Added reset password view file

ccnz · Apr 5, 2009 · c41b4f4 · c41b4f4
1 parent 83452d9
commit c41b4f4
Show file tree

Hide file tree

Showing 6 changed files with 220 additions and 33 deletions.
diff --git a/.ftpssh_settings b/.ftpssh_settings
diff --git a/.gitignore b/.gitignore
diff --git a/.htaccess b/.htaccess
diff --git a/application/controllers/login.php b/application/controllers/login.php
@@ -106,5 +106,162 @@ public function index()
         $this->template->errors = $errors;
         $this->template->form = $form;
         $this->template->form_error = $form_error;
-    }	
-}
+    }
+
+    /**
+     * Reset password upon user request.
+     */
+    public function resetpassword()
+    {
+    	$this->template = new View('admin/reset_password');
+
+		$this->template->title = 'Password Reset';
+		$form = array
+	    (
+	        //'user_id'   => '',
+			'email' 	=> '',
+	    );
+
+		//  copy the form as errors, so the errors will be stored with keys corresponding to the form field names
+	    $errors = $form;
+		$form_error = FALSE;
+		$form_saved = FALSE;
+		$form_action = "";
+
+		// check, has the form been submitted, if so, setup validation
+	    if ($_POST)
+	    {
+	        $post = Validation::factory($_POST);
+
+	         //  Add some filters
+	        $post->pre_filter('trim', TRUE);
+
+	        // Add some rules, the input field, followed by a list of checks, carried out in order
+			///$post->add_rules('username','required','length[3,16]', 'alpha');
+			$post->add_rules('email','required','email','length[4,64]');
+
+			$post->add_callbacks('email', array($this,'email_exists_chk'));
+
+			if ($post->validate())
+	    	{
+				$user = ORM::factory('user',$post->email);
+
+				// Existing User??
+				if ($user->loaded==true)
+				{
+					//$user->username = $post->username;
+					$new_password = $this->_generate_password();
+					$details_sent = $this->_email_details($post->email,$user->username,$new_password );
+					if( $details_sent ) {
+						$user->email = $post->email;
+
+						$user->password = $new_password;
+
+						$user->save();
+					}
+					$form_saved = TRUE;
+					$form_action = "EDITED";
+				}
+
+			}
+            else
+            {
+				// repopulate the form fields
+	            $form = arr::overwrite($form, $post->as_array());
+
+	            // populate the error fields, if any
+	            $errors = arr::overwrite($errors, $post->errors('auth'));
+				$form_error = TRUE;
+			}
+	    }
+
+        $this->template->form = $form;
+	    $this->template->errors = $errors;
+		$this->template->form_error = $form_error;
+		$this->template->form_saved = $form_saved;
+		$this->template->form_action = $form_action;
+
+		// Javascript Header
+		//TODO create reset_password js file.
+		$this->template->js = new View('admin/reset_password_js');
+	}
+
+	/**
+	 * Checks if username already exists.
+     * @param Validation $post $_POST variable with validation rules
+	 */
+	public function username_exists_chk(Validation $post)
+	{
+		$users = ORM::factory('user');
+		// If add->rules validation found any errors, get me out of here!
+		if (array_key_exists('username', $post->errors()))
+			return;
+
+		if( $users->username_exists($post->username) )
+			$post->add_error( 'username', 'exists');
+	}
+
+	/**
+	 * Checks if email address is associated with an account.
+	 * @param Validation $post $_POST variable with validation rules
+	 */
+	public function email_exists_chk( Validation $post )
+	{
+		$users = ORM::factory('user');
+		if( array_key_exists('email',$post->errors()))
+			return;
+
+		if( !$users->email_exists( $post->email ) )
+			$post->add_error('email','invalid');
+	}
+
+	/**
+	 * Generate random password for the user.
+	 * 
+	 * @return the new password
+	 */
+	public function _generate_password()
+	{
+		$password_chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+		$chars_length = strlen( $password_chars ) - 1;
+		$password = NULL;
+
+		for( $i = 0; $i < 8; $i++ )
+		{
+			$position = mt_rand(0,$chars_length);	
+			$password .= $password_chars[$position];
+		}
+
+		return $password;	
+	}
+
+	/**
+	 * Email details to the user.
+	 * 
+	 * @param the email address of the user requesting a password reset.
+	 * @param the username of the user requesting a password reset.
+	 * @param the new generated password.
+	 * 
+	 * @return void.
+	 */
+	public function _email_details( $email, $username,$password )
+	{
+		$to = $email;
+		$from = '[email protected]';
+		$subject = 'Ushahidi password reset.';
+		$message = 'Please per your request. See below for your new password.\n\r';
+		$message .= "Username: $username\n\r";
+		$message .= "Password: $password\n\r";
+
+		//email details
+		if( email::send( $to, $from, $subject, $message, TRUE ) == 1 )
+		{
+			return TRUE;
+		}
+		else 
+		{
+			return FALSE;
+		}
+
+	}	
+}
diff --git a/application/views/admin/reset_password.php b/application/views/admin/reset_password.php
@@ -0,0 +1,41 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+<title>Reset Password</title>
+<link href="<?php echo url::base() ?>media/css/admin/login.css" rel="stylesheet" type="text/css" />
+</head>
+
+<body>
+<div id="ushahidi_login_container">
+    <div id="ushahidi_login_logo"><img src="<?php echo url::base() ?>media/img/admin/logo_login.gif" width="400" height="80" /></div>
+    <div id="ushahidi_login">
+      <table width="100%" border="0" cellspacing="3" cellpadding="4" background="" id="ushahidi_loginbox">
+        <form method="POST" name="frm_reset" style="line-height: 100%; margin-top: 0; margin-bottom: 0">     
+			<?php
+			 if ($form_error) { ?>
+            <tr>
+              	<td align="left" class="login_error">
+				<?php
+				foreach ($errors as $error_item => $error_description)
+				{
+					// print "<li>" . $error_description . "</li>";
+					print (!$error_description) ? '' : "&#8226;&nbsp;" . $error_description . "<br />";
+				}
+				?>
+				</td>
+            </tr>
+			<?php } ?>
+            <tr>
+              <td><strong>Enter email address used for registration:</strong><br />
+              <input type="text" name="email" id="email" class="login_text" /></td>
+            </tr>
+            <tr>
+              <td><input type="submit" id="submit" name="submit" value="Reset password" class="login_btn" /></td>
+            </tr>
+        </form>
+      </table>
+  </div>
+</div>
+</body>
+</html>
diff --git a/application/views/admin/reset_password_js.php b/application/views/admin/reset_password_js.php
@@ -0,0 +1,20 @@
+/**
+ * JS to validates email field when a user is resting his/her password.
+ *
+ * PHP version 5
+ * LICENSE: This source file is subject to LGPL license 
+ * that is available through the world-wide-web at the following URI:
+ * http://www.gnu.org/copyleft/lesser.html
+ * @author     Ushahidi Team <[email protected]> 
+ * @package    Ushahidi - http://source.ushahididev.com
+ * @module     Alerts Controller  
+ * @copyright  Ushahidi - http://www.ushahidi.com
+ * @license    http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License (LGPL) 
+ */
+
+	function fillFields(email)
+	{
+		$('#email').attr("value",unescape( email ) );
+
+	}
+