File modules/cms/action/profile/ProfilePwAction.class.php

Last commit: Fri Apr 15 14:51:22 2022 +0200	dankert	Refactoring: User,Config and Database info is now stored in the Request, because so there is no session required for clients which are using Basic Authorization.


     1 <?php
     2 namespace cms\action\profile;
     3 use cms\action\Method;
     4 use cms\action\ProfileAction;
     5 use cms\base\Configuration;
     6 use cms\model\User;
     7 use language\Messages;
     8 use util\exception\ValidationException;
     9 use util\mail\Mail;
    10 
    11 class ProfilePwAction extends ProfileAction implements Method {
    12     public function view() {
    13 		// Kennwortänderung funktioniert natürlich nur in der internen Datenbank.
    14 		//
    15 		// Hier wird festgestellt, ob der Benutzer sich über die interne Datenbank angemeldet hat.
    16 		// Nur dann kann man auch sein Kennwort ändern.
    17 		$user             = $this->currentUser;
    18 		$pwchangePossible = $user->type == User::AUTH_TYPE_INTERNAL;
    19 		$this->setTemplateVar('pwchange_enabled', $pwchangePossible);
    20     }
    21 
    22 
    23 
    24     public function post() {
    25 
    26 		$pwMinLength = Configuration::subset(['security','password'])->get('min_length',10);
    27 
    28 		if	( $this->user->type != User::AUTH_TYPE_INTERNAL )
    29 			throw new \LogicException('password change only possible for internal users.');
    30 
    31 		if	( ! $this->user->checkPassword( $this->request->getText('act_password') ) )
    32 			throw new ValidationException('act_password');
    33 
    34 		if	( $this->request->getText('password1') == '' )
    35 			throw new ValidationException('password1');
    36 
    37 		if ( $this->request->getText('password1') != $this->request->getText('password2') )
    38 			throw new ValidationException('password2', Messages::PASSWORDS_DO_NOT_MATCH);
    39 
    40 		if ( strlen($this->request->getText('password1'))<$pwMinLength )
    41 			throw new ValidationException('password1',Messages::PASSWORD_MINLENGTH,array('minlength'=> $pwMinLength));
    42 
    43 		$this->user->setPassword( $this->request->getText('password1') );
    44 		$this->addNoticeFor( $this->user,Messages::SAVED);
    45 
    46 		// Send mail to user to inform about the new password.
    47 		if   ( $this->user->mail ) {
    48 			$mail = new Mail( $this->user->mail,Messages::MAIL_PASSWORD_CHANGE_SUCCESS_SUBJECT,Messages::MAIL_PASSWORD_CHANGE_SUCCESS);
    49 			$mail->send();
    50 		}
    51     }
    52 }



Download modules/cms/action/profile/ProfilePwAction.class.php


History
Fri, 15 Apr 2022 14:51:22 +0200	dankert	Refactoring: User,Config and Database info is now stored in the Request, because so there is no session required for clients which are using Basic Authorization.
Wed, 27 Oct 2021 02:27:59 +0200	Jan Dankert	Refactoring: Splitted the mail client into a.) sendmail and b.) smtp.
Sun, 14 Mar 2021 23:51:49 +0100	Jan Dankert	Refactoring: Using the ValidationException where possible.
Fri, 26 Feb 2021 01:06:01 +0100	Jan Dankert	Refactoring accessing the request parameter values.
Fri, 27 Nov 2020 20:11:28 +0100	Jan Dankert	New: Send mail to user after login and after the password has changed.
Thu, 19 Nov 2020 14:49:58 +0100	Jan Dankert	Fix: Action::addNotice() is replaced by Action::addNoticeFor()
Tue, 17 Nov 2020 23:51:00 +0100	Jan Dankert	Refactoring: Every Actionmethod has now its own class.