LoginPasswordcodeAction.class.php (1494B)
1 <?php 2 namespace cms\action\login; 3 use cms\action\LoginAction; 4 use cms\action\Method; 5 use cms\model\User; 6 use language\Messages; 7 use logger\Logger; 8 use security\Password; 9 use util\exception\ValidationException; 10 use util\mail\Mail; 11 use util\Session; 12 13 14 class LoginPasswordcodeAction extends LoginAction implements Method { 15 public function view() { 16 17 } 18 public function post() { 19 20 $username = Session::get(Session::KEY_PASSWORD_COMMIT_NAME); 21 22 if ( $this->request->getText("code")=='' || 23 Session::get(Session::KEY_PASSWORD_COMMIT_CODE) != $this->request->getText("code") ) 24 throw new ValidationException( 'code',Messages::PASSWORDCODE_NOT_MATCH ); 25 26 $user = User::loadWithName( $username,User::AUTH_TYPE_INTERNAL ); 27 28 if ( $user && $user->isValid() ) 29 { 30 $newPw = Password::createPassword(); // Neues Kennwort erzeugen. 31 32 $eMail = new Mail($user->mail, Messages::MAIL_SUBJECT_PASSWORD_NEW,Messages::MAIL_TEXT_PASSWORD_NEW); 33 $eMail->setVar('name' ,$user->getName()); 34 $eMail->setVar('password',$newPw ); 35 36 try { 37 $eMail->send(); 38 $user->setPassword( $newPw, false ); // Kennwort muss beim n?. Login ge?ndert werden. 39 } catch( \Exception $e ) { 40 Logger::warn( $e ); 41 Logger::warn('Mail could not be sent: '.$user->mail); 42 } 43 } 44 45 sleep(1); 46 Password::delay(); 47 48 // For security reasons: 49 // Always display this message, so no one is able to find out if a username exists. 50 $this->addNoticeFor( null,Messages::MAIL_SENT ); 51 } 52 }