->findByAttributes(array('user_id'=>$this->_hash->user_id, 'key'=>'passwordResetExpires'));
86
		if ($this->_expires == NULL || time() > $this->_expires->value)
87
		{
88
			$this->addError('reset_key', Yii::t('ciims.models.PasswordResetForm', 'The activation key you provided is invalid'));
89
			return false;
90
		}
91
92
		// Retrieve the user
93
		$this->_user = Users::model()->findByPk($this->_hash->user_id);
94
		if ($this->_user == NULL)
95
		{
96
			$this->addError('reset_key', Yii::t('ciims.models.PasswordResetForm', 'The activation key you provided is invalid'));
97
			return false;
98
		}
99
100
		return true;
101
	}
102
103
	/**
104
	 * Resets the user's password
105
	 * @return boolean
106
	 */
107
	public function save()
108
	{
109
		if (!$this->validate())
110
			return false;
111
112
		// Update the user's password
113
		$this->_user->password = $this->password;
114
115
		if ($this->_user->save())
116
		{
117
			// Delete the hash and expires to prevent reuse attemps
118
			$this->_hash->delete();
119
			$this->_expires->delete();
120
121
			return true;
122
		}
123
124
		return false;
125
	}
126
}
127