user->role != Users_Model_User::ROLE_ADMIN && $this->underMaintenance) { return $this->_redirectForMaintenance(); } } public function indexAction() { $appSession = Zend_Registry::get('appSession'); if (isset($appSession->recoverPasswordForm)) { $this->view->form = $appSession->recoverPasswordForm; unset($appSession->recoverPasswordForm); } else { $this->view->form = new Users_Form_RecoverPassword(); } $this->_helper->actionStack('index', 'login', 'users'); } public function sendAction() { $form = new Users_Form_RecoverPassword(); $formData = $this->_request->getPost(); $form->populate($formData); if (!$form->isValid($formData)) { $appSession = Zend_Registry::get('appSession'); $appSession->recoverPasswordForm = $form; return $this->_forward('index'); } $users = new Users_Model_Users(); $user = $users->getUserWithEmail($form->getValue('email')); if (!$user) { $form->email->addError($this->view->translate('This E-mail is not registered in the system')); $appSession = Zend_Registry::get('appSession'); $appSession->recoverPasswordForm = $form; return $this->_forward('index'); } $user->token = Users_Model_User::generateToken(); $user->save(); $file = CommunityID_Resources::getResourcePath('passwordreset_mail.txt'); $emailTemplate = file_get_contents($file); $emailTemplate = str_replace('{userName}', $user->getFullName(), $emailTemplate); $emailTemplate = str_replace('{IP}', $_SERVER['REMOTE_ADDR'], $emailTemplate); // $_SERVER['SCRIPT_URI'] is not always available $URI = self::getProtocol() . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; preg_match('#(.*)/users/recoverpassword#', $URI, $matches); $emailTemplate = str_replace('{passwordResetURL}', $matches[1] . '/users/recoverpassword/reset?token=' . $user->token, $emailTemplate); $this->_sendMail($user->email, $this->view->translate('Community-ID password reset'), $emailTemplate); $this->_helper->FlashMessenger->addMessage($this->view->translate('Password reset E-mail has been sent')); $this->_redirect(''); } public function resetAction() { $users = new Users_Model_Users(); $user = $users->getUserWithToken($this->_getParam('token')); if (!$user) { $this->_helper->FlashMessenger->addMessage($this->view->translate('Wrong Token')); $this->_redirect(''); return; } $newPassword = $user->generateRandomPassword(); $user->setClearPassword($newPassword); // reset token $user->token = Users_Model_User::generateToken(); $user->save(); $file = CommunityID_Resources::getResourcePath('passwordreset2_mail.txt'); $emailTemplate = file_get_contents($file); $emailTemplate = str_replace('{userName}', $user->getFullName(), $emailTemplate); $emailTemplate = str_replace('{password}', $newPassword, $emailTemplate); $this->_sendMail($user->email, $this->view->translate('Community-ID password reset'), $emailTemplate); $this->_helper->FlashMessenger->addMessage($this->view->translate('You\'ll receive your new password via E-mail')); $this->_redirect(''); } private function _sendMail($to, $subject, $body) { if (strtolower($this->_config->email->transport) == 'smtp') { Zend_Mail::setDefaultTransport(new Zend_Mail_Transport_Smtp($this->_config->email->host, $this->_config->email->toArray())); } else { Zend_Mail::setDefaultTransport(new Zend_Mail_Transport_Sendmail()); } $mail = new Zend_Mail('utf-8'); $mail->setBodyText($body); $mail->setFrom($this->_config->email->supportemail); $mail->addTo($to); $mail->setSubject($subject); $mail->send(); } }