<?php
/**
* @file classes/user/form/ResetPasswordForm.php
*
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class ResetPasswordForm
*
* @ingroup user_form
*
* @brief Form to reset a user's password.
*/
namespace PKP\user\form;
use APP\facades\Repo;
use APP\template\TemplateManager;
use PKP\form\Form;
use PKP\form\validation\FormValidator;
use PKP\form\validation\FormValidatorCSRF;
use PKP\form\validation\FormValidatorCustom;
use PKP\form\validation\FormValidatorLength;
use PKP\form\validation\FormValidatorPost;
use PKP\security\Validation;
use PKP\session\SessionManager;
class ResetPasswordForm extends Form
{
/** @var object */
protected $_user;
/** @var object */
protected $_site;
/** @var string */
protected $_hash;
/**
* Constructor.
*/
public function __construct($user, $site, $hash)
{
parent::__construct('user/userPasswordReset.tpl');
$this->_user = $user;
$this->_site = $site;
$this->_hash = $hash;
$this->addCheck(new FormValidatorLength($this, 'password', 'required', 'user.register.form.passwordLengthRestriction', '>=', $site->getMinPasswordLength()));
$this->addCheck(new FormValidator($this, 'password', 'required', 'user.profile.form.newPasswordRequired'));
$form = $this;
$this->addCheck(new FormValidatorCustom($this, 'password', 'required', 'user.register.form.passwordsDoNotMatch', function ($password) use ($form) {
return $password == $form->getData('password2');
}));
$this->addCheck(new FormValidatorPost($this));
$this->addCheck(new FormValidatorCSRF($this));
}
/**
* Get the user associated with this password
*/
public function getUser()
{
return $this->_user;
}
/**
* Get the site
*/
public function getSite()
{
return $this->_site;
}
/**
* Get the password reset hash
*/
public function getHash()
{
return $this->_hash;
}
/**
* @copydoc Form::display
*
* @param null|mixed $request
* @param null|mixed $template
*/
public function display($request = null, $template = null)
{
$templateMgr = TemplateManager::getManager($request);
$templateMgr->assign([
'minPasswordLength' => $this->getSite()->getMinPasswordLength(),
'username' => $this->getUser()->getUsername(),
'hash' => $this->getHash(),
]);
parent::display($request, $template);
}
/**
* Assign form data to user-submitted data.
*/
public function readInputData()
{
$this->readUserVars(['username', 'hash', 'password', 'password2']);
}
/**
* @copydoc Form::execute()
*/
public function execute(...$functionArgs)
{
$user = $this->getUser();
$user->setPassword(Validation::encryptCredentials($user->getUsername(), $this->getData('password')));
$user->setMustChangePassword(0);
SessionManager::getManager()->invalidateSessions($user->getId());
Repo::user()->edit($user);
parent::execute(...$functionArgs);
return true;
}
/**
* Validate the password reset hash
*/
public function validatePasswordResetHash()
{
if (Validation::verifyPasswordResetHash($this->getUser()->getId(), $this->getHash())) {
return true;
}
return false;
}
/**
* Display the error page when passed invalid password reset hash
*
* @param null|mixed $template
*/
public function displayInvalidHashErrorMessage($request, $template = null)
{
$this->setTemplate('frontend/pages/error.tpl');
$templateMgr = TemplateManager::getManager($request);
$templateMgr->assign([
'errorMsg' => 'user.login.lostPassword.invalidHash',
'backLink' => $request->url(null, null, 'lostPassword'),
'backLinkLabel' => 'user.login.resetPassword',
]);
parent::display($request, $template);
}
}
|